Frequent errors from ESPs and CAs

Frequent errors from ESPs and CAs

ESP Error


Error Code 

Error message 

ESP-901 

Invalid Authentication Mode 

ESP-902 

Invalid ASP ID. It cannot be Empty 

ESP-903 

Invalid ASP ID. It may not exist or may be inactive. 

ESP-905 

Document Hash not received 

ESP-906 

UID Token does not match 

ESP-907 

Request Time Stamp cannot be Empty 

ESP-908 

Request Time Stamp is not valid. Please check the server time. 

ESP-909 

Transaction ID cannot be Empty 

ESP-910 

Duplicate Transaction ID for the given ASP. 

ESP-911 

Input XML Signature verification failed. 

ESP-922 

Invalid Signature on Input XML. Please use the corresponding certificate mapped with ESP. 

ESP-944 

User terminated eKYC process 

ESP-945 

User terminated eKYC process after OTP Generation 

ESP-946 

User interface page expired 

ESP-991 

ESP Database Connectivity Error 

ESP-992 

Input XML Parsing Error. 

ESP-993 

Error Parsing CA Response XML 

ESP-999 

Unknown Error 


UIDAI Errors

Error Code 

Details

100

Personal information demographic data did not match.

200

Personal address demographic data did not match.

300

Biometric data did not match.

310

Duplicate fingers used.

311

Duplicate Irises used.

312

FMR and FIR cannot be used in same transaction.

313

Single FIR record contains more than one finger.

314

Number of FMR/FIR should not exceed 10.

315

Number of IIR should not exceed 2.

316

Number of FID should not exceed 1.

330

Biometrics locked by Aadhaar holder.

400

Invalid OTP value.

402

“txn” value did not match with “txn” value used in Request OTP API.

500

Invalid encryption of session key.

501

Invalid certificate identifier in “ci” attribute of “Skey”.

502

Invalid encryption of PID.

503

Invalid encryption of Hmac.

504

Session key re-initiation required due to expiry or key out of sync.

505

Synchronized Key usage not allowed for the AUA.

510

Invalid Auth XML format.

511

Invalid PID XML format.

512

Invalid Aadhaar holder consent in “rc” attribute of “Auth”.

520

Invalid “tid” value.

521

Invalid “dc” code under Meta tag.

524

Invalid “mi” code under Meta tag.

527

Invalid “mc” code under Meta tag.

530

Invalid authenticator code.

540

Invalid Auth XML version.

541

Invalid PID XML version.

542

AUA not authorized for ASA. This error will be returned if AUA and ASA do not have linking in the portal.

543

Sub-AUA not associated with “AUA”. This error will be returned if Sub-AUA specified in “sa” attribute is not added as “Sub-AUA” in portal.

550

Invalid “Uses” element attributes.

551

Invalid “tid” value.

553

Registered devices currently not supported. This feature is being implemented in a phased manner.

554

Public devices are not allowed to be used.

555

rdsId is invalid and not part of certification registry.

556

rdsVer is invalid and not part of certification registry.

557

dpId is invalid and not part of certification registry.

558

Invalid dih.

559

Device Certificate has expired.

560

DP Master Certificate has expired.

561

Request expired (“Pid->ts” value is older than N hours where N is a configured threshold in authentication server).

562

Timestamp value is future time (value specified “Pid->ts” is ahead of authentication server time beyond acceptable threshold).

563

Duplicate request (this error occurs when exactly same authentication request was re-sent by AUA).

564

HMAC Validation failed.

565

AUA license has expired.

566

Invalid non-decryptable license key.

567

Invalid input (this error occurs when unsupported characters were found in Indian language values, “lname” or “lav”).

568

Unsupported Language.

569

Digital signature verification failed (means that authentication request XML was modified after it was signed).

570

Invalid key info in digital signature (this means that certificate used for signing the authentication request is not valid – it is either expired, or does not belong to the AUA or is not created by a well-known Certification Authority). 

571

PIN requires reset.

572

Invalid biometric position.

573

Pi usage not allowed as per license.

574

Pa usage not allowed as per license.

575

Pfa usage not allowed as per license.

576

FMR usage not allowed as per license.

577

FIR usage not allowed as per license.

578

IIR usage not allowed as per license.

579

OTP usage not allowed as per license.

580

PIN usage not allowed as per license.

581

Fuzzy matching usage not allowed as per license.

582

Local language usage not allowed as per license.

586

FID usage not allowed as per license. This feature is being implemented in a phased manner.

587

Name space not allowed.

588

Registered device not allowed as per license.

590

Public device not allowed as per license.

710

Missing “Pi” data as specified in “Uses”.

720

Missing “Pa” data as specified in “Uses”.

721

Missing “Pfa” data as specified in “Uses”.

730

Missing PIN data as specified in “Uses”.

740

Missing OTP data as specified in “Uses”.

800

Invalid biometric data.

810

Missing biometric data as specified in “Uses”.

811

Missing biometric data in CIDR for the given Aadhaar number.

812

Aadhaar holder has not done “Best Finger Detection”. Application should initiate BFD to help Aadhaar holder identify their best fingers.

820

Missing or empty value for “bt” attribute in “Uses” element.

821

Invalid value in the “bt” attribute of “Uses” element.

822

Invalid value in the “bs” attribute of “Bio” element within “Pid”.

901

No authentication data found in the request (this corresponds to a scenario wherein none of the auth data – Demo, Pv, or Bios – is present).

902

Invalid “dob” value in the “Pi” element (this corresponds to a scenarios wherein “dob” attribute is not of the format “YYYY” or “YYYYMM-DD”, or the age is not in valid range).

910

Invalid “mv” value in the “Pi” element.

911

Invalid “mv” value in the “Pfa” element.

912

Invalid “ms” value.

913

Both “Pa” and “Pfa” are present in the authentication request (Pa and Pfa are mutually exclusive).

930 to 939

Technical error that are internal to authentication server.

940

Unauthorized ASA channel.

941

Unspecified ASA channel.

950

OTP store related technical error.

951

Biometric lock related technical error.

980

Unsupported option.

995

Aadhaar suspended by competent authority.

996

Aadhaar cancelled (Aadhaar is no in authenticable status).

997

Aadhaar suspended (Aadhaar is not in authenticatable status).

998

Invalid Aadhaar Number.

999

Unknown error.


    • Related Articles

    • Aadhar Transaction Biometric Errors

      This article guides troubleshooting common errors encountered during Aadhar biometric transactions by providing clear explanations of error codes, possible causes, and actionable solutions. Error Code Error Description Error Details Recommended Steps ...
    • DSC Esign Frequent Issues

      Error during installation This error message appears while installing the Leegality DSC Utility - to prevent this error, install the application by running the setup as an administrator. Signing Journey Errors 1.) Leegality DSC Utility is not ...
    • NeSL eSign

      How to activate Account settings >> Department >> eSignature To activate NeSL eSign, “NeSL eSign” needs to be enabled. NeSL eSign can be made the Default signature type using the Default toggle. NeSL eSign settings can be configured by clicking on ...
    • Cloud DSC

      Cloud DSC is a way to apply IT Act-compliant digital signatures, without having to possess a physical token that is necessary for traditional DSC token-based signing. Users can simply complete a 100% online, one-time verification process, following ...
    • eSIGN AND SEALS

      Use the eSign and Seals tab to set up and configure different types of eSigns and their appearances. This is going to be especially useful if you are a regular signer on Leegality’s growing platform; your configurations will be prepopulated when you ...