Search
K

Building your first app

  1. Konera lets you build seperate apps with customizable profile and dedicated analytics and logging
  2. Create a new application in app section, choose a name and set a client id to use in your client side code
  3. Register the API's that you want to enable for your newly created app

Base URL

All API requests are routed through:

https://in.api.konera.com/

Architectural Flow

  1. Your client application initiates a request.
  2. The request is routed to the Konera Aggregator.
  3. The Aggregator uses the Telco Finder service to identify the correct MNO based on the subscriber's phone number.
  4. The Aggregator translates the CAMARA request into the MNO's format and executes the call.
  5. The MNO returns the result; the Aggregator normalizes it to CAMARA and returns it to you.

Authentication and Authorization

All Konera APIs require an access token from the authorization server auth.konera.com. The token endpoint is separate from the public API domain for security.

Client Credentials Flow (Two-Legged)

Use this flow for APIs that operate on non-personal data or where user consent is not required (e.g. SIM Swap, KYC Match, Device Roaming, Location, Number Recycling).

StepActionEndpointDetails
1Request TokenPOST https://auth.konera.com/auth/realms/konera/protocol/openid-connect/tokenUse grant_type=client_credentials
2API CallPOST https://in.api.konera.com/camara/...Include Authorization: Bearer <access_token>

Token request (cURL):

curl --location 'https://auth.konera.com/auth/realms/konera/protocol/openid-connect/token' \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --header 'Accept: */*' \
  --header 'Cache-Control: no-cache' \
  --data-urlencode 'grant_type=client_credentials' \
  --data-urlencode 'client_id=$CLIENT_ID' \
  --data-urlencode 'client_secret=$CLIENT_SECRET'

Using the token on an API call:

curl --location 'https://in.api.konera.com/camara/sim-swap/v2/check' \
  --header "Authorization: Bearer $TOKEN" \
  --header 'Content-Type: application/json' \
  --data '{ "phoneNumber": "+17147684731", "maxAge": 2400 }'

OIDC Authorization Code Flow (Three-Legged)

Use this flow for APIs that process personal data and require explicit user consent, such as Number Verification. The user is authenticated via the mobile network (no password or OTP).

StepActionEndpointDetails
1AuthorizeGET https://auth.konera.com/auth/authorizeInitiates mobile network authentication
2Token ExchangePOST https://auth.konera.com/auth/tokenExchanges authorization code for access token
3API CallPOST https://in.api.konera.com/camara/...Use the access token for the API

Step 1 – Authorization request:

curl --location --request GET "https://in.api.konera.com/auth/authorize\
?client_id=a8269786-bca5-431a-a6ad-226d85869133\
&login_hint=tel:+15143792381 ipport:106.145.0.10 ipport:[204:456:45]\
&response_type=code\
&scope=openid dpv:FraudPreventionAndDetection number-verification:verify\
&state=l3state\
&redirect_uri=https://client_backend/cb" \
  --header "Content-Type: application/x-www-form-urlencoded"

Step 2 – Redirect with code (on success):

Location: https://app_backend/cb?code=AUTH_CODE&state=STATE

Step 3 – Token exchange (use the token from section 2.1 in the Authorization header to call the token endpoint):

curl --location --request POST "https://in.api.konera.com/auth/token\
?code=<code_received_earlier>\
&state=l3State\
&grant_type=authorization_code\
&redirect_uri=https://client_backend/cb" \
  --header "Content-Type: application/x-www-form-urlencoded" \
  --header "Authorization: Bearer $token"

Token response example:

HTTP/1.1 200 OK
Content-Type: application/json

{
  "access_token": "eyJhbGciOi...",
  "token_type": "Bearer",
  "expires_in": 300,
  "scope": "openid dpv:FraudPreventionAndDetection number-verification:verify"
}

Use this 3-legged access_token for APIs like Number Verification:

POST /number-verification/v1/verify
Authorization: Bearer <access_token>
Content-Type: application/json

{ "phoneNumber": "+13541234567" }

Success response:

200 OK
{ "devicePhoneNumberVerified": true }