The Centre has revised its CoWIN API guidelines. The revised guidelines allow citizens to book vaccination slots through third-party applications.
The new guidelines state that “CoWIN APIs Services can be supplied to ASPs who intend to or are delivering COVID vaccination-related services and are registered for operations in India”.
Approved organisations can get real-time access to whitelisted data elements from CoWin. To improve the quality and reach, the ASPs can integrate the APIs into their app.
Reversal from an earlier stance
Currently, to register for COVID-19 vaccination and book slots, one must use the government-run CoWIN platform, or the Aarogya Setu app, or the UMANG app. Developers can only inform about the availability of slots and the download of coronavirus vaccination certificates.
The government had declared in April that it does not want to release CoWIN APIs because they deal with sensitive data and that a thorough data capture strategy must be implemented before third-party apps and services are allowed. However, the government changed its mind and decided to open up a few APIs. The revised guidelines will ease both the service providers and citizens to scale the vaccination drive.
How third-parties can access the API?
1. ASPs interested in using CoWIN APIs must first register themselves by sending an email to [email protected]. They must also designate an approved system administrator.
2. ASPs should follow the terms of service published by CoWIN.
3. Vaccination centers that use third-party apps are responsible for following all of the MoHFW’s rules, including keeping historical records and supporting papers for audit purposes.
4. ASPs using the Protected APIs are required to test their applications in a sandbox environment.
5. The ASP should provide evidence that the immunization center’s system is secure in terms of data security and that it complies with the Terms of Service before issuing production-level API keys.
You can read the notification here.