This ApI is Deprected, Please Click here to use new API


To access the API, application should first authenticate using the credentials shared and get the access token issued. Same access token to be used to access subsequent APIs. Access token will be configured to expire after 360 minutes. On expiry, same authentication API needs to be invoked to get new Access Token issued. The API header information is used for authentication and authorization purpose.

Sequence Diagram

The format and details of a sample API request is depicted in following table.






Request Header



Client_id to be provided by E-WAY BILL SYSTEM


Secret to be provided by E-WAY BILL SYSTEM


GSTIN of the requesting Tax Payer

Request Payload

Attributes Description Value
username Username of Tax payer as created on Ewaybill portal for API Integration (Tax payer will use the option Mainmenu->Registration->GSP to register under GSP OR Tax payer will use the option Mainmenu->Registration->API to register directly for API Interface)
password Password of Tax payer as in Ewaybill portal for API Integration Encrypt(password, Ewaybill Public Key)
app_key Any 32 character random unique id generated by user identifying unique user session. App_key will be encrypted using Public key of E-WAY BILL using RSA algorithm

Response Payload

Attributes Description Values
status Status of Authentication request 0 – for Failure; 1 – for Success
authtoken Authorization token is a universally unique identifier (UUID). Eg:  30431124-5cbd-4045-   9840-4ebb18d70265",
sek Session Encryption key (SEK) is a 32 bit random secure key generated using AES 256 algorithm in the EWB system  App_key will be used as key to encrypt the Session Encryption key (SEK) using AES 256 (AES/ECB/PKCS7Padding) algorithm Eg: "IaxLuJcsqILZuYQX828I TxXlrRUM1ebdEIaqEXnlaK +xK/U7ZuM5xAayg7RB7mWp

Sample JSON (Request)

Authentication Request

"app_key":"e1d65bgSeTrTatc7atLhKWyUbM/ekfbAWu2dFMfyNuYS+ =="

Sample JSON (Response)

Authentication Response


Frequently Asked Questions

  1. Getting error 'Invalid Auth Token' while generating an e-Way bill through API and it is getting expired with in 6 Hours.
  2. A. Auth Token will be active for 6 hours since the first successful login. Even If the the Auth API is called again before 6 hours, same token will be returned and the time is not reset. Hence you can generate new Auth token only when it expires after 6 hours. For example: If you have authenticated at 12:00, token will be active till 06:00 If auth API is called at 02:00, still the same token will be active till 06:00 and NOT till 08:00