Deployment issue about esignet

ryan · December 9, 2025, 9:08am

Hello MOSIP Team,

I am currently deploying esignet locally using the Kubernetes-based installation method. Following the documentation in

deploy/README.md

v1.6.1

# Esignet Deployment in Kubernetes Environment
## Overview
* This guide will walk you through the deployment process of the Esignet application.
* The setup involves creating
  * Kubernetes cluster
  * Setting up Nginx
  * Installing Istio
  * Configuring storage class
  * Configuring the necessary dependent services
  * Deploying Esignet services
## Deployment
### K8 cluster
* Kubernetes cluster should be ready with storage class and ingress configured properly.
* Below is the document containing steps to create and configure K8 cluster.
  * __Onprem RKE CLuster__ : Create RKE K8 cluster using mentioned [steps](https://github.com/mosip/k8s-infra/tree/v1.2.0.2/mosip/on-prem#mosip-k8s-cluster-setup-using-rke).
      * __Persistence__ : Setup storage class as per [steps](https://github.com/mosip/k8s-infra/tree/v1.2.0.1/mosip/on-prem#storage-classes).
      * __Istio service mesh__ : Setup Istio service mesh using [steps](https://github.com/mosip/k8s-infra/tree/v1.2.0.2/mosip/on-prem#istio-for-service-discovery-and-ingress).
      * __Nginx__ : Setup and configure nginx as per [steps](https://github.com/mosip/k8s-infra/blob/v1.2.0.2/mosip/on-prem/nginx).
      * __Logging__ : Setup logging as per [steps](https://github.com/mosip/k8s-infra/tree/v1.2.0.2/logging).
      * __Monitoring__ : Setup monitoring consisting elasticsearch, kibana, grafana using [steps](https://github.com/mosip/k8s-infra/tree/v1.2.0.2/monitoring).

This file has been truncated. show original

, I have successfully deployed eSignet 1.6.1 inside the same MOSIP cluster(I already deployed a MOSIP cluster locally) and executed the onboarding process. The onboarding job completed without any visible errors (screenshot attached).

However, when I log into the Resident Portal and click UIN Services, the page redirects to eSignet but shows the following error:

“Client ID is invalid. Please try again.”

After checking the code, it appears that this Client ID is read by the Resident backend from its configuration file.

At this point, I am unsure how I should correctly configure the Client ID for Resident → eSignet integration. Is there any guidance or documentation on how these values should be mapped or registered during eSignet onboarding?

Could you please advise how to resolve this issue or direct me to the appropriate documentation?

Thank U

UPDATE

As a follow-up to my previous question, I have continued investigating the integration between Resident Portal and eSignet. After reviewing multiple documents, I believe the next step might be to create a client for the Resident Portal via the OIDC API.

In the eSignet deployment repository, I noticed the postman-collection folder, which contains APIs that appear to be used for registering clients. However, I still have several questions regarding the parameters required by the API:

{
  "id": "string",
  "version": "string",
  "requesttime": "{{$isoTimestamp}}",
  "metadata": {},
  "request": {
    "name": "{{$randomCompanyName}}",
    "policyId": "93482",
    "publicKey": {{client_public_key}},
    "authPartnerId": "{{relying_party_id}}",
    "logoUri": "{{$randomImageUrl}}",
    "redirectUris": [
      "{{redirection_url}}"
    ],
    "grantTypes": [
      "authorization_code"
    ],
    "clientAuthMethods": [
      "private_key_jwt"
    ]
  }
}

Could you please clarify the following?

What should be used for policyId, publicKey, authPartnerId, and redirectUris?
Should I create a new Authentication Policy for this client in the Partner Management Portal (PMP)?
The documentation mentions generating a key pair for the client. Where should the private key be stored? Should it be placed inside the Resident Service?
What exactly does authPartnerId refer to? Since Resident Portal is not listed as an authentication partner, should it be registered as one?
For redirectUris, should it be the base URL of the Resident Portal or a specific callback endpoint?

Any clarification or guidance on these points would be greatly appreciated.

Prathmesh_Jadhav · December 16, 2025, 11:28am

Hi there!

Thanks for reaching out.
We are looking into your query/feedback and will get back to you soon!
Until then, happy coding with MOSIP!

Best regards,
Team MOSIP

Prathmesh_Jadhav · December 17, 2025, 2:12pm

Hello ryan

Are you able to see the OIDC client ID added as a secret in his resident namespace in the setup?
Does an “invalid client ID” mean that the client ID is not present?
Also, are you able to check his eSignet database to verify whether the value is present there?

system · December 27, 2025, 2:12pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to get client credential for esignet	13	144	September 18, 2025
eSignet for Developers Client ID Developer esignet	2	65	February 25, 2025
Create esignet rely part eSignet	5	322	September 15, 2023
Problem On OIDC UI eSignet	13	181	July 24, 2024
Esignet on Local deployment - Relying party UI (Health Portal)	3	246	April 23, 2024

Deployment issue about esignet

Related topics