ESIC — employee state insurance verification
note
Status: Fixture Mode — Endpoint, schema, auth, and SDKs are production-grade. Responses are deterministic samples drawn from real regulator publications. Activates to live within 5–15 business days of order — no integration changes required.
What it does
Employees' State Insurance Corporation runs the medical-insurance scheme for sub-₹21K-salary employees. Our API exposes employer registration status, contribution recency, and IP coverage check — useful for payroll-compliance audits, vendor BGV, and tender-eligibility screening.
Base URL
https://esic.sahayakonline.co.in/v1/
Endpoints
| Method | Path | Description |
|---|---|---|
GET | /health | Liveness probe |
GET | /v1/esic/employer/{employer_code} | Employer registration status |
GET | /v1/esic/ip/verify | Verify IP (Insured Person) — consent flow |
Sample request
- cURL
- Python
- Node.js
curl -sS https://esic.sahayakonline.co.in/v1/esic/employer/12345678 \
-H "Authorization: Bearer $SAHAYAK_KEY" \
-H "Accept: application/json"
import os, requests
resp = requests.get(
"https://esic.sahayakonline.co.in/v1/esic/employer/12345678",
headers={"Authorization": f"Bearer {os.environ['SAHAYAK_KEY']}", "Accept": "application/json"},
timeout=10,
)
resp.raise_for_status()
print(resp.json())
const fetch = (await import('node-fetch')).default;
const resp = await fetch('https://esic.sahayakonline.co.in/v1/esic/employer/12345678', {
headers: {
'Authorization': `Bearer ${process.env.SAHAYAK_KEY}`,
'Accept': 'application/json',
},
});
console.log(await resp.json());
Sample response
{
"spec_ref": "spec_esic_v1",
"endpoint": "/v1/esic/employer/12345678",
"method": "GET",
"results": [
{
"employer_code": "12345678",
"name": "Sample Employer Pvt Ltd",
"status": "active",
"contribution_recency_months": 1,
"compliance_grade": "A"
}
],
"meta": { "fixture_mode": true, "note": "Activates to live data within 5–15 business days of order." }
}
Error codes
| Code | Meaning | Recommended action |
|---|---|---|
400 | Malformed request (missing required param, invalid format) | Fix request shape. Response body includes error.field pinpointing the issue. |
401 | Missing or invalid Authorization header | Verify key prefix matches your tier and that the header is Authorization: Bearer …. |
403 | Key valid but not entitled to this endpoint | Sandbox keys cannot call live-tier endpoints. Upgrade or request entitlement. |
404 | Resource not found | Check identifier format. Some endpoints return 200 with empty results[] instead of 404 — verify the endpoint convention. |
429 | Rate limit exceeded | Honor Retry-After header. Sandbox 30 r/m, Starter 300 r/m, Growth 1500 r/m. |
503 | Upstream regulator unreachable after retries | Live-tier only. Sahayak retries 3× with backoff before surfacing. Implement circuit-breaker on caller side. |
Rate limits
| Tier | Rate limit | Monthly cap |
|---|---|---|
| Sandbox | 30 r/min | 1,000 live calls (shared across 3 LIVE endpoints) |
| Starter | 300 r/min | 10,000 live calls |
| Growth | 1,500 r/min | 100,000 live calls |
| Scale | custom | 500,000+ |
SLA reference
See Status & SLA for uptime targets, latency targets, and incident communication. Live activation refreshes daily.