Consent to get GST Data

You are here:
Estimated Reading Time: 1 Minutes

Your GST Returns data is available on GST system. For better security and empowering the taxpayer to take control of data sharing, any application that seeks to get your data from GST system directly, you need to give an explicit consent

Only GST Suvidha Providers (GSPs) can connect directly to GST system.

As a taxpayer, you need to give two types of consents

  1. One-time consent by enabling API access

This consent means that your data can be fetched using APIs by any application but via a GSP and after a secured session is established via OTP. Unless API access is enabled no applications nor GSPs are authorised to get the data

While enabling API access, you also need to set the duration of the secured session. This duration will be applicable on on-going basis.

  1. OTP based consent on need basis

Just enabling API access does not mean your data can be fetched by any system. To get data from GST system or send data, authenticity of taxpayer and taxpayers’ systems needs to be established. This helps to avoid misuse of data and keeps in check unauthorised access.

Once the authenticity of taxpayer and the requesting application is established via OTP, any interaction with GST system can be performed for the duration as set for secured session. After the duration expiry, a new session needs to be established via OTP.

The session duration can be set as either 6 hours or 30 days. It is important to note, once your start a session via OTP it is effective for 6 hours. You can extend the validity without the need for OTP within 24 hours of OTP generation.

Duration Set on GST portal Effective duration of OTP session Extension of session without OTP Activating GST session again
6 hours 6 hours Not applicable After 6 hours – Need OTP
30 days 6 hours
  • To be done Within 24 hours of OTP generation.
  • To keep session active for 30 days, every 24 hours, validity to be extended
  • If validity is extended not extended within 24 hours – OTP needed
  • After 30 days – Need OTP

OTP based consent adds a layer of security. 

It should be noted that OTP is sent to the mobile and email registered on GST portal. Also check the common issues that you could face in OTP generation and resolution for the same.

Search GSTIN