ULI Integration Playbook: Digital Credit & Land Records API

Understanding the Unified Lending Interface (ULI)

Before the launch of ULI, digital lending—specifically for agricultural, rural, and MSME segments—was crippled by extreme integration friction. A lender looking to evaluate a dairy farmer or a small landowner had to establish custom, proprietary API tunnels with individual state land record registries (which vary significantly in schema and uptime), milk cooperatives, tax departments, and local municipal corporations. ULI solves this by establishing a central Digital Public Infrastructure (DPI) managed under the aegis of the Reserve Bank of India (RBI) and Reserve Bank Innovation Hub (RBIH).

ULI serves as a common translator and data routing protocol. It exposes a single, standardized set of API endpoints to lenders (banks, NBFCs, and digital platforms), which internally maps to various data providers. This architecture drastically reduces the integration overhead for lenders: instead of managing 30 distinct API pipelines, they maintain a single connection to the ULI gateway, backed by secure, customer-mediated consent systems.

ULI vs. Account Aggregator (AA) vs. OCEN

Fintech product managers often confuse ULI with the Account Aggregator network and the Open Credit Enablement Network (OCEN). While they are complementary, they serve entirely different functions in the digital credit lifecycle:

• Account Aggregator (AA) Network: Focuses strictly on financial asset data. It retrieves bank statements, investment profiles, and tax filings. It does not provide non-financial records like land ownership, crop sowing patterns, or utility histories.
• Open Credit Enablement Network (OCEN): A communication protocol that defines how marketplaces (platforms where small businesses operate) interact with lenders to offer embedded financing at checkout. It handles loan application, monitoring, disbursement, and collections logic.
• Unified Lending Interface (ULI): A data-delivery infrastructure that focuses on making credit appraisal documents—both financial (AA data, tax filings) and non-financial (state land records, crop surveys, dairy payouts)—instantly available to lenders through unified consent.

Technical Architecture & Data Flows

The ULI system operates through four core participants:

1. Financial Information User (FIU): The Regulated Entity (RE)—typically a bank or NBFC—consuming data to assess creditworthiness and underwrite the loan.
2. ULI Gateway: The central infrastructure routing queries, handling API translation, and enforcing protocol rules.
3. Consent Manager (CM): The user-facing application interface that presents granular consent requests, collects digital approvals, and issues signed consent tokens.
4. Financial Information Provider (FIP) / Data Registry: The state land record portals, GSTN, CBDT, utilities, and other authorized database custodians.

When a borrower applies for a loan, the lending app initiates a consent request via ULI. This request details the exact parameters (which records are needed, why they are needed, how long they will be stored). The customer approves the request in a secure web view or native consent screen. Once approved, the ULI gateway receives the consent token, calls the respective state registries in parallel, consolidates the encrypted records, and delivers a structured JSON payload to the lender's underwriting system.

Integrating ULI APIs: Onboarding & Sandbox Setup

For engineering teams, onboarding onto ULI requires completing three distinct phases:

1. Sandbox Testing: Lenders register their client certificates, set up staging endpoints, and query mock data providers. The sandbox simulates various state-level land record responses and latency issues.
2. Compliance Certification: Lenders must pass a rigorous security audit validating their data storage isolation, DPDPA conformance (consent revocation readiness), and payload encryption protocols.
3. Production Activation: Once certified, the IP addresses are whitelisted on the central ULI gateway, and live consent requests can be generated.

API Payload Example: Consent Request & Land Record Verification

To initiate a data request, your server must sign a payload with your private key and send it to the ULI gateway. Below is a structured JSON code example showing a real-time query for land records in Maharashtra after obtaining valid user consent:

{
  "header": {
    "version": "1.1.0",
    "messageId": "MSG-ULI-20260626-90412",
    "timestamp": "2026-06-26T20:15:30+05:30",
    "fiuId": "FIU_NBFC_PRODUCT_GROWTH_01"
  },
  "consent": {
    "consentId": "CONS_77812984-A19",
    "digitalSignature": "MEQCIF83j21H18...[Base64 signed hash]",
    "validUntil": "2026-06-29T20:15:30+05:30"
  },
  "dataQuery": {
    "registryType": "LAND_RECORD",
    "stateCode": "MH",
    "queryFilter": {
      "district": "Pune",
      "taluka": "Haveli",
      "villageCode": "521401",
      "surveyNumber": "145/2A",
      "subDivision": "B"
    }
  }
}

The ULI gateway verifies the digital signature of the consent token. It then translates the query filters into the specific XML/JSON format required by the Maharashtra Mahabhulekh state server. The returned payload includes fields such as ownerName, landAreaInHectares, soilClassification, and encumbranceDetails (any active bank liens or court disputes), which are parsed and delivered back to the lender as standardized variables.

Standard Integration Benchmarks

DPDPA Compliance Framework & Data Purging

Because ULI provides access to highly sensitive and definitive property ownership records, it is governed directly by the Digital Personal Data Protection Act (DPDPA). As a developer or product manager, you must build compliance checks directly into your database schemes:

• Purpose Limitation: The collected land and yield data cannot be stored in your general data lakes. It must reside in a dedicated, isolated database schema that is only accessible to the loan underwriting microservice.
• Consent Revocation: Your application must provide a simple dashboard displaying all active consents. If a user decides to revoke consent, you must immediately call the ULI /consent/revoke endpoint and wipe all cached appraisal records from your servers.
• Automated Data Purging: Once a loan application is rejected, or once the loan is fully repaid, all retrieved ULI data (except transaction logs required by the Prevention of Money Laundering Act) must be permanently purged using automated cron jobs.

Real-World Integration Challenges & Fallbacks

In production environments, state land record registries are notorious for high latency and sudden downtime. If your app requests land details synchronously during onboarding, a server timeout in a state database can cause the entire user flow to crash, leading to high drop-off rates.

To mitigate this, product teams should implement an asynchronous polling mechanism. When the user approves consent, return a "Request Queued" screen in your mobile interface. Stagger background polling requests at intervals (2s, 5s, 10s, 30s). If the ULI gateway indicates the state server is unresponsive, seamlessly fall back to an OCR-based document upload flow where the customer can upload a digital copy of their land certificate (e.g. 7/12 extract). Once the state server recovers, run an offline reconciliation script to verify the uploaded document against the database records, maintaining underwriting integrity without sacrificing conversion.