CoWIN portal restricts real-time vaccination slots data after geeks started exploiting API

The all-new CoWIN portal loaded with new technology safety features started taking bookings for the vaccine jabs on Saturday. The Center’s technology team has upgraded the nation’s vaccine registration portal with added security layers while restricting the real-time data regarding the availability of vaccination slots on CoWin centralised technology portal.

The move comes after complaints were raised against some technology geeks manipulating the portal data to book the vaccine slots quicker than people who accessed the website on their laptops or smartphones.

“The appointment availability data is cached and may be up to 30 minutes old,” the portal’s nodal agency API Setu said in a note. The CoWin portal uses an open Application Programming Interface (APIs) — a tool that allows two software programs to talk to each other and share information.

Advertisement

‹

EVENT

Infosec Reimagined

Infosec Reimagined 2026 is the premier information security summit where top leaders—CISOs, CROs, CIOs, CTOs and risk executives—converge to redefine cyber resilience.

📅 Fri, 26 Jun 2026

📍 New Delhi

Register Now →

EVENT

Digital Senate

Digital Senate is a premier conference uniting government leaders, technologists and innovators to share ideas, success stories and strategies on digital governance, public sector transformation, cybersecurity and emerging technologies in India.

📅 Thu, 30 Jul 2026

📍 New Delhi

Register Now →

EVENT

CIO Prism

CIO Prism unites forward-thinking technology leaders to exchange transformative insights, shape digital strategies, and foster innovation, empowering enterprises to excel in an era of rapid technological change.

📅 Fri, 18 Sep 2026

📍 Goa

Register Now →

›

Earlier the APIs were made public so that private hospitals could integrate them into their systems to facilitate faster vaccination. Since India opened up vaccinations for those aged 18 and above from May 1, there has been a huge rush for vaccines amid the ongoing second Covid-19 wave and a shortage has aggravated the situation.

With heavy rush recorded on these portals, a few tech software programmers have found an easy way of writing a code that pings the APIs to find open slots in vaccination centres and send alerts via SMS or on messenger groups.

These programmers have even opened websites or Telegram channels to send alerts to users looking for vaccination slots, resulting in hundreds of slots being booked in just minutes. The government has also imposed restrictions on this. “Further, these APIs are subject to a rate limit of 100 API calls per 5 minutes per IP,” API Setu said.

According to the top Central technical team, there is no possibility of automated bookings through bots or scripts since bookings can take place only through the CoWin portal and requires a One-Time Password to be sent to a user’s mobile phone.

The bot built on the MyGov WhatsApp number lets the backend team know about the slot availability, but the system doesn’t allow to run multiple APIs.