Retrieve MySejahtera App's data from MySejahtera API and show to users via web browser. Written in PHP.
Booster Dose Appointment feature is now launched (17/11/2021)
- This web app isn't affiliated with MySejahtera !
- This web app won't record user's MySejahtera username and password as this web app will just simply pass the username / password to the API and retrieve the
x-auth-token. When requestingsemak-vaksin.phpandpdf-digital-cert.php,x-auth-tokenretrieved from login will be POST to it and they will use thex-auth-tokenthat receieved to retrieve the data. - I will not be responsible not be liable for any problem that will produce losses or inconveniences incurred as a result of such changes or differences.
- MySejahtera's API on this web app was grabbed via ProxyMan on iPadOS and iOS version of MySejahtera (User Agent used in this PHP Web App when making request to MySejahtera :
MySejahtera/1.0.36 (iPhone; iOS 14.4.2; Scale/2.00)) - Chinese Introduction
MySejahtera have started to block some region including US / Germany to access their website.
Inspired by nakvaksin.com.
I created a website to check vaccination record via JKJAV's API.
But their API keep returning 500 error for some reason (Seems like rate limit error , no workaround currently).
So I decided to create a web app / website that can retrieve MySejahtera API and return the data to users via broswer instead of their original app.
Parts of MySejahtera's API directly grab from nakvaksin.com , including Login , Personal Details , Vaccination Process Flow.
A big thanks to nakvaksin.com's teams here!
You can :
- Retrieve your personal risk status , vaccination status and your NRIC number / Passport Number.
- Retrieve your Vaccination Process , including 1st Dose Appointment and 2nd Dose Appointment and Booster Dose Appointment. Note : Booster Dose Appointment will only show the information below : "Digital Certificate Issued & Booster Dose Appointment" as MySejahtera's API only return these data.
- Retrieve your PDF version of Vaccine Digital Certificate , a new feature launched by MySejahtera.
- Check and track the COVID-19 Case(s).
Note : You must key in your Date of Birth first into MySejahtera Personal Details before you can generate your PDF version of Vaccine Digital Certificate.
- Login
Do a POST request to here https://mysejahtera.malaysia.gov.my/epms/login with form and header below :
Header :
User-Agent: MySejahtera/1.0.36 (iPhone; iOS 14.4.2; Scale/2.00)
Host: mysejahtera.malaysia.gov.my
Content-Type: multipart/form-data;boundary=31
Form :
username=60XXXXXXXX
password=XXXXXXX
200 if success , 401 if username or password did not match the record in MySejahtera. Notice the x-auth-token response headers if you get 200 , the token is MySejahtera API's login credentials.
- Retrieve personal details
Do a GET request to here https://mysejahtera.malaysia.gov.my/epms/v1/mobileApp/vaccinationEmployeeInfo with header below :
Header :
User-Agent: MySejahtera/1.0.36 (iPhone; iOS 14.4.2; Scale/2.00)
Host: mysejahtera.malaysia.gov.my
x-auth-token: <X-AUTH-TOKEN you get at Step 1>
200 if success , 500 if x-auth-token invalid.
- Retrieve vaccination process
Do a GET request to here https://mysejahtera.malaysia.gov.my/epms/v1/mobileApp/vaccination/processFlow with header below :
Header :
User-Agent: MySejahtera/1.0.36 (iPhone; iOS 14.4.2; Scale/2.00)
Host: mysejahtera.malaysia.gov.my
x-auth-token: <X-AUTH-TOKEN you get at Step 1>
200 if success , 500 if x-auth-token invalid.
- Generate PDF version of Vaccine Digital Certificate
Do a GET request to here https://mysejahtera.malaysia.gov.my/epms/v1/mobileApp/vaccination/certificate/generate with header below :
Header :
User-Agent: MySejahtera/1.0.36 (iPhone; iOS 14.4.2; Scale/2.00)
Host: mysejahtera.malaysia.gov.my
x-auth-token: <X-AUTH-TOKEN you get at Step 1>
200 if success , 500 / 401 if x-auth-token invalid.
- Download PDF version of Vaccine Digital Certificate
Do a GET request to here https://mysejahtera.malaysia.gov.my/epms/v1/mobileApp/vaccination/certificate/download with header below :
Header :
User-Agent: MySejahtera/1.0.36 (iPhone; iOS 14.4.2; Scale/2.00)
Host: mysejahtera.malaysia.gov.my
x-auth-token: <X-AUTH-TOKEN you get at Step 1>
200 if success , 500 / 401 if x-auth-token invalid.
- Request COVID-19 Case(s) and zone risk around the location
Do a POST request to here
https://mysejahtera.malaysia.gov.my/register/api/nearby/hotspots?type=locateme
Header :
'Authorization: Basic '. base64_encode("$mysj_id:$mysj_pword"),
"User-Agent: MySejahtera/1.0.36 (iPhone; iOS 14.4.2; Scale/2.00)",
"Host: mysejahtera.malaysia.gov.my",
"Content-Type: application/json",
Form :
[{"lat":"xx","lng":"xx","classification":"LOW_RISK_NS"}]
Note : for Step 4 and 5 , you must key in your Date of Birth first into MySejahtera Personal Details before you can generate and download your PDF version of Vaccine Digital Certificate or else you will get stucked on Step 4.
- PHP installed , 7.0 + is recommended
- Web server that configured properly to work with PHP
- Internet access
- reCaptcha site key (Replace the sitekey to ur own one in
index.html)
- 401 / 403 on details.php
Your username or password did not match the record in MySejahtera. Please check your username and password.
or
Your request is being blocked by MySejahtera due to firewall rules.
- 403 on semak_vaksin.php / pdf-digital-cert.php
You did not provide token to check your vaccine details. Please try to login again.
or
Your request is being blocked by MySejahtera due to firewall rules.
- 401 on semak_vaksin.php / pdf-digital-cert.php
The x-auth-token is expired. You need to relogin at the main page.
or
Your request is being blocked by MySejahtera due to firewall rules.
I used Nominatim's API to retrieve the coordinates.
I created a small proxy via my Nginx web server so all traffic for this API location request that returning 200 HTTP will be cached for 1 week.
Booster Dose Appointment feature is now updated (17/11/2021) , do note that MySejahtera's API only returning data below :
[{
"timestamp": "XXXXX",
"headerText": {
"ms_MY": "Sijil digital dikeluarkan",
"en_US": "Digital certificate issued"
},
"state": "COMPLETED",
"data": [],
"action": [{
"text": {
"ms_MY": "Tekan di sini untuk melihat sijil digital vaksinasi COVID-19",
"en_US": "Click here to view your COVID-19 vaccination digital certificate"
},
"value": "PROFILE_LINK"
}]
}, {
"timestamp": "XXXXX",
"headerText": {
"ms_MY": "Temu janji dos penggalak",
"en_US": "Booster dose appointment"
},
"state": "ACTIVE",
"data": [{
"text": {
"ms_MY": "Fasiliti Kesihatan:",
"en_US": "Health Facility:"
},
"value": "XXXXXX"
}, {
"text": {
"ms_MY": "Lokasi Vaksinasi:",
"en_US": "Vaccination Location:"
},
"value": "XXXX"
}, {
"text": {
"ms_MY": "Tarikh:",
"en_US": "Date:"
},
"value": "XXX"
}, {
"text": {
"ms_MY": "Masa:",
"en_US": "Time:"
},
"value": "XXX"
}, {
"text": {
"ms_MY": "Persetujuan Digital:",
"en_US": "Digital Consent:"
},
"value": "-"
}],
"action": [{
"text": {
"ms_MY": "Tekan di sini untuk imbas kod QR lokasi vaksinasi apabila anda tiba",
"en_US": "Click here to scan vaccination location QR when you arrive"
},
"value": "USER_CHECK_IN"
}, {
"text": {
"ms_MY": "Klik di sini untuk membatalkan janji temu anda",
"en_US": "Click here to cancel your appointment"
},
"value": "BOOSTER_DOSE_CANCELLATION_ASSESSMENT"
}]
}, {
"timestamp": null,
"headerText": {
"ms_MY": "Dos penggalak selesai",
"en_US": "Booster Dose completed"
},
"state": "PENDING",
"data": [],
"action": []
}]
Hence , the 1st dose appointment & 2nd dose appointment data won't show out.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent