eIDAS Signature REST API (1.0-SNAPSHOT)

Download OpenAPI specification:Download

Sphereon: dev@sphereon.com URL: https://sphereon.com License: GNU Affero General Public License v3

The eIDAS Signature REST API allows you to sign objects using X509 / eidas compliant signatures.

Signing

Signing APIs

Determine signature input data

Determines the data that needs to be signed from an input

Authorizations:

openIdoauth2bearer

Request Body schema: application/json

Determine Sign Input Request

required	object (OrigData) Original data that either needs to be signed, or is an image to use in visual signatures
signMode required	string (SignMode) Enum: "DIGEST" "DOCUMENT" Whether the signature should be about a full document, meaning internally a hash/digest needs to be created or whether it was already digested
required	object (ConfigKeyBinding) Provides the Key Provider ID to use. Used in payloads. This is not done through path parameters like a normal REST pattern to protect against ACCESS log statistics/insights
	object (SignatureFormParameters) The signature form parameters to use for signature creation

Responses

Request samples

Payload

Content type

application/json

{"origData": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"signMode": "DOCUMENT",
"binding": {"kid": "hr-cert",
"signatureConfigId": "1234....",
"keyProviderId": "a1b3c3...."
},
"signatureFormParametersOverride": {"padesSignatureFormParameters": {"mode": "APPROVAL",
"reason": "Agreed statement of work",
"contactInfo": "john.doe@example.com",
"location": "Maarssen, The Netherlands",
"signerName": "John Doe",
"passwordProtection": "secret password here",
"signinTimeZone": "GMT+3",
"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"certificationPermission": "NO_CHANGE_PERMITTED"
}
}
}

Response samples

200
default

Content type

application/json

{"signInput": {"name": "example.pdf",
"input": "<base64>",
"signMode": "DOCUMENT",
"digestAlgorithm": "SHA256",
"signingDate": "2022-06-11T22:53:40Z",
"binding": {"kid": "hr-cert",
"signatureConfigId": "1234....",
"keyProviderId": "a1b3c3...."
},
"signatureFormParameters": {"padesSignatureFormParameters": {"mode": "APPROVAL",
"reason": "Agreed statement of work",
"contactInfo": "john.doe@example.com",
"location": "Maarssen, The Netherlands",
"signerName": "John Doe",
"passwordProtection": "secret password here",
"signinTimeZone": "GMT+3",
"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"certificationPermission": "NO_CHANGE_PERMITTED"
}
},
"password": "secret-password"
}
}

Create digest value

Create a hash/digest value

Authorizations:

openIdoauth2bearer

Request Body schema: application/json

Determine Digest Request

required

object (SignInput)

The input value as previously determined that needs to be signed or digested

name required	string The file name
input required	string <byte> The input value
signMode required	string (SignMode) Enum: "DIGEST" "DOCUMENT" Whether the signature should be about a full document, meaning internally a hash/digest needs to be created or whether it was already digested
digestAlgorithm	string (DigestAlgorithm) Default: "SHA256" Enum: "NONE" "SHA256" "SHA512" "SHA3_256" "SHA3_512" The hash/digest algorithm to use
signingDate required	string <date-time> This is the date which comes from the initial configuration signing date. We need to keep a record of this, in case a PDF document does not have a document Id set. Otherwise in different steps different date/times would be used, resulting in different hashes for the PDF document. Do not change this value between calls
required	object (ConfigKeyBinding) Provides the Key Provider ID to use. Used in payloads. This is not done through path parameters like a normal REST pattern to protect against ACCESS log statistics/insights
required	object (SignatureFormParameters) The signature form parameters to use for signature creation
password	string The password to open the input file

Responses

Request samples

Payload

Content type

application/json

{"signInput": {"name": "example.pdf",
"input": "<base64>",
"signMode": "DOCUMENT",
"digestAlgorithm": "SHA256",
"signingDate": "2022-06-11T22:53:40Z",
"binding": {"kid": "hr-cert",
"signatureConfigId": "1234....",
"keyProviderId": "a1b3c3...."
},
"signatureFormParameters": {"padesSignatureFormParameters": {"mode": "APPROVAL",
"reason": "Agreed statement of work",
"contactInfo": "john.doe@example.com",
"location": "Maarssen, The Netherlands",
"signerName": "John Doe",
"passwordProtection": "secret password here",
"signinTimeZone": "GMT+3",
"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"certificationPermission": "NO_CHANGE_PERMITTED"
}
},
"password": "secret-password"
}
}

Response samples

200
default

Content type

application/json

{"signInput": {"name": "example.pdf",
"input": "<base64>",
"signMode": "DOCUMENT",
"digestAlgorithm": "SHA256",
"signingDate": "2022-06-11T22:53:40Z",
"binding": {"kid": "hr-cert",
"signatureConfigId": "1234....",
"keyProviderId": "a1b3c3...."
},
"signatureFormParameters": {"padesSignatureFormParameters": {"mode": "APPROVAL",
"reason": "Agreed statement of work",
"contactInfo": "john.doe@example.com",
"location": "Maarssen, The Netherlands",
"signerName": "John Doe",
"passwordProtection": "secret password here",
"signinTimeZone": "GMT+3",
"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"certificationPermission": "NO_CHANGE_PERMITTED"
}
},
"password": "secret-password"
}
}

Create signature

Create a signature

Authorizations:

openIdoauth2bearer

Request Body schema: application/json

Create Signature Request

required	object (SignInput) The input value as previously determined that needs to be signed or digested
maskGenFunction	string (MaskGenFunction) Value: "MGF1" Mask Generation Function to create random signatures.
signatureAlgorithm	string (SignatureAlgorithm) Enum: "RSA_RAW" "RSA_SHA256" "RSA_SHA512" "RSA_SHA3_256" "RSA_SHA3_512" "DSA_SHA256" "DSA_SHA512" "RSA_SSA_PSS_RAW_MGF1" "RSA_SSA_PSS_SHA256_MGF1" "RSA_SSA_PSS_SHA512_MGF1" "RSA_SSA_PSS_SHA3_256_MGF1" "RSA_SSA_PSS_SHA3_512_MGF1" The signature algorithm to use

Responses

Request samples

Payload

Content type

application/json

{"signInput": {"name": "example.pdf",
"input": "<base64>",
"signMode": "DOCUMENT",
"digestAlgorithm": "SHA256",
"signingDate": "2022-06-11T22:53:40Z",
"binding": {"kid": "hr-cert",
"signatureConfigId": "1234....",
"keyProviderId": "a1b3c3...."
},
"signatureFormParameters": {"padesSignatureFormParameters": {"mode": "APPROVAL",
"reason": "Agreed statement of work",
"contactInfo": "john.doe@example.com",
"location": "Maarssen, The Netherlands",
"signerName": "John Doe",
"passwordProtection": "secret password here",
"signinTimeZone": "GMT+3",
"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"certificationPermission": "NO_CHANGE_PERMITTED"
}
},
"password": "secret-password"
},
"maskGenFunction": "MGF1",
"signatureAlgorithm": "RSA_SSA_PSS_SHA3_256_MGF1"
}

Response samples

200
default

Content type

application/json

{"signature": {"value": "<base64>",
"algorithm": "RSA_SSA_PSS_SHA3_256_MGF1",
"signMode": "DOCUMENT",
"keyEntry": {"attributes": [{"name": "attribute1",
"value": "example value 1"
}
],
"kid": "key1234",
"providerId": "12abds-434223-dfss-432432",
"encryptionAlgorithm": "ECDSA",
"publicKey": {"algorithm": "ECDSA",
"value": "<base64-key>",
"format": "X.509"
},
"certificate": {"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
},
"certificateChain": [{"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
}
]
},
"binding": {"kid": "hr-cert",
"signatureConfigId": "1234....",
"keyProviderId": "a1b3c3...."
},
"date": "2022-06-11T22:53:40Z",
"signatureFormParameters": {"padesSignatureFormParameters": {"mode": "APPROVAL",
"reason": "Agreed statement of work",
"contactInfo": "john.doe@example.com",
"location": "Maarssen, The Netherlands",
"signerName": "John Doe",
"passwordProtection": "secret password here",
"signinTimeZone": "GMT+3",
"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"certificationPermission": "NO_CHANGE_PERMITTED"
}
},
"password": "secret-password"
}
}

Merges the original data with the created signature

Authorizations:

openIdoauth2bearer

Request Body schema: application/json

Merge Signature Request

required	object (OrigData) Original data that either needs to be signed, or is an image to use in visual signatures
required	object (Signature) The signature object

Responses

Request samples

Payload

Content type

application/json

{"origData": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"signature": {"value": "<base64>",
"algorithm": "RSA_SSA_PSS_SHA3_256_MGF1",
"signMode": "DOCUMENT",
"keyEntry": {"attributes": [{"name": "attribute1",
"value": "example value 1"
}
],
"kid": "key1234",
"providerId": "12abds-434223-dfss-432432",
"encryptionAlgorithm": "ECDSA",
"publicKey": {"algorithm": "ECDSA",
"value": "<base64-key>",
"format": "X.509"
},
"certificate": {"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
},
"certificateChain": [{"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
}
]
},
"binding": {"kid": "hr-cert",
"signatureConfigId": "1234....",
"keyProviderId": "a1b3c3...."
},
"date": "2022-06-11T22:53:40Z",
"signatureFormParameters": {"padesSignatureFormParameters": {"mode": "APPROVAL",
"reason": "Agreed statement of work",
"contactInfo": "john.doe@example.com",
"location": "Maarssen, The Netherlands",
"signerName": "John Doe",
"passwordProtection": "secret password here",
"signinTimeZone": "GMT+3",
"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"certificationPermission": "NO_CHANGE_PERMITTED"
}
},
"password": "secret-password"
}
}

Response samples

200
default

Content type

application/json

{"signOutput": {"name": "example.pdf",
"mimeType": "application/pdf",
"value": "string",
"digestAlgorithm": "SHA256",
"signature": {"value": "<base64>",
"algorithm": "RSA_SSA_PSS_SHA3_256_MGF1",
"signMode": "DOCUMENT",
"keyEntry": {"attributes": [{"name": "attribute1",
"value": "example value 1"
}
],
"kid": "key1234",
"providerId": "12abds-434223-dfss-432432",
"encryptionAlgorithm": "ECDSA",
"publicKey": {"algorithm": "ECDSA",
"value": "<base64-key>",
"format": "X.509"
},
"certificate": {"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
},
"certificateChain": [{"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
}
]
},
"binding": {"kid": "hr-cert",
"signatureConfigId": "1234....",
"keyProviderId": "a1b3c3...."
},
"date": "2022-06-11T22:53:40Z",
"signatureFormParameters": {"padesSignatureFormParameters": {"mode": "APPROVAL",
"reason": "Agreed statement of work",
"contactInfo": "john.doe@example.com",
"location": "Maarssen, The Netherlands",
"signerName": "John Doe",
"passwordProtection": "secret password here",
"signinTimeZone": "GMT+3",
"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"certificationPermission": "NO_CHANGE_PERMITTED"
}
},
"password": "secret-password"
}
}
}

Keys

Certificate and Key Entry management APIs

Import a X509 Certificate as Key Entry. Note not every Key Provider supports this method

Import a X509 certificate

Authorizations:

openIdoauth2bearer

path Parameters

providerId

required

string

Example: 89fbae00-dbf4-41a3-91ed-15a3fa2b83d5

Key Provider ID

Request Body schema: application/json

Import X509 Certificate

kid required	string The Key Identifier to create
certificate required	string <byte> encoded X509 certificate
certificateChain	Array of strings <byte>
	object (Access Restrictions) Access Restrictions

Responses

Request samples

Payload

Content type

application/json

{"kid": "key1234",
"certificate": "<encoded X509 certificate base64>",
"certificateChain": ["<encoded X509 certificate chain base64>"
],
"accessRestrictions": {"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}

Response samples

201
default

Content type

application/json

{"keyEntry": {"attributes": [{"name": "attribute1",
"value": "example value 1"
}
],
"kid": "key1234",
"providerId": "12abds-434223-dfss-432432",
"encryptionAlgorithm": "ECDSA",
"publicKey": {"algorithm": "ECDSA",
"value": "<base64-key>",
"format": "X.509"
},
"certificate": {"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
},
"certificateChain": [{"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
}
]
},
"accessRestrictions": {"subjectId": "subject1234",
"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}

link Key Entry

Link a Key Entry kid to a Key/certificate id from the provider

Authorizations:

openIdoauth2bearer

path Parameters

providerId

required

string

Example: 89fbae00-dbf4-41a3-91ed-15a3fa2b83d5

Key Provider ID

Request Body schema: application/json

kid required	string The key identifier
providerKid	string The id as used by the provider
	object (Access Restrictions) Access Restrictions

Responses

Request samples

Payload

Content type

application/json

{"kid": "key1234",
"providerKid": "12abds-434223-dfss-432432",
"accessRestrictions": {"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}

Response samples

201
default

Content type

application/json

{"keyEntry": {"attributes": [{"name": "attribute1",
"value": "example value 1"
}
],
"kid": "key1234",
"providerId": "12abds-434223-dfss-432432",
"encryptionAlgorithm": "ECDSA",
"publicKey": {"algorithm": "ECDSA",
"value": "<base64-key>",
"format": "X.509"
},
"certificate": {"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
},
"certificateChain": [{"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
}
]
},
"accessRestrictions": {"subjectId": "subject1234",
"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}

Create Key Entry (x509 certificate)

Create a Key Entry (x509 certificate)

Authorizations:

openIdoauth2bearer

path Parameters

providerId

required

string

Example: 89fbae00-dbf4-41a3-91ed-15a3fa2b83d5

Key Provider ID

Request Body schema: application/json

Create/Update Key Request

required	object (KeyEntry) The Key Entry, which typically is a X509 Certificate. It requires a public key
password	string Optional password used to access the key
	object (Access Restrictions) Access Restrictions

Responses

Request samples

Payload

Content type

application/json

{"keyEntry": {"attributes": [{"name": "attribute1",
"value": "example value 1"
}
],
"kid": "key1234",
"providerId": "12abds-434223-dfss-432432",
"encryptionAlgorithm": "ECDSA",
"publicKey": {"algorithm": "ECDSA",
"value": "<base64-key>",
"format": "X.509"
},
"certificate": {"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
},
"certificateChain": [{"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
}
]
},
"password": "example-password",
"accessRestrictions": {"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}

Response samples

201
default

Content type

application/json

{"keyEntry": {"attributes": [{"name": "attribute1",
"value": "example value 1"
}
],
"kid": "key1234",
"providerId": "12abds-434223-dfss-432432",
"encryptionAlgorithm": "ECDSA",
"publicKey": {"algorithm": "ECDSA",
"value": "<base64-key>",
"format": "X.509"
},
"certificate": {"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
},
"certificateChain": [{"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
}
]
},
"accessRestrictions": {"subjectId": "subject1234",
"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}

Get a key Entry (X509 certificate)

Get a Key Entry

Authorizations:

openIdoauth2bearer

path Parameters

providerId required	string Example: 89fbae00-dbf4-41a3-91ed-15a3fa2b83d5 Key Provider ID
kid required	string Example: 2ZQpJ3UpbjAYXYGaXEJl8lV0TOI Certificate/Key kid

Responses

Response samples

200
default

Content type

application/json

{"keyEntry": {"attributes": [{"name": "attribute1",
"value": "example value 1"
}
],
"kid": "key1234",
"providerId": "12abds-434223-dfss-432432",
"encryptionAlgorithm": "ECDSA",
"publicKey": {"algorithm": "ECDSA",
"value": "<base64-key>",
"format": "X.509"
},
"certificate": {"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
},
"certificateChain": [{"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
}
]
},
"accessRestrictions": {"subjectId": "subject1234",
"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}

Update Key Entry

Update a Key Entry (x509 certificate)

Authorizations:

openIdoauth2bearer

path Parameters

providerId required	string Example: 89fbae00-dbf4-41a3-91ed-15a3fa2b83d5 Key Provider ID
kid required	string Example: 2ZQpJ3UpbjAYXYGaXEJl8lV0TOI Certificate/Key kid

Request Body schema: application/json

Create/Update Key Request

required	object (KeyEntry) The Key Entry, which typically is a X509 Certificate. It requires a public key
password	string Optional password used to access the key
	object (Access Restrictions) Access Restrictions

Responses

Request samples

Payload

Content type

application/json

{"keyEntry": {"attributes": [{"name": "attribute1",
"value": "example value 1"
}
],
"kid": "key1234",
"providerId": "12abds-434223-dfss-432432",
"encryptionAlgorithm": "ECDSA",
"publicKey": {"algorithm": "ECDSA",
"value": "<base64-key>",
"format": "X.509"
},
"certificate": {"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
},
"certificateChain": [{"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
}
]
},
"password": "example-password",
"accessRestrictions": {"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}

Response samples

200
default

Content type

application/json

{"keyEntry": {"attributes": [{"name": "attribute1",
"value": "example value 1"
}
],
"kid": "key1234",
"providerId": "12abds-434223-dfss-432432",
"encryptionAlgorithm": "ECDSA",
"publicKey": {"algorithm": "ECDSA",
"value": "<base64-key>",
"format": "X.509"
},
"certificate": {"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
},
"certificateChain": [{"value": "<certificate (X509) in base64 encoding>",
"fingerPrint": "1E:DD:AD:32:C3:54:3F:C3:6F:7F:94:51:8D:5E:F7:ED:7C:DB:5D:A5",
"serialNumber": "00936EACBE07F201DF",
"issuerDN": "CN=Ensured Document Signing CA, O=Ensured B.V., L=Heerhugowaard, ST=Noord-Holland, C=NL",
"subjectDN": "CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, ST=New Jersey, C=US",
"notBefore": "2022-07-25T22:53:40.276+00:00",
"notAfter": "2032-07-25T22:53:40.276+00:00",
"keyUsage": ["DIGITAL_SIGNATURE"
]
}
]
},
"accessRestrictions": {"subjectId": "subject1234",
"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}

Delete Key Entry

Delete a Key Entry (x509 certificate)

Authorizations:

openIdoauth2bearer

path Parameters

providerId required	string Example: 89fbae00-dbf4-41a3-91ed-15a3fa2b83d5 Key Provider ID
kid required	string Example: 2ZQpJ3UpbjAYXYGaXEJl8lV0TOI Certificate/Key kid

Responses

Response samples

default

Content type

application/json

{"timestamp": "2022-06-11T22:53:40.276+00:00",
"path": "/signatures/create",
"status": 500,
"error": "Internal Server Error",
"requestId": "38fd064b"
}

SignatureConfig

Signature configuration APIs

Create configuration

Authorizations:

openIdoauth2bearer

Request Body schema: application/json

Configuration Request

	object (TimestampParameters) Timestamp parameters like url and different baseline settings
signatureLevel required	string (SignatureLevel) Enum: "PDF_NOT_ETSI" "PKCS7_B" "PKCS7_T" "PKCS7_LT" "PKCS7_LTA" "PAdES_BASELINE_B" "PAdES_BASELINE_T" "PAdES_BASELINE_LT" "PAdES_BASELINE_LTA" The signature level to use
digestAlgorithm	string (DigestAlgorithm) Default: "SHA256" Enum: "NONE" "SHA256" "SHA512" "SHA3_256" "SHA3_512" The hash/digest algorithm to use
required	object (SignatureFormParameters) The signature form parameters to use for signature creation
	object (Access Restrictions) Access Restrictions

Responses

Request samples

Payload

Content type

application/json

{"timestampParameters": {"tsaUrl": "http://example-tsa-url.com",
"baselineBContentTimestampParameters": {"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"timestampContainerForm": "PDF",
"digestAlgorithm": "SHA256",
"canonicalizationMethod": "EXCLUSIVE"
},
"baselineTSignatureTimestampParameters": {"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"timestampContainerForm": "PDF",
"digestAlgorithm": "SHA256",
"canonicalizationMethod": "EXCLUSIVE"
},
"baselineLTAArchiveTimestampParameters": {"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"timestampContainerForm": "PDF",
"digestAlgorithm": "SHA256",
"canonicalizationMethod": "EXCLUSIVE"
}
},
"signatureLevel": "PAdES_BASELINE_B",
"digestAlgorithm": "SHA256",
"signatureFormParameters": {"padesSignatureFormParameters": {"mode": "APPROVAL",
"reason": "Agreed statement of work",
"contactInfo": "john.doe@example.com",
"location": "Maarssen, The Netherlands",
"signerName": "John Doe",
"passwordProtection": "secret password here",
"signinTimeZone": "GMT+3",
"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"certificationPermission": "NO_CHANGE_PERMITTED"
}
},
"accessRestrictions": {"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}

Response samples

201
default

Content type

application/json

{"configId": "12234-1324343-4344334-3443443",
"config": {"timestampParameters": {"tsaUrl": "http://example-tsa-url.com",
"baselineBContentTimestampParameters": {"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"timestampContainerForm": "PDF",
"digestAlgorithm": "SHA256",
"canonicalizationMethod": "EXCLUSIVE"
},
"baselineTSignatureTimestampParameters": {"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"timestampContainerForm": "PDF",
"digestAlgorithm": "SHA256",
"canonicalizationMethod": "EXCLUSIVE"
},
"baselineLTAArchiveTimestampParameters": {"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"timestampContainerForm": "PDF",
"digestAlgorithm": "SHA256",
"canonicalizationMethod": "EXCLUSIVE"
}
},
"signatureLevel": "PAdES_BASELINE_B",
"digestAlgorithm": "SHA256",
"signatureFormParameters": {"padesSignatureFormParameters": {"mode": "APPROVAL",
"reason": "Agreed statement of work",
"contactInfo": "john.doe@example.com",
"location": "Maarssen, The Netherlands",
"signerName": "John Doe",
"passwordProtection": "secret password here",
"signinTimeZone": "GMT+3",
"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"certificationPermission": "NO_CHANGE_PERMITTED"
}
},
"accessRestrictions": {"subjectId": "subject1234",
"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}
}

List configurations

Authorizations:

openIdoauth2bearer

Responses

Response samples

200
default

Content type

application/json

[{"configId": "12234-1324343-4344334-3443443",
"config": {"timestampParameters": {"tsaUrl": "http://example-tsa-url.com",
"baselineBContentTimestampParameters": {"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"timestampContainerForm": "PDF",
"digestAlgorithm": "SHA256",
"canonicalizationMethod": "EXCLUSIVE"
},
"baselineTSignatureTimestampParameters": {"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"timestampContainerForm": "PDF",
"digestAlgorithm": "SHA256",
"canonicalizationMethod": "EXCLUSIVE"
},
"baselineLTAArchiveTimestampParameters": {"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"timestampContainerForm": "PDF",
"digestAlgorithm": "SHA256",
"canonicalizationMethod": "EXCLUSIVE"
}
},
"signatureLevel": "PAdES_BASELINE_B",
"digestAlgorithm": "SHA256",
"signatureFormParameters": {"padesSignatureFormParameters": {"mode": "APPROVAL",
"reason": "Agreed statement of work",
"contactInfo": "john.doe@example.com",
"location": "Maarssen, The Netherlands",
"signerName": "John Doe",
"passwordProtection": "secret password here",
"signinTimeZone": "GMT+3",
"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"certificationPermission": "NO_CHANGE_PERMITTED"
}
},
"accessRestrictions": {"subjectId": "subject1234",
"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}
}
]

Update configuration

Authorizations:

openIdoauth2bearer

path Parameters

configId

required

string

Example: 5d9f2462-13c8-45b6-8e0e-8971cbe412b5

Config ID

Request Body schema: application/json

Configuration Request

	object (TimestampParameters) Timestamp parameters like url and different baseline settings
signatureLevel required	string (SignatureLevel) Enum: "PDF_NOT_ETSI" "PKCS7_B" "PKCS7_T" "PKCS7_LT" "PKCS7_LTA" "PAdES_BASELINE_B" "PAdES_BASELINE_T" "PAdES_BASELINE_LT" "PAdES_BASELINE_LTA" The signature level to use
digestAlgorithm	string (DigestAlgorithm) Default: "SHA256" Enum: "NONE" "SHA256" "SHA512" "SHA3_256" "SHA3_512" The hash/digest algorithm to use
required	object (SignatureFormParameters) The signature form parameters to use for signature creation
	object (Access Restrictions) Access Restrictions

Responses

Request samples

Payload

Content type

application/json

{"timestampParameters": {"tsaUrl": "http://example-tsa-url.com",
"baselineBContentTimestampParameters": {"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"timestampContainerForm": "PDF",
"digestAlgorithm": "SHA256",
"canonicalizationMethod": "EXCLUSIVE"
},
"baselineTSignatureTimestampParameters": {"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"timestampContainerForm": "PDF",
"digestAlgorithm": "SHA256",
"canonicalizationMethod": "EXCLUSIVE"
},
"baselineLTAArchiveTimestampParameters": {"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"timestampContainerForm": "PDF",
"digestAlgorithm": "SHA256",
"canonicalizationMethod": "EXCLUSIVE"
}
},
"signatureLevel": "PAdES_BASELINE_B",
"digestAlgorithm": "SHA256",
"signatureFormParameters": {"padesSignatureFormParameters": {"mode": "APPROVAL",
"reason": "Agreed statement of work",
"contactInfo": "john.doe@example.com",
"location": "Maarssen, The Netherlands",
"signerName": "John Doe",
"passwordProtection": "secret password here",
"signinTimeZone": "GMT+3",
"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"certificationPermission": "NO_CHANGE_PERMITTED"
}
},
"accessRestrictions": {"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}

Response samples

200
default

Content type

application/json

{"configId": "12234-1324343-4344334-3443443",
"config": {"timestampParameters": {"tsaUrl": "http://example-tsa-url.com",
"baselineBContentTimestampParameters": {"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"timestampContainerForm": "PDF",
"digestAlgorithm": "SHA256",
"canonicalizationMethod": "EXCLUSIVE"
},
"baselineTSignatureTimestampParameters": {"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"timestampContainerForm": "PDF",
"digestAlgorithm": "SHA256",
"canonicalizationMethod": "EXCLUSIVE"
},
"baselineLTAArchiveTimestampParameters": {"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"timestampContainerForm": "PDF",
"digestAlgorithm": "SHA256",
"canonicalizationMethod": "EXCLUSIVE"
}
},
"signatureLevel": "PAdES_BASELINE_B",
"digestAlgorithm": "SHA256",
"signatureFormParameters": {"padesSignatureFormParameters": {"mode": "APPROVAL",
"reason": "Agreed statement of work",
"contactInfo": "john.doe@example.com",
"location": "Maarssen, The Netherlands",
"signerName": "John Doe",
"passwordProtection": "secret password here",
"signinTimeZone": "GMT+3",
"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"certificationPermission": "NO_CHANGE_PERMITTED"
}
},
"accessRestrictions": {"subjectId": "subject1234",
"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}
}

Get configuration

Authorizations:

openIdoauth2bearer

path Parameters

configId

required

string

Example: 5d9f2462-13c8-45b6-8e0e-8971cbe412b5

Config ID

Responses

Response samples

200
default

Content type

application/json

{"configId": "12234-1324343-4344334-3443443",
"config": {"timestampParameters": {"tsaUrl": "http://example-tsa-url.com",
"baselineBContentTimestampParameters": {"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"timestampContainerForm": "PDF",
"digestAlgorithm": "SHA256",
"canonicalizationMethod": "EXCLUSIVE"
},
"baselineTSignatureTimestampParameters": {"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"timestampContainerForm": "PDF",
"digestAlgorithm": "SHA256",
"canonicalizationMethod": "EXCLUSIVE"
},
"baselineLTAArchiveTimestampParameters": {"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"timestampContainerForm": "PDF",
"digestAlgorithm": "SHA256",
"canonicalizationMethod": "EXCLUSIVE"
}
},
"signatureLevel": "PAdES_BASELINE_B",
"digestAlgorithm": "SHA256",
"signatureFormParameters": {"padesSignatureFormParameters": {"mode": "APPROVAL",
"reason": "Agreed statement of work",
"contactInfo": "john.doe@example.com",
"location": "Maarssen, The Netherlands",
"signerName": "John Doe",
"passwordProtection": "secret password here",
"signinTimeZone": "GMT+3",
"visualSignatureParameters": {"image": {"name": "example.pdf",
"mimeType": "application/pdf",
"content": "JyAgICAg...",
"password": "s3cr3tp@ss"
},
"zoom": 120,
"backgroundColor": "WHITE",
"dpi": 96,
"rotation": "AUTOMATIC",
"alignmentHorizontal": "CENTER",
"alignmentVertical": "NONE",
"imageScaling": "CENTER",
"textParameters": {"signerTextPosition": "TOP",
"signerTextVerticalAlignment": "MIDDLE",
"signerTextHorizontalAlignment": "LEFT",
"text": "John Doe\r\nCEO Acme",
"font": "calibri",
"textWrapping": "FILL_BOX",
"padding": "10f",
"textColor": "RED",
"backgroundColor": "GRAY"
},
"fieldParameters": {"fieldId": "Signature1",
"page": 2,
"originX": "100f",
"originY": "400f",
"width": "150f",
"height": "75f"
}
},
"certificationPermission": "NO_CHANGE_PERMITTED"
}
},
"accessRestrictions": {"subjectId": "subject1234",
"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}
}

Delete configuration

Authorizations:

openIdoauth2bearer

path Parameters

configId

required

string

Example: 5d9f2462-13c8-45b6-8e0e-8971cbe412b5

Config ID

Responses

Response samples

default

Content type

application/json

{"timestamp": "2022-06-11T22:53:40.276+00:00",
"path": "/signatures/create",
"status": 500,
"error": "Internal Server Error",
"requestId": "38fd064b"
}

KeyProvider

Key Provider APIs

Create Key Provider

Authorizations:

openIdoauth2bearer

Request Body schema: application/json

Create key provider request

cacheEnabled	boolean Default: false Whether to cache Keys or not
cacheTTLInSeconds	number Default: 300 The cache TTL in seconds
type required	string (KeyProviderType) Enum: "PKCS11" "PKCS12" "AZURE_KEYVAULT" The Key Provider type. PKCS11 is an interface to HSM, usb and smart cards. PKCS12 are keystores. The Azure keyvault options allows for an intergration with Azure Keyvault and Azure Managed HSM
	object (AzureKeyvaultSetting) Azure Keyvault and Managed HSM settings
	object (Access Restrictions) Access Restrictions

Responses

Request samples

Payload

Content type

application/json

{"cacheEnabled": false,
"cacheTTLInSeconds": 300,
"type": "AZURE_KEYVAULT",
"azureKeyvaultSettings": {"keyvaultUrl": "https://example-vault.vault.azure.net/",
"tenantId": "a3b42c5a-5512-4379-bc27-4682acec459a",
"applicationId": "your-app-id",
"credentialOpts": {"credentialMode": "SERVICE_CLIENT_SECRET",
"secretCredentialOpts": {"clientId": "cfa45c7f-1212-7a59-ac45-aa82acec4364343",
"clientSecret": "your azure clientsecret as provided by Azure"
}
}
},
"accessRestrictions": {"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}

Response samples

201
default

Content type

application/json

{"providerId": "12abds-434223-dfss-432432",
"cacheEnabled": false,
"cacheTTLInSeconds": 300,
"type": "AZURE_KEYVAULT",
"azureKeyvaultSettings": {"keyvaultUrl": "https://example-vault.vault.azure.net/",
"tenantId": "a3b42c5a-5512-4379-bc27-4682acec459a",
"applicationId": "your-app-id",
"credentialOpts": {"credentialMode": "SERVICE_CLIENT_SECRET",
"secretCredentialOpts": {"clientId": "cfa45c7f-1212-7a59-ac45-aa82acec4364343",
"clientSecret": "your azure clientsecret as provided by Azure"
}
}
},
"accessRestrictions": {"subjectId": "subject1234",
"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}

Get Key Providers

Authorizations:

openIdoauth2bearer

Responses

Response samples

200
default

Content type

application/json

{"keyProviders": [{"providerId": "12abds-434223-dfss-432432",
"cacheEnabled": false,
"cacheTTLInSeconds": 300,
"type": "AZURE_KEYVAULT",
"azureKeyvaultSettings": {"keyvaultUrl": "https://example-vault.vault.azure.net/",
"tenantId": "a3b42c5a-5512-4379-bc27-4682acec459a",
"applicationId": "your-app-id",
"credentialOpts": {"credentialMode": "SERVICE_CLIENT_SECRET",
"secretCredentialOpts": {"clientId": "cfa45c7f-1212-7a59-ac45-aa82acec4364343",
"clientSecret": "your azure clientsecret as provided by Azure"
}
}
},
"accessRestrictions": {"subjectId": "subject1234",
"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}
]
}

Update Key provider

Update the Key Provider Settings

Authorizations:

openIdoauth2bearer

path Parameters

providerId

required

string

Example: 89fbae00-dbf4-41a3-91ed-15a3fa2b83d5

Key Provider ID

Request Body schema: application/json

Update key provider request

providerId	string The id of the provider
cacheEnabled	boolean Default: false Whether to cache Keys or not
cacheTTLInSeconds	number Default: 300 The cache TTL in seconds
type required	string (KeyProviderType) Enum: "PKCS11" "PKCS12" "AZURE_KEYVAULT" The Key Provider type. PKCS11 is an interface to HSM, usb and smart cards. PKCS12 are keystores. The Azure keyvault options allows for an intergration with Azure Keyvault and Azure Managed HSM
	object (AzureKeyvaultSetting) Azure Keyvault and Managed HSM settings
	object (Access Restrictions) Access Restrictions

Responses

Request samples

Payload

Content type

application/json

{"providerId": "12abds-434223-dfss-432432",
"cacheEnabled": false,
"cacheTTLInSeconds": 300,
"type": "AZURE_KEYVAULT",
"azureKeyvaultSettings": {"keyvaultUrl": "https://example-vault.vault.azure.net/",
"tenantId": "a3b42c5a-5512-4379-bc27-4682acec459a",
"applicationId": "your-app-id",
"credentialOpts": {"credentialMode": "SERVICE_CLIENT_SECRET",
"secretCredentialOpts": {"clientId": "cfa45c7f-1212-7a59-ac45-aa82acec4364343",
"clientSecret": "your azure clientsecret as provided by Azure"
}
}
},
"accessRestrictions": {"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}

Response samples

200
default

Content type

application/json

{"keyProviders": [{"providerId": "12abds-434223-dfss-432432",
"cacheEnabled": false,
"cacheTTLInSeconds": 300,
"type": "AZURE_KEYVAULT",
"azureKeyvaultSettings": {"keyvaultUrl": "https://example-vault.vault.azure.net/",
"tenantId": "a3b42c5a-5512-4379-bc27-4682acec459a",
"applicationId": "your-app-id",
"credentialOpts": {"credentialMode": "SERVICE_CLIENT_SECRET",
"secretCredentialOpts": {"clientId": "cfa45c7f-1212-7a59-ac45-aa82acec4364343",
"clientSecret": "your azure clientsecret as provided by Azure"
}
}
},
"accessRestrictions": {"subjectId": "subject1234",
"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}
]
}

Get Key Provider

Authorizations:

openIdoauth2bearer

path Parameters

providerId

required

string

Example: 89fbae00-dbf4-41a3-91ed-15a3fa2b83d5

Key Provider ID

Responses

Response samples

200
default

Content type

application/json

{"providerId": "12abds-434223-dfss-432432",
"cacheEnabled": false,
"cacheTTLInSeconds": 300,
"type": "AZURE_KEYVAULT",
"azureKeyvaultSettings": {"keyvaultUrl": "https://example-vault.vault.azure.net/",
"tenantId": "a3b42c5a-5512-4379-bc27-4682acec459a",
"applicationId": "your-app-id",
"credentialOpts": {"credentialMode": "SERVICE_CLIENT_SECRET",
"secretCredentialOpts": {"clientId": "cfa45c7f-1212-7a59-ac45-aa82acec4364343",
"clientSecret": "your azure clientsecret as provided by Azure"
}
}
},
"accessRestrictions": {"subjectId": "subject1234",
"roleRestrictions": [{"name": "HR Department",
"permission": "READ"
}
],
"accessLevel": "TENANT"
}
}

Delete Key Provider

Authorizations:

openIdoauth2bearer

path Parameters

providerId

required

string

Example: 89fbae00-dbf4-41a3-91ed-15a3fa2b83d5

Key Provider ID

Responses

Response samples

default

Content type

application/json

{"timestamp": "2022-06-11T22:53:40.276+00:00",
"path": "/signatures/create",
"status": 500,
"error": "Internal Server Error",
"requestId": "38fd064b"
}

EzDocSeal

Eeasy Document Seals and signatures APIs

Sign a PDF creating a blue bar

Request Body schema:
application/json

Sign request

	object (SignData)
content	string <byte>
	object (ConfigKeyBinding) Provides the Key Provider ID to use. Used in payloads. This is not done through path parameters like a normal REST pattern to protect against ACCESS log statistics/insights

Responses

Request samples

Payload

Content type

application/json

{"signData": {"emailAddress": "example@example.com",
"name": "Bob Example",
"location": "Amsterdam",
"reason": "Approved"
},
"content": "<content byte>",
"binding": {"kid": "hr-cert",
"signatureConfigId": "1234....",
"keyProviderId": "a1b3c3...."
}
}