# 3. Sign PDF Document

**Step 1. Obtain Access Token:**

The response URL obtained from the previous API call needs to be invoked in the browser to obtain the access token. The user needs to enter the qualified signing password during this step to obtain the access token.

<figure><img src="/files/hxgvb45y6HbobdACMHmJ" alt=""><figcaption><p><mark style="color:green;">Sample response for obtaining access token</mark></p></figcaption></figure>

**Step 2. Invoking signing API**

<mark style="color:orange;">**`POST`**</mark> <mark style="color:orange;">**`http://localhost:8080/v2/signature/sign`**</mark>

Signing  API

#### Headers

| Name               | Value                                                            |
| ------------------ | ---------------------------------------------------------------- |
| Content-Type       | multipart/form-data                                              |
| X-SIGN-ACCESSTOKEN | 89777718e027d33dd23f8e4f560128c6cc632336870b58fd8daed86c0727a76a |

#### Body

| Name            | Value                            |
| --------------- | -------------------------------- |
| digestAlgorithm | SHA256                           |
| signIdentityId  | ckqtokgre4o5mrk4bajtk413ui       |
| txId            | 90ca005cfb4d4827b1247889166b72fe |

{% tabs %}
{% tab title="200: OK " %}
"<mark style="color:blue;">PK - Signed files in .zip format</mark>"
{% endtab %}

{% tab title="400: Bad Request " %}
" <mark style="color:blue;">Invalid request</mark>"
{% endtab %}
{% endtabs %}

Pass the access token as a part of header (X-SIGN-ACCESSTOKEN= Access Token) along with the signing identity and transaction id in the next API call as shown below.

<figure><img src="/files/ZKefY8b1XvnElYaqAqdR" alt=""><figcaption><p><mark style="color:green;">Sample postman request</mark></p></figcaption></figure>

**Sample Curl Command**

```
curl --location 'http://localhost:8080/v2/signature/sign' \
--header 'Content-Type: multipart/form-data' \
--header 'X-SIGN-ACCESSTOKEN: 89777718e027d33dd23f8e4f560128c6cc632336870b58fd8daed86c0727a76a' \
--form 'digestAlgorithm="SHA256"' \
--form 'signIdentityId="ckqtoskgre4o5mrk4bajtsk41r3ui"' \
--form 'txId="90ca005cfb4d4827b1247889166b72fe"'
```

**List of attributes for request body:**

| txId            | <p>Transaction id for signing request.</p><p><strong>Note</strong>: Transaction ID is valid for only 10 minutes and operation should end within the same period.</p> |
| --------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| digestAlgorithm | <p>Entity can use one of the digest algorithms from below according to their requirement:</p><p>SHA256</p><p>SHA384</p><p>SHA512</p>                                 |
| signIdentityId  | User’s qualified certificate id                                                                                                                                      |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.uaepass.ae/feature-guides/signature-integration-guide/hash-signing/hash-signing-single-document/hash-signing-docker-container-set-up/hash-signing-process/3.-sign-pdf-document.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.