3. Sign PDF Document

Step 1. Obtain Access Token:

The response URL obtained from the previous API call needs to be invoked in the browser to obtain the access token. The user needs to enter the qualified signing password during this step to obtain the access token.

Step 2. Invoking signing API

POST http://localhost:8080/v2/signature/sign

Signing API

Headers

Name	Value
Content-Type	multipart/form-data
X-SIGN-ACCESSTOKEN	89777718e027d33dd23f8e4f560128c6cc632336870b58fd8daed86c0727a76a

Name

Value

Content-Type

multipart/form-data

X-SIGN-ACCESSTOKEN

89777718e027d33dd23f8e4f560128c6cc632336870b58fd8daed86c0727a76a

Body

Name	Value
digestAlgorithm	SHA256
signIdentityId	ckqtokgre4o5mrk4bajtk413ui
txId	90ca005cfb4d4827b1247889166b72fe

Name

Value

digestAlgorithm

SHA256

signIdentityId

ckqtokgre4o5mrk4bajtk413ui

txId

90ca005cfb4d4827b1247889166b72fe

"PK - Signed files in .zip format"

Pass the access token as a part of header (X-SIGN-ACCESSTOKEN= Access Token) along with the signing identity and transaction id in the next API call as shown below.

Sample Curl Command

curl --location 'http://localhost:8080/v2/signature/sign' \
--header 'Content-Type: multipart/form-data' \
--header 'X-SIGN-ACCESSTOKEN: 89777718e027d33dd23f8e4f560128c6cc632336870b58fd8daed86c0727a76a' \
--form 'digestAlgorithm="SHA256"' \
--form 'signIdentityId="ckqtoskgre4o5mrk4bajtsk41r3ui"' \
--form 'txId="90ca005cfb4d4827b1247889166b72fe"'

List of attributes for request body:

txId

Transaction id for signing request.

Note: Transaction ID is valid for only 10 minutes and operation should end within the same period.

digestAlgorithm

Entity can use one of the digest algorithms from below according to their requirement:

SHA256

SHA384

SHA512

signIdentityId

User’s qualified certificate id