Integration Web Services

SOAP Gateway Endpoint

Transport Headers to invoke SOAP Service

POST https://stg-id.uaepass.ae/trusted-gw/SoapGateway

Headers

NameTypeDescription

TwsAuthN

string

urn:safelayer:tws:policies:authentication:oauth:clients

SOAPAction

string

Update

Content-Type

string

text/xml

Request

<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- wssecurity-secext-1.0.xsd" soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next" soapenv:mustUnderstand="1">
<wsse:UsernameToken>
<wsse:Username>XXXX</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- username-token-profile-1.0#PasswordText">XXXXX</wsse:Password><!-- 9QWtRunFT3-->
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<VerifyRequest Profile="urn:safelayer:tws:dss:1.0:profiles:nonrep:1.0" RequestID="b22c97c6117fc3386f81" xmlns="http://www.docs.oasis- open.org/dss/2004/06/oasis-dss-1.0-core-schema-wd-27.xsd">
<OptionalInputs>
<ReturnUpdatedSignature Type="urn:oasis:names:tc:dss:1.0:profiles:XAdES: forms:ES-A"/>
<css:PdfFieldLabel>SFLY Signature 0</css:PdfFieldLabel>
</OptionalInputs>
<InputDocuments>
<Document>
<Base64Data MimeType="application/pdf">XXX</Base64Data
</Document>
</InputDocuments>
</VerifyRequest>
</soapenv:Body>
</soapenv:Envelope>

Request Parameters

Username

client_id of the SP. To be shared by the respective onboarding team.

Mandatory

PasswordText

Client_secret of the SP. To be shared by the respective onboarding team.

Mandatory

RequestID

SP can pass the unique ID for tracking the request for one particular transaction.

Optional

Base64Data

Base64 encoded data of the document which is to be LTV signed.

Mandatory

Sample Request/Response (with sample data):

The integration team can try below request in any SOAP service testing tool (e.g. SOAPUI, PostMan etc.) by replacing the username password as provided by UAEPASS onboarding team.

POST stg-id.uaepass.ae/trusted-gw/SoapGateway

HTTP/1.1

Headers

NameTypeDescription

TwsAuthN

string

urn:safelayer:tws:policies:authentication:oauth: clientsSOAP

Action

string

Verify

Content-Type

string

text/xml

Request Sample

<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema- instance">
<soapenv:Header>
<wsse:Security soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next" soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>XXXXX</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username- token-profile-1.0#PasswordText">XXXXX</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
  <VerifyRequest Profile="urn:safelayer:tws:dss:1.0:profiles:pdf:1.0:verify" RequestID="ba3810598a90af56a7e8" xmlns="http://www.docs.oasis-open.org/dss/2004/06/oasis-dss-1.0- core-schema-wd-27.xsd">
    <OptionalInputs>
      <ns1:AddCertificateValues binary="true" xsi:type="ns1:AddCertificateValuesType" xmlns:ns1="http://www.safelayer.com/TWS"/>
      <ns2:AddSignatureForm/>
      <css:AddRevocationValues binary="true"/>
      <css:AddTimeStampValues binary="true"/>
    </OptionalInputs>
    <InputDocuments>
      <Document>
        <Base64Data MimeType="application/pdf">JVBERi0xLjUNCiW1tbW1DQoxIDAgb2JqDQo8PC9UeXBlL0NhdGFsb2cvUG FnZXMgMiAwIFIvTGFuZyhlbi1VUykgL1N0cnVjdFRyZWVSb290IDkgMCBSL01hcmtJbmZvPDwvTWFya2V kIHRydWU+Pj4+DQplbmRvYmoNCjIgMCBvYmoNCjw8L1R5cGUvUGFnZXMvQ291bnQgMS9LaWRzWyA zIDAgUl0gPj4NCmVuZG9iag0KMyAwIG9iag0KPDwvVHlwZS9QYWdlL1BhcmVudCAyIDAgUi9SZXNvdXJj ZXM8PC9YT2JqZWN0PDwvSW1hZ2U1IDUgMCBSPj4vRXh0R1N0YXRlPDwvR1M3IDcgMCBSPj4vUHJv
        Y1NldFsvUERGL1RleHQvSW1hZ2VCL0ltYWdlQy9JbWFnZUldID4+L01lZGlhQm94WyAwIDAgNjEyIDc5Ml 0gL0NvbnRlbnRzIDQgMCBSL0dyb3VwPDwvVHlwZS9Hcm91cC9TL1RyYW5zcGFyZW5jeS9DUy9EZXZp Y2VSR0I+Pi9UYWJzL1MvU3RydWN0UGFyZW50cyAwPj4NCmVuZG9iag0KNCAwIG9iag0KPDwvRmlsd GVyL0ZsYXRlRGVjb2RlL0xlbmd0aCAxMTM+Pg0Kc3RyZWFtDQp4nBWKsQqDMBRF9wfvH+7skLwXrDEgDk2KOAgVB2cRcdJS+//QeIcznHNh32gaO8Q+QdoWzxRhu8lj/zF9mcTIvaAOgirTB4drY5oLnEwqajQXgda
        mQsh3V8JnW2I9mGx/LPv2QPpgZMJriPgDPogXfg0KZW5kc3RyZWFtDQplbmRvYmoNCjUgMCBvYmoNC jw8L1R5cGUvWE9iamVjdC9TdWJ0eXBlL0ltYWdlL1dpZHRoIDIvSGVpZ2h0IDIvQ29sb3JTcGFjZVsvSW5k ZXhlZC9EZXZpY2VSR0IgMSA8MDAwMDAwRkZGRkZGPl0gL0JpdHNQZXJDb21wb25lbnQgMS9JbnRlcn BvbGF0ZSBmYWxzZS9TTWFzayA2IDAgUi9MZW5ndGggMj4+DQpzdHJlYW0NCgAADQplbmRzdHJlYW0 NCmVuZG9iag0KNiAwIG9iag0KPDwvVHlwZS9YT2JqZWN0L1N1YnR5cGUvSW1hZ2UvV2lkdGggODQyL 0hlaWdodCAxNTQvQ29sb3JTcGFjZS9EZXZpY2VHcmF5L0JpdHNQZXJDb21wb25lbnQgMS9GaWx0ZXIv RmxhdGVEZWNvZGUvTGVuZ3RoIDExOTU+Pg0Kc3RyZWFtDQp4nO3ZS47cNhAAUNI0wCVzgjAHMaAc K6tQgQ/io0RH0S5bZccFIbo+LKql1sz0jDWDfKph9Mglqp6+JEttzAd9ho+CVFJJJZVUUkkllVRSSSWVVFJJ pX+JZOdXb+qmN0nx9dKg0jBU/CwshVHi7mX5h6TYN/bL+0rDLPGQ31dKi8RjUekfJUFHtBp5nj5Oetd7bye 96/O0k077iC24X/GolM+k00/aSVvDByWvkkr/Q8kXnlhVTrz0vokkWsYvkUJBaVioxUSzuC/GjbA6YIx6M8p5L 1UgYONQaQ00d3WlNBX+WlzGQKyVdwX+Tq2JrwV3wBWTvtZCTWGrkXN6aDjvpL9wS5BgFGlSwAhJBZ LBlhhACdc7kiKx8C3St1oDxiymp5y+cppNIhqkxCtAgtAiUmx5F5E4wUD7i5s0CaJ/ouRxW8p5Ki0oVc4P0oB EkyglBkSKlIAb4wndJFoBB5Y556mUQbLttIKUKl0ykhKmxIBIOFRT44xn6iDNmK5wzhNpGlBydUzt7NU59r MHy5kCIiW48tB4GorBTeQ6VTjAMcHhZ79yznup4I0J0mqCSKNb2l1u4R4qHGh3OV1UV+FmN5AziAQHXv BhSLOFu2TFnHd3+WIg1zDBlxtJgqZmbhL4rnBApLE1XhH7JNKET1jEvTS15TzpI1iCeJMg/ItIBVpxgCVUhy ngReKHtEkjHhBKuBnnPJGcSKZLpkleJOkjcBmkBSW6ml2iTsKK5F4tQXQnOZFM5chBwtVvlupOKijhMu36 qTS9IJUu1U2inecAS/5Goj59L/UdeUZyVSTDj8EmcaBJ+QJp6tJylJaDhMYPSKVLtUvYM1QOHCX4Hu8kT7 3f85Jtww/1e/NeokCb7C6blN4mGe7KuS8ve4kC10mJ8/P4tJcocJ0U+5jrWyfcJQpcJ3m+UNTR8IXqEg/Zl0m mj+5wXRaR+N7AwGMSZX9JijLmwuHlvYSBCyUr8wgcWPcSBi6UuKwmKR6leK0Uu+SPkt9LuDyMb5doD CXJrU2i/3GgSTc9LM1w7vu9ByTfJXuUrEgP9OXXSsv1Uj6VeDAZ5ntpfVn6tEnjJvGtMd5Ipc2NzqU+PD83P o1dmkWaKPFPHKA7U2YsuUUsfh2kzyKVc8lPrdJaLG1rqPbDxL9xgC8ZTgJSm1nCPNqjFDYJZ5Y/t5zuKS nL8wRh3p1h/gxTb5s5ELLFCwaB2mbL8C+OONW+lWbzu0ir+fVMCjC0ziTBjCLSKR6WL7bOoXAglEDSHK QCgE3qGFZbb6SUnVRvrvKPBUcp9qrGV65qoMstWCIVDngev+pW1VA1gV830lB7nWiPtUY/Jhk1XKvZQF qp2OVAG7/SVqk5Kf1upLjVVDLM3c+N+kjYjg7Ozor7mDngeD1ValyqUqXm9lLAMpxzmickU7li5zMw0rPDJf vMgTZ5gkCcWkWdqLivf99IvvJQhlJ6Qor9LYFnE5JkPBLTAmllPkecChRSM+b740YybcqBUuQdvvuly8okeX v/i501veKgAD+67QUJNba4fHhxG7Y3xu3R/S//eqeSSiqppJJKKqmkkkoqqaSSSiqppJJKKl0mfQfGpmwvDQ plbmRzdHJlYW0NCmVuZG9iag0KNyAwIG9iag0KPDwvVHlwZS9FeHRHU3RhdGUvQk0vTm9ybWFsL2Nh IDE+Pg0KZW5kb2JqDQo4IDAgb2JqDQo8PC9BdXRob3IoTW9oYW1tYWQgWXVzdWYgS2hhbikgL0NyZ WF0b3Io/v8ATQBpAGMAcgBvAHMAbwBmAHQArgAgAFcAbwByAGQAIAAyADAAMQA2KSAvQ3JlYXRp b25EYXRlKEQ6MjAxODEwMTMwMzE3NDArMDQnMDAnKSAvTW9kRGF0ZShEOjIwMTgxMDEzMDMxN zQwKzA0JzAwJykgL1Byb2R1Y2VyKP7/AE0AaQBjAHIAbwBzAG8AZgB0AK4AIABXAG8AcgBkACAAMgA
        wADEANikgPj4NCmVuZG9iag0KMTYgMCBvYmoNCjw8L1R5cGUvT2JqU3RtL04gOC9GaXJzdCA1Mi9Ga Wx0ZXIvRmxhdGVEZWNvZGUvTGVuZ3RoIDM0Mz4+DQpzdHJlYW0NCniclZJda8IwFIbvB/6Hc7ldpamrsy CCTGVDFGkLuxAvYnvWFttE0hT03y+nH7MwbwYlPV/vk5yT8FdwgL/B1Ac+Bu5NgLvgch98cCdT4A6MPZ vi4PmeTcOET2E2Y3uqdiBgIQsvQrLodkEWGl3HZlVgyRaxqUUR4dU8R1legf0MVgYSFdclSvMCbHMA5wh sn0JDms9HT/8DQwN5iHA7xP6P3u7KqeWAmra/R3K/VwttHgLGrbITDCoijRgoZVigCtyKC82PWJZkm6Ysj ZIihHH7A/xmd7avDd6Ad+i1ZUllkO1oWcnk7tAITurKQowN+0CRoG5t0vT2pyxyiWEm6IQUWEhLECZXsvO 1yb+FNRrvS+nzSakzW3bX1ESqDNG0w9iKWKuB/57ZdeAvc1GodBAIizzBQW27jy1LtSjZOk9rjV2vu7qsDv QYvft0+8s6wujpBwpmzsUNCmVuZHN0cmVhbQ0KZW5kb2JqDQoxOCAwIG9iag0KPDwvVHlwZS9YUmV mL1NpemUgMTgvV1sgMSA0IDJdIC9Sb290IDEgMCBSL0luZm8gOCAwIFIvSURbPDdDQTMxNTQxMDkw OTQ0NDY4QjQ3NjA5ODc1RTJBRjU2Pjw3Q0EzMTU0MTA5MDk0NDQ2OEI0NzYwOTg3NUUyQUY1Nj5d
        IC9GaWx0ZwMDA1NDAyNSAwMDAwMCBuIAowMDAwMDU0MDk5IDAwMDAwIG4gCjAwMDAwNTQyNzcgM DAwMDAgbiAKMDAwMDA3OTIxNSAwMDAwMCBuIAowMDAwMDU0MTQ2IDAwMDAwIG4gCjAwMDAw
        NzkwMzkgMDAwMDAgbiAKMDAwMDA3OTEzOCAwMDAwMCBuIAp0cmFpbGVyCjw8L1NpemUgNDkvU m9vdCAxIDAgUi9JbmZvIDggMCBSL0lEIFs8N2NhMzE1NDEwOTA5NDQ0NjhiNDc2MDk4NzVlMmFmNTY
        +PGEwN2RjZTMxM2RmMjc4YmJhZmE4NDEzODUzOWU5NTcwPl0vUHJldiAzMzc3NT4+CiVpVGV4dC0 1LjUuMTIKc3RhcnR4cmVmCjgwMjQwCiUlRU9GCg==
        </Base64Data>
      </Document>
    </InputDocuments>
  </VerifyRequest>
</soapenv:Body>
</soapenv:Envelope>

Response Sample

<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Body>
<dss:SignResponse xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmln
s:css="http://www.safelayer.com/TWS" xmlns:dss="http://www.docs.oasis-open.org
/dss/2004/06/oasis-dss-1.0-core-schema-wd-27.xsd" xmlns:xades="http://uri.etsi
.org/01903/v1.2.2#" Profile="urn:safelayer:tws:dss:1.0:profiles:pades:1.0:sign "
RequestID="b22c97c6117fc3386f81" >
<dss:Result>
<dss:ResultMajor>urn:oasis:names:tc:dss:1.0:resultmajor:Succes
s</dss:ResultMajor>
</dss:Result>
<dss:OptionalOutputs>
<dss:DocumentWithSignature>
<dss:XMLData>
<dss:Base64Data MimeType="application/pdf">JVBERi0xLjU
NCiW1tbW1DQoxIDAgb2JqDQo8PC9UeXBlL0NhdGFsb2cvUGFnZXMgMiAwIFIvTGFuZyhlbi1VUykgL 
1N0cnVjdFRyZWVSb290IDkgMCBSL01hcmtJbmZvPDwvTWFya2VkIHRydWU+Pj4+DQplbmRvYmoNCjI 
gMCBvYmoNCjw8L1R5cGUvUGFnZXMvQ291bnQgMS9LaWRzWyAzIDAgUl0gPj4NCmVuZG9iag0KMyAwI 
G9iag0KPDwvVHlwZS9QYWdlL1BhcmVudCAyIDAgUi9SZXNvdXJjZXM8PC9YT2JqZWN0PDwvSW1hZ2U 
1IDUgMCBSPj4vRXh0R1N0YXRlPDwvR1M3IDcgMCBSPj4vUHJvY1NldFsvUERGL1RleHQvSW1hZ2VCL
0ltYWdlQy9JbWFnZUldID4+L01lZGlhQm94WyAwIDAgNjEyIDc5Ml0gL0NvbnRlbnRzIDQgMCBSL0d 
yb3VwPDwvVHlwZS9Hcm91cC9TL1RyYW5zcGFyZW5jeS9DUy9EZXZpY2VSR0I+Pi9UYWJzL1MvU3Ryd
JUVPRgo=</dss:Base64Data>
                    </dss:XMLData>
                </dss:DocumentWithSignature>
                <css:NumberPdfSignatures>2</css:NumberPdfSignatures>
            </dss:OptionalOutputs>
        </dss:VerifyResponse>
    </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

Error Codes

Code

Description

urn:oasis:names:tc:dss:1.0: resultminor:NotAuthorized

The requester or the requested party is not authorized to perform this operation.

urn:oasis:names:tc:dss:1.0: resultminor:NotSupported

The server does not recognize or support some aspect of the request.

urn:safelayer:dss:1.0: resultminor:PolicyViolation

The server cannot process the request owing to a service policy violation.

urn:safelayer:dss:1.0:resultminor:SignerCertificateNotFound

Signer's certificate not found in the signature or in the verification request.

urn:oasis:names:tc: dss:1.0:resultminor:NotSupported

The server cannot process the content of a valid element in the request owing to an unexpected error. The dss:ResultMessage element can include lower level information on the reasons for the error.

urn:safelayer:dss:1.0: resultminor:SigningError

The input data and parameters are correct, but the server cannot generate the signature requested owing to an unexpected error. The dss:ResultMessage element can include lower level information on the reasons for the error.

urn:oasis:names:tc:dss:1.0:resultminor: ValidSignature_OnAllDocuments

The signature or timestamp is valid and includes all the input documents indicated in the request.

urn:oasis:names:tc:dss:1.0:resultminor: ValidSignature_NotAllDocuments

There are multiple signatures or timestamps but not all are valid.

urn:oasis:names:tc:dss:1.0:resultminor: IncorrectSignature

The signature cannot be verified (the

that comes with this result indicates the causes of the error)

urn:safelayer:dss:1.0: resultminor: IncorrectKeySelected

Signature not generated owing to the selection of an invalid key.

urn:safelayer:dss:1.0: resultminor: IncorrectAlgorithmIdentifier

The selected signature algorithm is not supported.

urn:safelayer:dss:1.0: resultminor: IncorrectFormatInData

Incorrect input data.

urn:safelayer:tws:dss:1.0: profiles:resultminor: UntrustedKey:CA

The signed message has not been modified but the signature key is not trusted (because the certification chain could not be built or because the CA certificate is not trusted).

urn:safelayer:tws:dss:1.0: profiles:resultminor: UntrustedKey:Validity

The signed message has not been modified and the certification chain is trusted. However, the signature key is not trusted because the certificate has expired and it cannot be verified that the signature was generated when the certificate was valid.

urn:safelayer:tws:dss:1.0: profiles:resultminor: UntrustedKey:Status

The signed message has not been edited, the certification chain is trusted and the signature was generated with a valid certificate. However, the server could not verify that the signature key was valid. Either because the status information indicates that the signature was invalid or because the status information could not be queried. The

element of the XML message contains further information on the certificate's status.

urn:safelayer:tws:dss:1.0: profiles:resultminor: IncorrectArchiveSignature

The archive signature cannot be verified (the

element indicates the causes of the error).

urn:safelayer:tws:dss:1.0:profiles:resultminor:UntrustedKey:GoodWit hNoInfo

The signed message has not been edited, and the signature key is trusted. However, the status of all the certificates in the certification chain cannot be determined owing to a lack of revocation information in the long-term signature.

Last updated