T1C signing

To perform T1C signatures via API using client-side signing, follow the steps mentioned below. These steps guide you through the required API calls and user interactions needed to complete the single document signing process on the client side.

1. The signatory is identified via the access token provided in the API call, which means is required before initiating the signing process. The access token must be issued directly to the signatory through API.

2. If modifications are needed before signing, the API should be called beforehand. Note that any mandatory input fields must be completed for the signing process to succeed.

3. To determine which Signing Servers should be displayed based on a signature field’s level of assurance, the signature application must call the API. This API provides details of all available signing servers along with their corresponding levels of assurance.

4. To run T1C, you must install the utility by downloading the setup using the API.

5. To access T1C APIs for signing, you first need to obtain a token by calling the API.

6. The T1C utility reads the card reader (USB token) and returns an array of encoded Base64 certificates along with the certificate ID. To display the certificate CN in the Signing Dialogue API endpoint is used to decode the certificate.

7. The signature application calls API to get D2S (data to be signed) and transaction ID.

8. The application prompts the user for a PIN and then sends the PIN along with the D2S in a signing request to the T1C Server. The T1C Server responds with raw signature bytes.

9. The raw signature bytes received from the T1C server are then sent to the API to complete the signing process.

10. After the signing process is complete, if the signatory is the final signer, the API must be invoked. Without this step, the document will remain in an "In Progress" state for the owner. Once the API is called, the status updates to "Completed."

11. Finally, after signing, the API can be used to retrieve the verification response.