eID Easy signing

PreviousCSC signing NextBulk document signing

Last updated 13 days ago

Was this helpful?

eID Easy signing

To perform eID Easy signatures via API using server-side signing, follow the steps mentioned below. These steps outline the necessary API calls and conditions to successfully complete a single document signing operation through the server.

The signatory is identified via the access token provided in the API call, which means is required before initiating the signing process. The access token must be issued directly to the signatory through API.
If modifications are needed before signing, the API should be called beforehand. Note that any mandatory input fields must be completed for the signing process to succeed.
To determine which Signing Servers should be displayed based on a signature field’s level of assurance, the signature application must call the API. This API provides details of all available signing servers along with their corresponding levels of assurance.
Prepare the document for signing using the API. In this step, the initial data, including the document, signature details, and document hash, is uploaded to the eID Easy server at the configured connector address. In response, the server returns a unique document ID along with the available signing methods, which will be used in subsequent API calls.
The signing methods retrieved from the API response will be used in the eID Easy widget to display the available signing servers. The user selects a signing method and completes the signing process on the widget window. Once the signing is completed, the eID Easy server sends a response on which will receive the certificate details and the system will respond with the data to be signed in Hex Decimal format.
- The webhook is configured in the eID Easy admin panel under the Custom CAdES Digest Webhook field.
After receiving the webhook response, the eID Easy server triggers a success callback. At this stage, the API is invoked to retrieve the PKCS7 signature value and perform the signature assembly process, finalizing the signing operation.
After the signing process is complete, if the signatory is the final signer, the API must be invoked. Without this step, the document will remain in an "In Progress" state for the owner. Once the API is called, the status updates to "Completed."
Finally, after signing, the API can be used to retrieve the verification response.

PreviousCSC signing NextBulk document signing

Last updated 13 days ago

Was this helpful?

The signatory is identified via the access token provided in the API call, which means is required before initiating the signing process. The access token must be issued directly to the signatory through API.
If modifications are needed before signing, the API should be called beforehand. Note that any mandatory input fields must be completed for the signing process to succeed.
To determine which Signing Servers should be displayed based on a signature field’s level of assurance, the signature application must call the API. This API provides details of all available signing servers along with their corresponding levels of assurance.
Prepare the document for signing using the API. In this step, the initial data, including the document, signature details, and document hash, is uploaded to the eID Easy server at the configured connector address. In response, the server returns a unique document ID along with the available signing methods, which will be used in subsequent API calls.
The signing methods retrieved from the API response will be used in the eID Easy widget to display the available signing servers. The user selects a signing method and completes the signing process on the widget window. Once the signing is completed, the eID Easy server sends a response on which will receive the certificate details and the system will respond with the data to be signed in Hex Decimal format.
- The webhook is configured in the eID Easy admin panel under the Custom CAdES Digest Webhook field.
After receiving the webhook response, the eID Easy server triggers a success callback. At this stage, the API is invoked to retrieve the PKCS7 signature value and perform the signature assembly process, finalizing the signing operation.
After the signing process is complete, if the signatory is the final signer, the API must be invoked. Without this step, the document will remain in an "In Progress" state for the owner. Once the API is called, the status updates to "Completed."
Finally, after signing, the API can be used to retrieve the verification response.