Table of Contents
π Authorization
You'll need your API key. If you don't have it, please contact support@ondato.com.
Remember to include an x-api-key header in every request.
Think of your API key as a password:
Securely store it.
Refrain from sharing it with anyone outside of your organization.
Avoid placing it in the source code.
βοΈ Environments
Environment | Swagger URL | Base URL |
|---|---|---|
Sandbox |
| |
Production |
|
π· Smart-ID
Smart-ID is a universal, app-based strong authentication and digital signing solution.
ποΈ Smart-ID levels
Smart-ID service is being offered on two levels:
Smart-ID Basic
User’s identity has been verified by a third party authentication and the identity details has been verified by national population registry;
Smart-ID
User’s identity has been verified by strong authentication, which is based on the government issued eID (ID-card, Mobile-ID) during the on-line registration or the government issued physical ID document has been verified by two RA employees during the on-site registration.
Test and production accounts have no access to Smart-ID Basic accounts.
Learn more from the Smart-ID documentation.
π§ͺ Test accounts for automated testing
Country | National identity number | Certificate level | Response description |
|---|---|---|---|
EE | πͺπͺ | 30303039914 | QUALIFIED | Successful signing and identification |
LV | π±π» | 030303-10012 | QUALIFIED | Successful signing and identification |
LT | π±πΉ | 30303039914 | QUALIFIED | Successful signing and identification |
EE | πͺπͺ | 30403039917 | QUALIFIED | User cancelled session |
LV | π±π» | 030403-10016 | QUALIFIED | User cancelled session |
LT | π±πΉ | 30403039917 | QUALIFIED | User cancelled session |
EE | πͺπͺ | 30403039983 | QUALIFIED | User does not react |
LV | π±π» | 030403-10083 | QUALIFIED | User does not react |
LT | π±πΉ | 30403039983 | QUALIFIED | User does not react |
π Endpoints
POST Create Authentication Session
https://sandbox-esignature.ondato.com/smart-id/authentication
This method is the main entry point to authentication logic.
π― Request parameters
Parameter | Required or Optional? | Description |
|---|---|---|
country | Required | Country code here conforms to ISO 3166-1 alpha-2 code and as such must be in upper case ("LT", "LV", "EE"). |
nationalIdentityNumber | Required | National identification number |
certificateLevel | Required | Level of certificate requested "QUALIFIED". |
displayText | Optional | Text to display for authentication consent dialog on the mobile device. Limited to 60 characters or 128 bytes in UTF-8 encoding, whichever is reached first. |
π₯« Response structure
Parameter | Required or Optional? | Description |
|---|---|---|
sessionId | Required | A string that can be used to request operation result. |
verificationCode | Required | Verification code is needed, so that user can bind together the session on the browser and the authentication request on the Smart-ID app. |
ποΈ Example
GET Get Authentication Session Status
https://sandbox-esignature.ondato.com/smart-id/authentication/{sessionId}
This method can be used to retrieve session result from Smart-ID backend.
This is a long poll method, meaning it might not return until a timeout expires.
βοΈ Preconditions
Session is present in the system, and the request is either running or has been completed less than 5 minutes ago. Timeout period is 120 seconds.
π₯« Response structure
Parameter | Required or Optional? | Description |
|---|---|---|
countryCode | Required | Country code |
nationalIdentityNumber | Required | National identification number |
name | Required | Person name |
surname | Required | Person surname |
ποΈ Example
POST Create Signature Session
https://sandbox-esignature.ondato.com/smart-id/document-signature
This method is the main entry point to signing logic.
π― Request parameters
Parameter | Required or Optional? | Description |
|---|---|---|
countryCode | Required | Country code here conforms to ISO 3166-1 alpha-2 code and as such must be in upper case ("LT", "LV", "EE"). |
nationalIdentityNumber | Required | National identification number |
displayText | Optional | Text to display for authentication consent dialog on the mobile device. Limited to 60 characters or 128 bytes in UTF-8 encoding, whichever is reached first. |
file | Required | Data to sign |
π₯« Response parameters
Parameter | Required or Optional? | Description |
|---|---|---|
sessionId | Required | A string that can be used to request operation result. |
verificationCode | Required | Verification code is needed, so that user can bind together the session on the browser and the authentication request on the Smart-ID app. |
ποΈ Example
GET Get Signed Document
https://sandbox-esignature.ondato.com/smart-id/document-signature/{sessionId}
This method can be used to retrieve session result from Smart-ID backend.
This is a long poll method, meaning it might not return until a timeout expires. Caller can tune the request parameters inside the bounds set by service operator.
βοΈ Preconditions
Session is present in the system, and the request is either running or has been completed less than 5 minutes ago.
ποΈ Example
πΆ Mobile-ID
Mobile-ID is a SIM card based digital signature solution (and requires a special Mobile-ID SIM card which your mobile operator will provide). It is recognised by governments and it grants access to online services in a similar manner to an ID card.
Learn more from the Mobile-ID documentation.
π§ͺ Test accounts for automated testing
Country | Phone number | National identity number | Response description |
|---|---|---|---|
EE | πͺπͺ | +37268000769 | 60001017869 | Successful signing and identification |
LT | π±πΉ | +37060000666 | 50001018865 | Successful signing and identification |
EE | πͺπͺ | +37200000266 | 60001019939 | User has no active certificates |
LT | π±πΉ | +37060000266 | 50001018832 | User has no active certificates |
EE | πͺπͺ | +37207110066 | 60001019947 | Sending authentication request to phone failed |
LT | π±πΉ | +37067110066 | 50001018843 | Sending authentication request to phone failed |
EE | πͺπͺ | +37201100266 | 60001019950 | User cancelled authentication |
LT | π±πΉ | +37061100266 | 50001018854 | User cancelled authentication |
EE | πͺπͺ | +37201200266 | 60001019972 | SIM application error |
LT | π±πΉ | +37061200266 | 50001018876 | SIM application error |
EE | πͺπͺ | +37213100266 | 60001019983 | Phone is not in coverage area |
LT | π±πΉ | +37063100266 | 50001018887 | Phone is not in coverage area |
EE | πͺπͺ | +37266000266 | 50001018908 | User does not react |
LT | π±πΉ | +37066000266 | 50001018908 | User does not react |
π Endpoints
POST Create Authentication Session
https://sandbox-esignature.ondato.com/mobile-id/authentication
This method is the main entry point to authentication logic.
π― Request parameters
Parameter | Required or Optional? | Description |
|---|---|---|
phoneNumber | Required | Phone number of the signer with the country code in the format of +xxxxxxxxx |
nationalIdentityNumber | Required | National identification number |
language | Required | Language for user dialog in mobile phone. 3-letters capitalized acronyms are used. Possible values: EST, ENG, RUS, LIT. NB! If you use language="LIT" to send to Estonian number (+372...) or you use language="EST" to send to Lithuanian number (+370...) then internally language is replaced with "ENG". |
displayText | Optional | Text to display for authentication consent dialog on the mobile device. Limited to 40 characters including up to 5 characters from extension table ( €[]^|{}\ ). |
π₯« Response parameters
Parameter | Required or Optional? | Description |
|---|---|---|
sessionId | Required | A string that can be used to request operation result. |
verificationCode | Required | Verification code is needed, so that user can bind together the session on the browser and the authentication request on mobile device. |
ποΈ Example
GET Get Authentication Session Status
https://sandbox-esignature.ondato.com/mobile-id/authentication/{sessionId}
π₯« Response parameters
Parameter | Required or Optional? | Description |
|---|---|---|
countryCode | Required | Country code |
nationalIdentityNumber | Required | National identification number |
name | Required | Person name |
surname | Required | Person surname |
ποΈ Example
POST Create Signature Session
https://sandbox-esignature.ondato.com/mobile-id/document-signature
This method is the main entry point to signing logic.
π― Request parameters
Parameter | Required or Optional? | Description |
|---|---|---|
phoneNumber | Required | Phone number of the signer with the country code in the format of +xxxxxxxxx |
nationalIdentityNumber | Required | National identification number |
language | Required | Language for user dialog in mobile phone. 3-letters capitalized acronyms are used. Possible values: EST, ENG, RUS, LIT. NB! If you use language="LIT" to send to Estonian number (+372...) or you use language="EST" to send to Lithuanian number (+370...) then internally language is replaced with "ENG". |
displayText | Optional | Text to display for authentication consent dialog on the mobile device. Limited to 60 characters or 128 bytes in UTF-8 encoding, whichever is reached first. |
file | Required | File to sign |
π₯« Response parameters
Parameter | Required or Optional? | Description |
|---|---|---|
sessionId | Required | A string that can be used to request operation result. |
verificationCode | Required | Verification code is needed, so that user can bind together the session on the browser and the authentication request on mobile device. |
ποΈ Example
GET Get Signed Document
https://sandbox-esignature.ondato.com/mobile-id/document-signature/{sessionId}
This method can be used to retrieve session result from Mobile-ID backend.
This is a long poll method, meaning it might not return until a timeout expires. Caller can tune the request parameters inside the bounds set by service operator.
βοΈ Preconditions
Session is present in the system, and the request is either running or has been completed less than 5 minutes ago.
Add Comment