E-Signature API
- Gediminas Letulis
- Tomas Gecevicius
- Priit Aavik
Table of Contents
- 1 Authorization
- 2 Environments
- 2.1 Smart-ID
- 2.1.1 Smart-ID levels
- 2.1.2 Test accounts for automated testing
- 2.1.3 Endpoints
- 2.1.3.1 post Create Authentication Session
- 2.1.3.1.1 Request parameters
- 2.1.3.1.2 Response structure
- 2.1.3.1.3 Example
- 2.1.3.2 get Get Authentication Session Status
- 2.1.3.2.1 Preconditions
- 2.1.3.2.2 Response structure
- 2.1.3.2.3 Example
- 2.1.3.3 post Create Signature Session
- 2.1.3.3.1 Request parameters
- 2.1.3.3.2 Response parameters
- 2.1.3.3.3 Example
- 2.1.3.4 get Get Signed Document
- 2.1.3.4.1 Preconditions
- 2.1.3.4.2 Example
- 2.1.3.1 post Create Authentication Session
- 2.2 Mobile-ID
- 2.2.1 Test accounts for automated testing
- 2.2.2 Endpoints
- 2.2.2.1 post Create Authentication Session
- 2.2.2.1.1 Request parameters
- 2.2.2.1.2 Response parameters
- 2.2.2.1.3 Example
- 2.2.2.2 get Get Authentication Session Status
- 2.2.2.2.1 Response parameters
- 2.2.2.2.2 Example
- 2.2.2.3 post Create Signature Session
- 2.2.2.3.1 Request parameters
- 2.2.2.3.2 Response parameters
- 2.2.2.3.3 Example
- 2.2.2.4 get Get Signed Document
- 2.2.2.4.1 Preconditions
- 2.2.2.4.2 Example
- 2.2.2.1 post Create Authentication Session
- 2.1 Smart-ID
Authorization
You'll need your API key. If you don't have it, please contact support@ondato.com.
Remember to include an x-api-key header in every request.
Think of your API key as a password:
Securely store it.
Refrain from sharing it with anyone outside of your organization.
Avoid placing it in the source code.
Environments
Environment | Swagger URL | Base URL |
|---|---|---|
Sandbox |
| |
Production |
|
Smart-ID
Smart-ID is a universal, app-based strong authentication and digital signing solution.
Smart-ID levels
Smart-ID service is being offered on two levels:
Smart-ID Basic
User’s identity has been verified by a third party authentication and the identity details has been verified by national population registry;
Smart-ID
User’s identity has been verified by strong authentication, which is based on the government issued eID (ID-card, Mobile-ID) during the on-line registration or the government issued physical ID document has been verified by two RA employees during the on-site registration.
Test and production accounts have no access to Smart-ID Basic accounts.
Test accounts for automated testing
Country | National identity number | Certificate level | Response description |
|---|---|---|---|
EE | | 30303039914 | QUALIFIED | OK |
LV | | 030303-10012 | QUALIFIED | OK |
LT | | 30303039914 | QUALIFIED | OK |
EE | | 30403039917 | QUALIFIED | USER_REFUSED |
LV | | 030403-10016 | QUALIFIED | USER_REFUSED |
LT | | 30403039917 | QUALIFIED | USER_REFUSED |
EE | | 30403039983 | QUALIFIED | TIMEOUT |
LV | | 030403-10083 | QUALIFIED | TIMEOUT |
LT | | 30403039983 | QUALIFIED | TIMEOUT |
Endpoints
post Create Authentication Session
https://sandbox-esignature.ondato.com/smart-id/authentication
Request parameters
Parameter | Required or Optional? | Description |
|---|---|---|
country | Required | Country code here conforms to ISO 3166-1 alpha-2 code and as such must be in upper case ("LT", "LV", "EE"). |
nationalIdentityNumber | Required | National identification number |
certificateLevel | Required | Level of certificate requested "QUALIFIED". |
displayText | Optional | Text to display for authentication consent dialog on the mobile device. Limited to 60 characters or 128 bytes in UTF-8 encoding, whichever is reached first. |
Response structure
Parameter | Required or Optional? | Description |
|---|---|---|
sessionId | Required | A string that can be used to request operation result. |
verificationCode | Required | Verification code is needed, so that user can bind together the session on the browser and the authentication request on the Smart-ID app. |
Example
get Get Authentication Session Status
https://sandbox-esignature.ondato.com/smart-id/authentication/{sessionId}
Preconditions
Session is present in the system, and the request is either running or has been completed less than 5 minutes ago. Timeout period is 120 seconds.
Response structure
Parameter | Required or Optional? | Description |
|---|---|---|
countryCode | Required | Country code |
nationalIdentityNumber | Required | National identification number |
name | Required | Person name |
surname | Required | Person surname |
Example
post Create Signature Session
https://sandbox-esignature.ondato.com/smart-id/document-signature
Request parameters
Parameter | Required or Optional? | Description |
|---|---|---|
countryCode | Required | Country code here conforms to ISO 3166-1 alpha-2 code and as such must be in upper case ("LT", "LV", "EE"). |
nationalIdentityNumber | Required | National identification number |
displayText | Optional | Text to display for authentication consent dialog on the mobile device. Limited to 60 characters or 128 bytes in UTF-8 encoding, whichever is reached first. |
file | Required | Data to sign |
Response parameters
Parameter | Required or Optional? | Description |
|---|---|---|
sessionId | Required | A string that can be used to request operation result. |
verificationCode | Required | Verification code is needed, so that user can bind together the session on the browser and the authentication request on the Smart-ID app. |
Example
get Get Signed Document
https://sandbox-esignature.ondato.com/smart-id/document-signature/{sessionId}
Preconditions
Session is present in the system, and the request is either running or has been completed less than 5 minutes ago.
Example
Mobile-ID
Mobile-ID is a SIM card based digital signature solution (and requires a special Mobile-ID SIM card which your mobile operator will provide). It is recognised by governments and it grants access to online services in a similar manner to an ID card.
Test accounts for automated testing
Country | Phone number | National identity number | Response description |
|---|---|---|---|
EE | | +37200000766 | 60001019906 | Successful signing and identification |
LT | | +37060000666 | 50001018865 | Successful signing and identification |
EE | | +37200000266 | 60001019939 | Mobile-ID user has no active certificates |
LT | | +37060000266 | 50001018832 | Mobile-ID user has no active certificates |
EE | | +37207110066 | 60001019947 | Sending authentication request to phone failed |
LT | | +37067110066 | 50001018843 | Sending authentication request to phone failed |
EE | | +37201100266 | 60001019950 | User cancelled authentication |
LT | | +37061100266 | 50001018854 | User cancelled authentication |
EE | | +37200000666 | 60001019961 | Created signature is not valid |
LT | | +37060000766 | 50001018800 | Created signature is not valid |
EE | | +37201200266 | 60001019972 | SIM application error |
LT | | +37061200266 | 50001018876 | SIM application error |
EE | | +37213100266 | 60001019983 | Phone is not in coverage area |
LT | | +37063100266 | 50001018887 | Phone is not in coverage area |
LT | | +37066000266 | 50001018908 | User does not react |
Endpoints
post Create Authentication Session
https://sandbox-esignature.ondato.com/mobile-id/authentication
Request parameters
Parameter | Required or Optional? | Description |
|---|---|---|
phoneNumber | Required | Phone number of the signer with the country code in the format of +xxxxxxxxx |
nationalIdentityNumber | Required | National identification number |
language | Required | Language for user dialog in mobile phone. 3-letters capitalized acronyms are used. Possible values: EST, ENG, RUS, LIT. NB! If you use language="LIT" to send to Estonian number (+372...) or you use language="EST" to send to Lithuanian number (+370...) then internally language is replaced with "ENG". |
displayText | Optional | Text to display for authentication consent dialog on the mobile device. Limited to 40 characters including up to 5 characters from extension table ( €[]^|{}\ ). |
Response parameters
Parameter | Required or Optional? | Description |
|---|---|---|
sessionId | Required | A string that can be used to request operation result. |
verificationCode | Required | Verification code is needed, so that user can bind together the session on the browser and the authentication request on mobile device. |
Example
get Get Authentication Session Status
https://sandbox-esignature.ondato.com/mobile-id/authentication/{sessionId}
Response parameters
Parameter | Required or Optional? | Description |
|---|---|---|
countryCode | Required | Country code |
nationalIdentityNumber | Required | National identification number |
name | Required | Person name |
surname | Required | Person surname |
Example
post Create Signature Session
https://sandbox-esignature.ondato.com/mobile-id/document-signature
Request parameters
Parameter | Required or Optional? | Description |
|---|---|---|
phoneNumber | Required | Phone number of the signer with the country code in the format of +xxxxxxxxx |
nationalIdentityNumber | Required | National identification number |
language | Required | Language for user dialog in mobile phone. 3-letters capitalized acronyms are used. Possible values: EST, ENG, RUS, LIT. NB! If you use language="LIT" to send to Estonian number (+372...) or you use language="EST" to send to Lithuanian number (+370...) then internally language is replaced with "ENG". |
displayText | Optional | Text to display for authentication consent dialog on the mobile device. Limited to 60 characters or 128 bytes in UTF-8 encoding, whichever is reached first. |
file | Required | File to sign |
Response parameters
Parameter | Required or Optional? | Description |
|---|---|---|
sessionId | Required | A string that can be used to request operation result. |
verificationCode | Required | Verification code is needed, so that user can bind together the session on the browser and the authentication request on mobile device. |
Example
get Get Signed Document
https://sandbox-esignature.ondato.com/mobile-id/document-signature/{sessionId}
Preconditions
Session is present in the system, and the request is either running or has been completed less than 5 minutes ago.
Example