Versions Compared

Version Old Version 4 New Version 5
Changes made by

Saray Cordón Arnau

Wilter Torres Enriquez

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

UANATACA SIGNBOX API DOCUMENTATION (1.0)

Table of Contents
stylenone

What it is

The high-performance solution for Bulk, Interactive and LTV signature service. Our best option for signing large number of documents and transactions.

SignBox API is an enterprise-grade solution for automated electronic signature of any type of file or document. A turnkey system that can be easily integrated with any business application without altering the user experience and guaranteeing the legal security of your electronically signed documents. SignBox API is a high-level web API based on the http RESTful paradigm.

How it works

The API is given with SignBox Optimizer that is a server system exposing http RESTful API by means of which, business applications are enabled to require the electronic signature of large number of documents.

...

The system provides options for several electronic signature formats including time stamping and long term validation. The electronic signatures are performed in Uanataca Trusted Service Center side, where signature keys are stored in a Qualified Electronic Signature Creation Device (QSCD) system.

image-20241115-153902.png

Sandbox Environment

For testing purposes, Uanataca provides integrators of a pre-configured test-mode SignBox Optimizer accessible at the following URL:

...

Want to configure your own test-mode Optimizer? Find instructions in the configuration section.

Configuration

SignBox Optimizer can be supplied as a Docker or as a Virtual Machine image. See the configuration description in:
SignBox Optimizer on Docker
SignBox Optimizer on Virtual Machine

Hardware requirements

CPU: modern multicore (minimum 4 core)

RAM: 8GB

HDD: 200 GB

SignBox Optimizer on Docker

This configuration requires a server with a Linux operating system.

...

Code Block
docker-compose ps

             Name                                 Command                State                 Ports
----------------------------------------------------------------------------------------------------------------------
signbox_optimizer_nginx_1               /docker-entrypoint.sh ngin ...   Up      0.0.0.0:443->443/tcp,:::443->443/tcp,
                                                                                  0.0.0.0:80->80/tcp,:::80->80/tcp
signbox_optimizer_signbox_api_1         signbox start                    Up
signbox_optimizer_signbox_cryptosvc_1   signbox start                    Up

All services must be UP.

SignBox Optimizer on Virtual Machine (OVA)

The Virtual Machine is supplied in an OVA file. SignBox Optimizer image is compatible with common virtual environments like VMWare, AWS, Azure or VirtualBox.

...

Adjust the system requirements for optimal usage considering host terminal resources described in hardware requirements.

STEP 2: Network configuration.

...

It is possible to include url exceptions for services that don't use proxy network. Exceptions must be included in regular expression format.

Example:

...

Signature Image Configuration

A visual signature can be placed as an image in the signed document. The visual signature is composed by an image and text. SignBox allows to create and store multiple templates. The parameters can be adjusted on the alias.ini file which is located at:

...

This is how the alias.ini file should look like (three different images are stored in this example):

...

Paragraph format

The signature image permits the addition of identifying text with the signer's associated data. This parameter allows to define the style and the content of the signature image, according to the following JSON object:

...

From this configuration, the image paragraph should look like as shown below:

...

ARGB Tool

ARGB Tool is a Windows software that converts a PNG or JPG image to ARGB image type and generates the settings to include in the alias.ini file.

...

Both files must be moved to the /img directory in SignBox Optimizer (see image folders path)

Webhooks

SignBox API requires that the customer business develop a webhook to manage the service callbacks. There are two callbacks in the service that must be set in the parameters url_out and urlback of the SIGN API call.

...

Code Block
<?php

//url_out

$post = file_get_contents('php://input',true);
$file_handle = fopen('/signbox-files/', 'w');
fwrite($file_handle, $post);
fclose($file_handle);


//urlback

$post = file_get_contents('php://input');
$line = $post.PHP_EOL;
$myfile = fopen("/signbox-files/logs/%Y%m%d.txt", "a") or die("Unable to open file!");
fwrite($myfile, $line );
fclose($myfile);

?>

Rootstore configuration

As a requirement for LTV/LTVLITE signature level, we must add to the optimizer every chain of trust for each certificate that is involved in the signature.

...

Code Block
-----BEGIN CERTIFICATE-----
MIIIWjCCBkKgAwIBAgIIICfKLtFjrRMwDQYJKoZIhvcNAQELBQAwgbkxCzAJBgNV
BAYTAkVTMUQwQgYDVQQHDDtCYXJjZWxvbmEgKHNlZSBjdXJyZW50IGFkZHJlc3Mg
YXQgd3d3LnVhbmF0YWNhLmNvbS9hZGRyZXNzKTEWMBQGA1UECgwNVUFOQVRBQ0Eg
Uy5BLjEVMBMGA1UECwwMVFNQLVVBTkFUQUNBMRswGQYDVQQDDBJVQU5BVEFDQSBS
K+0fx83luCN81YLsUpdpc3e0URG7eDMKNG54WvtW
-----END CERTIFICATE-----

Docker

STEP 1: Load certificates in the optimizer

...

Code Block
docker compose up -d

OVA

STEP 1: Load certificates in the optimizer

...

Code Block
systemctl start bit4-de.api.service bit4-de.cryptosvc.service nginx

Logs

Service logs files are stored in a local folder in OVA or stored inside the containers in Docker.

...

To read logs in OVA version of SignBox Optimizer you can find logfile in this path:

/var/log/de

Postman collection

A postman collection is available as a support for a quick start.
It is only required to edit hostvariable in Postman environment with the IP or domain of SignBox Optimizer.

SignBox Postman collection download

Video tutorials

Need a better understanding of SignBox API? Check the video tutorials below and follow step-by-step instructions! They will guarantee you use our API efficiently for the best experience in document signatures.

Docker Optimizer Configuration

The Docker Optimizer configuration requires a SignBox Optimizer image package and a server using Linux Operating System with Internet access. Please check our documentation.

...

Error codes

Message

Reason

ProcessTerminated: process ended with exit code X

Webhook malfunctioning

Token not found

Non existent certificate

Invalid credentials

Incorrect credentials

PasswordProtected

Input PDF protected with password

Error: Pin invalid

Incorrect pin value

Error: Token locked

Certificate credentials locked

Error: Invalid Otp

Wrong or expired OTP code

Exception: Invalid Environment. Supported values are: []

Incorrect environment value

Exception: Remote Signature Failed: 401 Unauthorized

Wrong billing credentials

Exception: Invalid TSA alias

Incorrect timestamping alias

Exception: Invalid Image alias

Incorrect image alias

Exception: Remote Signature Failed: 400 Bad Request

Insufficient credits

Exception: Need tsa_bookmark for ltv signature

Performing LTV with timestamping disabled

Exception: UnknownIssuer

Certificate of any hierarchy missing

Exception: Time Stamping Failed: 400 Bad Request

Non existent timestamping

API Reference