| Table of Contents |
|---|
Below will be detailed the SOAP request for sign, change password ecc...
All the methods described are on interface:
| Code Block |
|---|
https://<IP-APPLIANCE>:8080/SignEngineWeb/sign-services?wsdl |
The SOAP request examples are generated using SoapUI, you can use this guide to configure SoapUI on your pc.
In this guide will be described the example of Soap Requests.
All methods for sign require the ojbect Credentials is used to specify the device signature are you using for sign. This object is composed by this variables:
| Code Block | ||||
|---|---|---|---|---|
| ||||
<credentials>
<username>?</username>
<password>?</password>
<idOtp>?</idOtp>
<otp>?</otp>
<securityCode>?</securityCode>
<sessionKey>?</sessionKey>
</credentials> |
According the device signature (automatic or remote) are you using you should populate different fields.
Below the example of Credentials :
| Code Block | ||||
|---|---|---|---|---|
| ||||
<credentials> <username>AHI123456</username> <password>13572468</password> </credentials> |
Fileds required:
If you sign with the remote there are two ways:
Example with "idOtp" and "otp":
| Code Block | ||||
|---|---|---|---|---|
| ||||
<credentials> <username>RHIP1234567</username> <password>13572468</password> <idOtp>501719</idOtp> <otp>150259</otp> </credentials> |
Example with "sessionKey"
| Code Block | ||||
|---|---|---|---|---|
| ||||
<credentials> <username>RHIP1234567</username> <password>13572468</password> <sessionKey>sadlijhdfkjslherpoufdblkhesljherihbfdoihejheroihger</sessionKey> </credentials> |
If you decide to sign with idOtp and OTP you must obtain the OTP code for sign (from SMS, App and Token) and idOtp.
Below will described with SOAP request how obtain idOtp (with method getOtpList) and OTP code.
You can obtain the idOtp with method getOtpList. Below the example of SoapRequest. In this example we are using the devicename: "RHIP20102336019765":
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://service.ws.nam/">
<soapenv:Header/>
<soapenv:Body>
<ser:getOTPList>
<credentials>
<username>RHIP20102336019765</username>
</credentials>
</ser:getOTPList>
</soapenv:Body>
</soapenv:Envelope> |
In output the SOAP response will be:
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<ns2:getOTPListResponse xmlns:ns2="http://service.ws.nam/">
<return>
<idOtp>501719</idOtp>
<serialNumber>20210113-091031RJ2L1</serialNumber>
<type>SMS</type>
</return>
<return>
<idOtp>537430</idOtp>
<serialNumber>20210305-163726L0PYF</serialNumber>
<type>OTP GENERATOR</type>
</return>
<return>
<idOtp>537433</idOtp>
<serialNumber>20210305-163726F0I75</serialNumber>
<type>OTP PUSH</type>
</return>
</ns2:getOTPListResponse>
</soap:Body>
</soap:Envelope> |
During the signing process, it is possible to choose between these two idOtps: 501719 (associated with OTP SMS) and the idOTP: 537430 (associated with OTP GENERATOR).
It is not possible to use OTP PUSH, they are used for other purposes, not for signing.
For the signature we can choose two types of idOTP: 501719 or 537430.
With OTP SMS we can obtain the code using the method "sendOtpBySMS" like in this SOAP request:
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://service.ws.nam/">
<soapenv:Header/>
<soapenv:Body>
<ser:sendOtpBySMS>
<credentials>
<username>RHIP20102336019765</username>
</credentials>
</ser:sendOtpBySMS>
</soapenv:Body>
</soapenv:Envelope> |
If everything is ok, in output response will be:
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<ns2:sendOtpBySMSResponse xmlns:ns2="http://service.ws.nam/"/>
</soap:Body>
</soap:Envelope> |
On your mobile phone, you will receive an SMS containing the OTP code (composed of 6 numbers) for signature. Now, for example, we have received the code: “214196”.
While with OTP App and Token you don't require the method of SWS because you can read the OTP code on Token display or on your smartphone display (if you are using the App).
Below will be describe the SOAP request example for obtain the sessionKey, check if the sessionKey is valid and destroy the sessionKey
Below the SOAP request example for create the openSession:
| Code Block | ||||
|---|---|---|---|---|
| ||||
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ser="http://service.ws.nam/">
<soapenv:Header/>
<soapenv:Body>
<ser:openSession>
<credentials>
<idOtp>501719</idOtp>
<otp>150259</otp>
<password>13572468</password>
<username>RHIP20102336019765</username>
</credentials>
</ser:openSession>
</soapenv:Body>
</soapenv:Envelope> |
In output will obtain the value of sessionKey which will be used for the signature:
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<ns2:openSessionResponse xmlns:ns2="http://service.ws.nam/">
<return>
f4lf7bq/cCxW6mTgL3iGjFEST5cEAZjgLnXvV3hUFzFHcTvjlH3FOkJy+kv/0Zsv1
uNK0S7L6jMqHYSspBz+CZl7h3r5IEP2FqrK7WJQTVyrNfyr/trZmDgxYOLuACyoZVUFIlnck5Lkjihui
sv+gZeB68Spwm+cNDdQQdUS3ngzJavHXxo9ADCX6VDIKKMe/AY0v+R51XWE90JF5LfKEThlv1OCpQC5nhnW8WKOFOm
P4vM90d79JhFYGVVSZWtnTQ9Dg8pOMvg9wwxNm3uGkKKaS7oTp1ewd+eCG/uSC9k3H2w9GB6vQLHQEbn6d
VVMcsIqJ0RMmZ2IgraD+scb4Q==
</return>
</ns2:openSessionResponse>
</soap:Body>
</soap:Envelope> |
The sessionKey just obtained is valid for three minutes (it is not possible to edit this value!). After it expires, you will need to generate another sessionKey using openSession method and new OTP code (it is not possible to use the same OTP already in use).
Below the SOAP request example for check the sessionKey status:
| Code Block | ||||
|---|---|---|---|---|
| ||||
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ser="http://service.ws.nam/">
<soapenv:Header/>
<soapenv:Body>
<ser:getRemainingTimeForSession>
<credentials>
<username>RHIP20102336019765</username>
<sessionKey>
f4lf7bq/cCxW6mTgL3iGjFEST5cEAZjgLnXvV3hUFzFHcTvjlH3FOkJy+kv/0Zsv1 uNK0S7L6jMqHYSspBz+CZl7h3r5IEP2FqrK7WJQTVyrNfyr/trZmDgxYOLuACyoZVUFIlnck5Lkjihui sv+gZeB68Spwm+cNDdQQdUS3ngzJavHXxo9ADCX6VDIKKMe/AY0v+R51XWE90JF5LfKEThlv1OCpQC5nhnW8WKOFOm P4vM90d79JhFYGVVSZWtnTQ9Dg8pOMvg9wwxNm3uGkKKaS7oTp1ewd+eCG/uSC9k3H2w9GB6vQLHQEbn6d VVMcsIqJ0RMmZ2IgraD+scb4Q==
</sessionKey>
</credentials>
</ser:getRemainingTimeForSession>
</soapenv:Body>
</soapenv:Envelope> |
The SOAP response will be:
| Code Block | ||||
|---|---|---|---|---|
| ||||
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<ns2:getRemainingTimeForSessionResponse xmlns:ns2="http://service.ws.nam/">
<return>167</return>
</ns2:getRemainingTimeForSessionResponse>
</soap:Body>
</soap:Envelope> |
Where 167 is the seconds until the session is active. After 180 seconds from creation, the session will be automatically deleted, but for good practice, close the session before it expires.
You can destroy the session manually before it expires with the method closeSession.
Below the example of SOAP request for destroy the session:
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://service.ws.nam/"> <soapenv:Header/> <soapenv:Body> <ser:closeSession> <credentials> <username>RHIP20102336019765</username> <sessionKey>f4lf7bq/cCxW6mTgL3iGjFEST5cEAZjgLnXvV3hUFzFHcTvjlH3FOkJy+kv/0Zsv1uNK0S7L6jMqHYSspBz+CZl7h3r5IEP2FqrK7WJQTVyrNfyr/trZmDgxYOLuACyoZVUFIlnck5Lkjihuisv+gZeB68Spwm+cNDdQQdUS3ngzJavHXxo9ADCX6VDIKKMe/AY0v+R51XWE90JF5LfKEThlv1OCpQC5nhnW8WKOFOm P4vM90d79JhFYGVVSZWtnTQ9Dg8pOMvg9wwxNm3uGkKKaS7oTp1ewd+eCG/uSC9k3H2w9GB6vQLHQEbn6dVVMcsIqJ0RMmZ2IgraD+scb4Q== </sessionKey> </credentials> </ser:closeSession> </soapenv:Body> </soapenv:Envelope> |
The SOAP response will be ever like this:
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns2:closeSessionResponse xmlns:ns2="http://service.ws.nam/"/> </soap:Body> </soap:Envelope> |
The credentials object for automatic signature is composed like in this example:
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<credentials> <username>AHIP20102336019478</username> <password>1357268</password> </credentials> |
With remote signature if you don't use the sessionKey the object Credentials will be:
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<credentials> <password>13572468</password> <username>RHIP20102336019765</username> <idOtp>501719</idOtp> <otp>150259</otp> </credentials> |
While if you are using the sessionKey the object Credentials will be:
| Code Block | ||||||
|---|---|---|---|---|---|---|
| ||||||
<credentials> <password>13572468</password> <username>RHIP20102336019765</username> <sessionKey>f4lf7bq/cCxW6mTgL3iGjFEST5cEAZjgLnXvV3hUFzFHcTvjlH3FOkJy+kv/0Zsv1uNK0S7L6jMqHYSspBz+CZl7h3r5IEP2FqrK7WJQTVyrNfyr/trZmDgxYOLuACyoZVUFIlnck5Lkjihuisv+gZeB68Spwm+cNDdQQdUS3ngzJavHXxo9ADCX6VDIKKMe/AY0v+R51XWE90JF5LfKEThlv1OCpQC5nhnW8WKOFOm P4vM90d79JhFYGVVSZWtnTQ9Dg8pOMvg9wwxNm3uGkKKaS7oTp1ewd+eCG/uSC9k3H2w9GB6vQLHQEbn6dVVMcsIqJ0RMmZ2IgraD+scb4Q== </sessionKey> </credentials> |
Below will be described the SOAP request example for every type of signature:
The SOAP request for create Pades signature:
| Code Block | ||||
|---|---|---|---|---|
| ||||
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://service.ws.nam/">
<soapenv:Header/>
<soapenv:Body>
<ser:signPAdES>
<credentials>
<password>foo123</password>
<username>demo</username>
</credentials>
<buffer>BASE64-TO-SIGN</buffer>
<PAdESPreferences>
<level>B</level>
<signerImage>
<imageVisible>true</imageVisible>
<image>BASE64-IMAGE-LOGO</image>
<x>30</x>
<y>30</y>
<width>50</width>
<height>50</height>
<signerName>Name of Signer</signerName>
</signerImage>
</PAdESPreferences>
</ser:signPAdES>
</soapenv:Body>
</soapenv:Envelope> |
At this link is possible to see the full example (with file to sign and logo image) of signature Pades with appereance.
SignCades
The SOAP request for create Cades signature:
| Code Block | ||||
|---|---|---|---|---|
| ||||
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://service.ws.nam/">
<soapenv:Header/>
<soapenv:Body>
<ser:signCAdES>
<credentials>
<password>foo123</password>
<username>demo</username>
</credentials>
<buffer>VGhpcyBpcyB0aGUgZmlsZSB0byBiZSBzaWduZWQgZm9yIHRlc3Qu</buffer>
<CAdESPreferences>
<level>B</level>
</CAdESPreferences>
</ser:signCAdES>
</soapenv:Body>
</soapenv:Envelope> |
In this example the buffer to sign is "txt" files.
