Skip to content

Commit

Permalink
docs
Browse files Browse the repository at this point in the history
  • Loading branch information
enriquepablo committed Sep 9, 2024
1 parent ac27ed6 commit f8078b9
Showing 1 changed file with 7 additions and 7 deletions.
14 changes: 7 additions & 7 deletions API.md
Original file line number Diff line number Diff line change
Expand Up @@ -56,17 +56,17 @@ An example curl request (setting the above JSON in a file `create.json`):
Keys in the JSON sent to the `create-sign-request` endpoint:

- `api_key`: Secret shared between the API and the client app.
- `personal_data.idp`: entityID of the SAML IdP that the user will use to sign the document.
- `personal_data.idp`: entityID of the SAML IdP that the user will use to sign the document. This is the has to be the same IdP that the user did choose when they logged in to the Drive.
- `personal_data.display_name`: displayName of the signing party in the IdP, provided in the AttributeStatement in the SAML authentication assertion. It will be required to coincide with the attribute value in the SAML authn assertion for the signature.
- `personal_data.mail`: List of emails known to be controlled by the signing party. Used for communication with them.
- `personal_data.authn_context`: Authentication context class in the SAML authn assertion issued by the chosen IdP for the signing party. It will be required to be the same as the one in the authn assertion for the signature.
- `personal_data.organization`: String that will appear in the PDF in the image representation of the signature as reference to the signing party's organization.
- `personal_data.assurance`: eduPersonAssurance of the signing party in the IdP, provided in the AttributeStatement in the SAML authentication assertion. It will be used in the invitations to sign, in which the inviter can require an assurance level for the signatures, to check whether the invitee meets the requirement.
- `personal_data.registration_authority`: registrationAuthority in the SAML metadata of the chosen IdP. This is used in invitations to sign, in which the inviter can require an assurance level for the signatures. The inviter can specify low, medium, or high assurance, and depending on the registrationAuthority, these values are transated to actual assurance values.
- `personal_data.authn_context`: Authentication context class in the SAML authn assertion issued by the chosen IdP when the user logged in to the Drive. It will be required to be the same as the one in the authn assertion for the signature.
- `personal_data.organization`: String that will appear in the PDF in the image representation of the signature as reference to the signing party's organization. Can be obtained from the metadata for the IdP that the user chose when logging in to the Drive.
- `personal_data.assurance`: eduPersonAssurance of the signing party in the IdP, provided in the AttributeStatement in the SAML authentication assertion issued by the IdP when the user logged in to the Drive. It will be used in the invitations to sign, in which the inviter can require an assurance level for the signatures, to check whether the invitee meets the requirement.
- `personal_data.registration_authority`: registrationAuthority of the chosen IdP, obtained from the metadata for the IdP. This is used in invitations to sign, in which the inviter can require an assurance level for the signatures. The inviter can specify low, medium, or high assurance, and depending on the registrationAuthority, these values are transated to actual assurance values.
- `personal_data.saml_attr_schema`: Some (very few) IdPs do not release attributes in the SAML2.0 format (`urn:oid:` followed by some numbers) but in the SAML1.1 format (`urn:mace:dir:attribute-def:` followed by the friendly name of the attribute). If the chosen IdP releases the attributes in the SAML2.0 format, this key should be set as "20", otherwise it should be set as "11". This will almost always be "20".
- `personal_data.return_url`: URL in the app using the API to which the sign service will send the user once it has signed the document.
- `personal_data.authn_attr_name`: Attribute used as unique identifier of the signing party in the chosen IdP, provided in the AttributeStatement in the SAML authentication assertion. In the example we use the eppn, `urn:oid:1.3.6.1.4.1.5923.1.1.1.6`.
- `personal_data.authn_attr_value`: Value of the attribute used as unique identifier of the signing party in the chosen IdP, provided in the AttributeStatement in the SAML authentication assertion. It will be required to coincide with the attribute value in the SAML authn assertion for the signature.
- `personal_data.authn_attr_name`: Attribute used as unique identifier of the signing party in the chosen IdP, provided in the AttributeStatement in the SAML authentication assertion issued when the user loggd in to the Drive. In the example we use the eppn, `urn:oid:1.3.6.1.4.1.5923.1.1.1.6`.
- `personal_data.authn_attr_value`: Value of the attribute used as unique identifier of the signing party in the chosen IdP, provided in the AttributeStatement in the SAML authentication assertion issued when the user loggd in to the Drive. It will be required to coincide with the attribute value in the SAML authn assertion for the signature.
- `payload.documents.local`: List of documents to be signed. Each document is characterized by the following keys:
- `name`: Name of the document.
- `type`: MIME type of the document. Either `application/pdf` or `application/xml`.
Expand Down

0 comments on commit f8078b9

Please sign in to comment.