Make the following changes in the “web.config” file to configure Application Settings for SigningHub API.

Add Signature Policy Information While Performing Signatures

<add key="SignaturePolicyURI" value=""/>

<add key="SignaturePolicyName" value=""/>

<add key="SignaturePolicyOID" value=""/>
  1. For the tag with the “SignaturePolicyURI” key, set the value to a valid downloadable link of the signature policy document. 
  2. For the tag with the “SignaturePolicyURI” key, set the value to a name of a signature policy document with extension, which is placed under default directory in SigningHub deployment directory at the following path:

    [SigningHub Deployment Directory]\default\signaturepolicydocuments


  1. For the tag with the “SignaturePolicyOID” key, set the value to the signature policy OID accordingly to the policy document.

    There is a workaround needed to be done at ADSS end for verification of EPES signatures, the policy document needs to be placed under policy folder at the following path:

    [ADSS Installation Directory]/service/policy

    Moreover, OID and path in the 'policy.properties' file must be added at the following path:

    [ADSS Installation Directory]/service

    Example:
    Sample-OID = D:/Deployments/ADSS-Server/service/policy/Sample-Policy-Document.pdf


Display an Error if no RUT Value Found in user identity table

<add key="ValidateRUT" value="False" />

Set the value of the “ValidateRUT” key to “True”. This will fetch the certificates with having RUT (National ID) identifier in them. User can configure RUT in My Settings>Profile>General. Rut will be shown in signing reason while signing of the document.

Add the '00' prefix with the Mobile Number

<add key="MODIFY_MOBILE_NUMBER_FOR_SAM" value=""/>

Set the value of “MODIFY_MOBILE_NUMBER_FOR_SAM” key to “True”. SigningHub will add the '00' prefix (if not already present) with the mobile number before sending it to the ADSS Server's SAM (Signature Activation Module). 

Turn off Certify Policy for Individual Users

<add key="DefaultCertifyForIndividualUsers" value="True"/>

Set the value of "DefaultCertifyForIndividualUsers" key to “False". This will turn off the certify policy for individual users. However the users can turn the certify policy on from SigningHub Web as while documents are uploaded.

To Enable V3 APIs for SigningHub

<add key="V3_Enabled" value="false"/>

New integrations of business applications with SigningHub should make use of the v4 API’s. To use v3 API’s set the value of the "V3_Enabled" key to 'True'. 

Enable Kerberos authentication

<location path="authenticate/kerberos">
               <system.webServer>
                       <security>
                               <authentication>
                                       <anonymousAuthentication enabled="true" />
                                       <windowsAuthentication enabled="true" />
                               </authentication>
                       </security>
               </system.webServer>
       </location>

To use the Kerberos authentication, uncomment the location tag. This API will authenticate the users’ credentials from active directory through mobile web.

SigningHub Admin API

<location path="admin/authenticate/client_cert" overrideMode="Allow">
               <system.webServer>
                       <security>
                               <access sslFlags="SslNegotiateCert" />
                       </security>
               </system.webServer>
       </location>

To authenticate Admin credentials, uncomment the location tag.