SigningHub API
Make the following changes in the “web.config” file to configure Application Settings for SigningHub API.
To add signature policy information while performing signatures:
<add key="SignaturePolicyURI" value=""/>
<add key="SignaturePolicyName" value=""/>
- For the tag with the “SignaturePolicyURI” key, set the value to a valid downloadable link of the signature policy document.
- For the tag with the “SignaturePolicyURI” key, set the value to a name of a signature policy document with extension, which is placed under default directory in SigningHub deployment directory at the following path:
[SigningHub Deployment Directory]\default\signaturepolicydocuments
There is a workaround needed to be done at ADSS end for verification of EPES signatures as ADSS is unable to download the document from the provided URI in signature due to which the policy document needs to be placed under policy folder at the following path:
[ADSS Installation Directory]/service/policy
Moreover, OID and path in the 'policy.properties' file must be added at the following path:
[ADSS Installation Directory]/service
Example:
Sample-OID = D:/Deployments/ADSS-Server/service/policy/Sample-Policy-Document.pdf
To add signature policy information while performing signature
<add key="SignaturePolicyOID" value=""/>
For the tag with the “SignaturePolicyOID” key, set the value to the signature policy OID according to the policy document.
To display an error if no RUT value found in user identity table:
<add key="ValidateRUT" value="False" />
For the tag with the “ValidateRUT” key, set the value to “True”, else system will work as of today and will let user sign the document.
To add the '00' IDD prefix (if not already present) in the mobile number:
<add key="MODIFY_MOBILE_NUMBER_FOR_SAM" value=""/>
For the tag with the “MODIFY_MOBILE_NUMBER_FOR_SAM” key, set the value “True” SigningHub work as of today by adding the '00' prefix (if not already present) in the mobile number before sending it to the ADSS Server's SAM.
If it's “False”, SigningHub will send the mobile number to the ADSS's SAM without any modifications.
To turn off default certify policy for individual users:
<add key="DefaultCertifyFor IndividualUsers" value="False"/>
For the tag with ''DefaultCertifyForIndividualUsers '' key, set the value 'True' SigningHub will work as of today and turn on the certify policy by default for individual user. If it's "False", the SigingHub will turn off the certify policy.
To enable V3 APIs for SigningHub:
“<add key="V3_Enabled" value="false"/>“
For the tag with " V3_Enabled " key, set the value "True" SigningHub will work as of today and V3 APIs can be used for SigningHub. If it's "False", V3 APIs cannot be used for SigningHub.
To turn off Auto-opening of Edit Signature Field dialogue:
<add key="HideEditDialogOnFieldDropped" value="" />
For the tag with "HideEditDialogOnFieldDropped" key, set the value "True" SigningHub will turn off the Auto-opening Edit Signature Field dialogue window, when the user performs a Signature field drag and drop. If it's "False", SigningHub will work as of today and the Edit Signature Field dialogue window auto-opened.
To set default Workflow Mode for individual users:
<add key="DefaultWorkflowForIndividualUsers" value="" />
For the tag with "DefaultWorkflowForIndividualUsers" key, set the value of the workflow mode, SigningHub will set that workflow mode as a default for the individual users. If it's not present , then SigningHub will work as of today and sets the workflow mode "ONLY_OTHERS". There are three types of workflow modes supported in application. Possible values are "ONLY_ME", "ME_AND_OTHERS" and "ONLY_OTHERS".
To set time zone that is used when sending verification time to ADSS Server's Verification Service:
<add key="ADSS_SERVER_TIMEZONE" value="" />
For the tag with "ADSS_SERVER_TIMEZONE" key, set the value of the time zone, SigningHub will use that time zone when sending verification time to ADSS Server's Verification Service. If it's not present ,sends the verification time in the UTC time zone. There are three types of time zones supported in application. Possible values are "GMT+06", "GMT+03" and "GMT+02".
To perform XAdES Extended signature for XML document:
<add key="XADES_SIGNATURE_TYPE" value="" />
For the tag with "XADES_SIGNATURE_TYPE" key, set the value "ES-X-L", SigningHub will perform a XAdES Extended signature for backward compatibility with ADSS Server version 6.9 or lesser. If it's not present, then SigningHub will work as of today and perform the "XAdES-Baseline-LTA" ETSI compliant signatures.
To enable custom CORS Policy in API:
<add key="AllowedOrigins" value="[URL1;URL2]" />
For the tag with "AllowedOrigins" key, set the value of origins e.g. "https://mobile.signinghub.com;https://beta.mobile.signinghub.com". SigningHub API would only be accessible from the origins mentioned in the list. If it's not present, then SigningHub will work as of today and allow all origins by default.
To enable Kerberos authentication:
<location path="authenticate/kerberos">
<system.webServer>
<security>
<authentication>
<anonymousAuthentication enabled="true" />
<windowsAuthentication enabled="true" />
</authentication>
</security>
</system.webServer>
</location>
For the Kerberos authentication, uncomment the above location tag. SigningHub will work as of today and is not allowed Kerberose authentication when the location tag is commented out.
To use SigningHub administrator API:
<location path="admin/authenticate/client_cert" overrideMode="Allow">
<system.webServer>
<security>
<access sslFlags="SslNegotiateCert" />
</security>
</system.webServer>
</location>
For the SigningHub Admin API usage, uncomment the above location tag. SigningHub will work as of today and is not allowed to use SigningHub Admin APIs when the location tag is commented out.