An Administrator Guide to SigningHub Admin

CSC Connector

Fields

Description

Name

Specify a unique name for this connector e.g. Ascertia CSC. This connector will be used in the configuration of Signing Profiles. 

Provider

Select the provider for this connector, i.e. "CSC". 

Purpose

This field will display the purpose of the selected provider above i.e., the purpose of "CSC" is "Signing".

Logo

Select an appropriate image in the jpeg, jpg, gif or png format for the connector's logo that will be displayed on the login screen. 

Server Address

URL where CSC Server is deployed and accessible. The server address must be in the following format: [CSC_SERVER_URL]/csc/[CSC_SPECIFICATION_VERSION] 

Client ID

Application ID that is provided by the CSC Server.

Client Secret

Client Secret is provided by the CSC Server. However, this is an optional parameter which is not mandatory in case of all CSC Servers.

Auth Type

Select the authorisation type, i.e. "Authorisation Code" or "Client Credentials". By default, the "Authorisation Code" auth type will be selected.

If "Authorisation Code" is selected as the auth type, the user will be required to provide authorisation code every time they try to sign using the CSC Server. However, if  "Client Credentials" is selected as the auth type, the CSC User ID will be used and the user will be allowed to sign without requiring any manual authorisation at the time of signing.

Level of Assurance

Select a level of assurance for your CSC connector, that will be used while signing and will show the signing capacities based on the level of assurance in the connector and as set by the document owner.  By default, the "Advanced Electronic Signature (AES)" level of assurance will be selected.

The terms for a level of assurance are as per eIDAS Standards. For details of these terms click here. Possible values for CSC connector are Advanced Electronic Signature (AES), High Trust Advanced (AATL) and Qualified Electronic Signature (QES).

Authorisation Required

Select this check box if the CSC Server expects an authorisation while accessing remote services connected to Corporate Identity Management services or connected to public Electronic Identity (eID) frameworks. In the former case, the remote service may be required to prevent access to users that are not affiliated with the Corporate; while in the latter case, the remote service may be restricted to avoid abuse by unauthorized users.
When this check box is selected, additionally provide 'Account ID', which is a required parameter.

Active

Select this check box to make this connector active. Inactive connectors cannot be configured in the Signing Profiles.

1. A call back URL has to be registered with the CSC (Cloud Signature Consortium) signing server. The URL where the user will be redirected after the authorisation process has completed. Here is the format of call back URL: "{DEPLOYMENT_WEB_URL}/CSC/OAuth/CallBack"
   
   For example if your SigningHub site is "https://web.signinghub.com" then the Callback URL for SigningHub will be "https://web.signinghub.com/CSC/OAuth/CallBack".
2. In case "Client Credentials" has been selected as the "Auth Type" in the CSC Connector, an unregistered user will not be able to perform signatures using the CSC Signing Server since CSC_ID cannot be added for an unregistered user.