Authentication

Telia Sign utilizes JWT tokens for authentication. The token can be retrieved by passing the login/password to /identity/login endpoint. Schemas for the messages are outlined below. The environment is multitenant, so tenantid also needs to be passed.

Let's assume that the tenantid you have is 00000000-0000-0000-0000-000000000000. So in order to retrieve a token to work with, the payload would be roughly as follows:

Request

POST https://api-test.vincitsign.com/identity/login
{
    "login": "john.doe",
    "password": "doeisme",
    "tenantid": "00000000-0000-0000-0000-000000000000"
}
Ocp-Apim-Subscription-Key: {subscription-key}

Response

{
    "token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1bmlxdWVfbmFtZSI6ImpvaG4uZG9lQHZpbmNpdHNpZ24uY29tIiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy91c2VyZGF0YSI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMSIsInJvbGUiOiJCYXNpYyB1c2VyIiwiaHR0cDovL3ZpbmNpdHNpZ24uY29tLzIwMTYvMTAvaWRlbnRpdHkvY2xhaW1zL3RlbmFudCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCIsImF1ZCI6Imh0dHA6Ly93d3cuamF2ZXJkZWwuZmkvIiwiZXhwIjoxNDg2Njk1NjI3LCJuYmYiOjE0ODY2OTM4Mjd9.nEw_5BiSJS3wjOjtTVvTRyH56bt4qBJOv7o9f9Z93VU"
}

Using the token

Once you have the authentication token, you need to set it to the http header of your requests. The header in question is Authorization, and the text "Bearer" should preface the token. So for example to retrieve a list of signature requests, you could make a request like this:

GET https://api-test.vincitsign.com/signing/signaturerequest?tenantid=00000000-0000-0000-0000-000000000000
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1bmlxdWVfbmFtZSI6ImpvaG4uZG9lQHZpbmNpdHNpZ24uY29tIiwiaHR0cDovL3NjaGVtYXMubWljcm9zb2Z0LmNvbS93cy8yMDA4LzA2L2lkZW50aXR5L2NsYWltcy91c2VyZGF0YSI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMSIsInJvbGUiOiJCYXNpYyB1c2VyIiwiaHR0cDovL3ZpbmNpdHNpZ24uY29tLzIwMTYvMTAvaWRlbnRpdHkvY2xhaW1zL3RlbmFudCI6IjAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMCIsImF1ZCI6Imh0dHA6Ly93d3cuamF2ZXJkZWwuZmkvIiwiZXhwIjoxNDg2Njk1NjI3LCJuYmYiOjE0ODY2OTM4Mjd9.nEw_5BiSJS3wjOjtTVvTRyH56bt4qBJOv7o9f9Z93VU

Ocp-Apim-Subscription-Key: {subscription-key}

This would return you the list of all signature requests for your tenant, provided that the token value matches the one provided in query parameter.