| Parameter | Location | Type | Requirements | Optional | Default value | Description |
|---|---|---|---|---|---|---|
| format | URI-Query | string | enum: [
"KateAPI",
"InternalAPIMap",
"OpenAPI",
"Swagger"
] |
Yes | "KateAPI" | Documentation format. We support KateAPI documentation, Swagger/OpenAPI documentation and raw output of the internal API-map cache. |
| openApiVersion | URI-Query | int | enum: [
2,
3
] |
Yes | 2 | Version 3 is crappy with request bodies, so we prefer version 2 (which only sucks regarding Response definitions; hence we prefer KateAPI documentation). |
| Response | HTTP | Type | Description |
|---|---|---|---|
| Success | 200 | object | The API-documentation. |
| MissingRequiredParameterException | 400 | The request is missing a required input parameter. See details for involved parameter. | |
| InvalidParameterException | 400 | The request has an invalid argument. See details for involved parameter and invalidation. | |
| AuthenticationFailedException | 401 | Authentication failed. Re-authenticate and retry. See error details for details. | |
| UnauthorizedException | 403 | Authorization for requested method rejected. See error details for details. |
| Parameter | Location | Type | Requirements | Optional | Default value | Description |
|---|---|---|---|---|---|---|
| oneTimeToken | URI-Path | string | minLength: 1 |
No | One-time token as returned by /sign/initialize. |
| Response | HTTP | Type | Description |
|---|---|---|---|
| Success | 200 | null | Nothing is returned, since this is a navigation-request. Instead, upon completion, it will navigate back to navCallback as provided to /sign/initialize. If an error occurs, the query-string is extended with 2 parameters: error: exceptionType, errorDetails: JSON-encoded details of the Exception. |
| CleverbaseException | 200 | External signing service Cleverbase reported an error. | |
| CleverbaseIntegrationException | 500 | External signing service Cleverbase reported something unexpected, see details for details. | |
| CleverbaseInactiveCredentialException | 200 | The signing credential has been disabled. This is something the signer is able to do using their Cleverbase app. The credential must be activated first. | |
| InvalidOneTimeToken | 404 | The One-Time Token is invalid. It either was never generated, has been exchanged already or has a state-mismatch. | |
| XAdESCallbackException | 500 | The XAdES-callback URI did not return HTTP-code 200. See details for the returned HTTP code and response body. | |
| PathNotWritableException | 500 | Path is not writable. | |
| InvalidJSONException | 500 | JSON-string could not be parsed into valid JSON. | |
| MissingRequiredParameterException | 400 | The request is missing a required input parameter. See details for involved parameter. | |
| InvalidParameterException | 400 | The request has an invalid argument. See details for involved parameter and invalidation. | |
| AuthenticationFailedException | 401 | Authentication failed. Re-authenticate and retry. See error details for details. | |
| UnauthorizedException | 403 | Authorization for requested method rejected. See error details for details. |
| Parameter | Location | Type | Requirements | Optional | Default value | Description |
|---|---|---|---|---|---|---|
| idValuation | POST-body | string | minLength: 1 |
No | ID of the valuation corresponding to the XBRL-string. | |
| type | POST-body | string | enum: [
"valuer_1",
"valuer_2",
"reviewer_2"
] |
No | Type of signature to be generated. | |
| xbrlString | POST-body | string | minLength: 50 maxLength: 6291456 |
No | XBRL-string to sign. | |
| xades1String | POST-body | string | minLength: 50 maxLength: 4194304 |
Yes | null | Signature of the first valuer. Only provide/required when type = reviewer_2. |
| xadesCallback | POST-body | string | minLength: 1 maxLength: 255 |
No | Callback-URI to invoke after XAdES-signature is generated. This callback must be a POST-endpoint, and will receive the following body parameters: idValuation, type, idUser, XAdES. | |
| xadesCallbackAuth | POST-body | string | minLength: 1 maxLength: 2048 |
Yes | "inherit" | Authorization-header value that will be passed when calling the XAdES-callback-URI. If it is omitted, the Authorization-header will contain the same value as was used when invoking this /sign/initialize method. |
| navCallback | POST-body | string | minLength: 1 |
No | Callback-URI to navigate back to upon completion/failure of signing, as a result of the subsequent call to /sign/{oneTimeToken}. If an error occurred, a query-string parameter "error" will be appended with an error-code. |
| Response | HTTP | Type | Description |
|---|---|---|---|
| Success | 200 | string | URI with one-time token to navigate to, to continue the signing process. It has the form /sign/{oneTimeToken}. This OTT can only be used once; even if an error occurs. |
| PathNotWritableException | 500 | Path is not writable. | |
| MissingFirstValuerSignatureException | 400 | First valuer signature is required when signing as plausibility reviewer. | |
| MissingRequiredParameterException | 400 | The request is missing a required input parameter. See details for involved parameter. | |
| InvalidParameterException | 400 | The request has an invalid argument. See details for involved parameter and invalidation. | |
| AuthenticationFailedException | 401 | Authentication failed. Re-authenticate and retry. See error details for details. | |
| UnauthorizedException | 403 | Authorization for requested method rejected. See error details for details. |