Autenti API Documentation
Related documentation
API Purpose
Assumptions and design principles
- the transport protocol is HTTP, version 1.1 and / or 2
- whenever practical the API is designed as RESTful, maturity level 2 (Richardson’s model)
- it was deliberately decided not to attempt using HATEOAS self-describing API design (Richardson maturity level 3)
- the API will include asynchronous callback channel to allow subscribing to events. the list of events is an open one, and the structure of the event generic (with open attributes list)
- the API is only available to known a priori client applications, registered by Autenti, and Autenti reserves the right to refuse to register (and thus: grant access) any application, as well as revoke access to the API at any time
- all API queries and actions require authentication, and no API operations are possible in anonymous context
Requirements concerning the applications accessing the API
- new kind of participant in the process (for example, a client written when the only participants possible in the process were signers, should properly function with documents with new “approver” participant - while may not be able to perform the actions possible for approver - while even that is made possible by the use of challenge-action-assertion mechanism, see: The challenge-action-assertion model
- new constraints describing the way a given participant is restricted, for example requiring additional, new authorization mechanism to be used before accessing the document (constraints that depend on user action will result in challenges to be raised by the API if the action constrained is attempted, giving the connected application a chance of reacting to that constraint, including by interacting with the user)
- new kind of challenges describing required interaction between Autenti, its client, and the user of the API
Unacceptable way | Correct way |
---|---|
There was an error processing the document |
Unsupported feature detected. Please use Autenti system to continue. |
Unknown error |
Handling of this document requires newer version of this application |
Getting started
Getting access to the API
Client application registration using management user interface
Client self-registration with OAuth 2.0 Dynamic Client Registration Protocol
- client_name (without internationalization) - defines human-readable name for the connected application https://tools.ietf.org/html/rfc7591#section-2.2
- redirect_uris - a list of URLs the client application may request OAuth2 redirect to be sent to (see: https://tools.ietf.org/html/rfc6749#section-4.1.1 and https://tools.ietf.org/html/rfc6749#section-4.1.2 )
- scope - space-separated list of scopes the newly created client application will be able to request in the authorization. If given scope
Bootstrap client
POST https://api.autenti.com/api/v2/auth/token
Content-Type: application/json
{
"client_id": "autenti",
"client_secret": "autenti",
"grant_type": "password",
"username": "superadmin@company.fake.com",
"password": "iMpossible_TO_GueSSS",
"scope" : "client_management"
}
Important
|
The example above uses password grant. This grant type is not generally available to client applications, and (unless Autenti allows otherwise) can only be used with the bootstrap client.
Autenti supports, and advise, to use a regular OAuth2 Authorization Code Flow for superadmin authentication and authorization, as described in API user authentication and API call authorization, but allows a simplified flow, as we recognize the difficulties in the early stages of integration - which registering the first client application belongs to.
|
HTTP/1.1 200 OK Date: Sun, 28 Feb 2021 15:07:17 GMT Content-Type: application/json { "scope": "client_management", "access_token": "eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiZGlyIn0..hkkQ0kT-CzoT5nMb1EGV_0Y.EEakj94VQpB5VMSM-w4mLQ", "token_type": "bearer", "expires_in": 1770, "refresh_token": "eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiZG..RImnLpeHyCpYkg" }
Important
|
Please note Autenti uses self-contained tokens of significant length. Please ensure at least 1500 characters reserved to store tokens.
|
POST https://api.autenti.com/api/v2/clients
Authorization: Bearer eyJlbmMiOiJBMjU2R0NNIiwiYWxnIjoiZGlyIn0..hkkQ0kT-CzoT5nMb1EGV_0Y.EEakj94VQpB5VMSM-w4mLQ
Content-Type: application/json
{
"redirect_uris": [
"https://postman-echo.com/get"
],
"client_name": "Fake Corp. Autenti Client",
"scopes": [
"read", "list", "read_one"
]
}
Important
|
Reserves some API scopes to be only available to selected applications. Some scopes can only be granted to an existing application (and will be silently ignored, if requested), after Autenti audit of the application. Autenti reserves the right to unilaterally grant (following the audit process), and withdraw, without the need of justification, access to the following scopes:
New client creation and notification management is only possible using pre-defined bootstrap application (and may be in the future granted to selected partner applications)/ The scopes listed below will be silently ignored if requested via API for a newly created client application:
|
HTTP/1.1 200 OK Date: Sun, 28 Feb 2021 15:07:17 GMT Content-Type: application/json { "client_id": "9e7629c4-4246-4b17-8315-4578ae212660", "client_secret": "dfbc3a80-93be-4138-805d-f5e0c7661d6d", "client_secret_expires_at": 0, "redirect_uris": [ "https://postman-echo.com/get" ], "client_name": "Fake Corp. Autenti Client", "scopes": [ "read", "list", "read_one" ] }
Important
|
Please note that a client secret value is only returned when a new secret is created (either when a new application is registered, or a secret re-generated). The secret cannot be retrieved by querying the client application information, nor is communicated in any other channel.
|
API user authentication and API call authorization
- authorization code ( https://tools.ietf.org/html/rfc6749#section-1.3.1 )
- resource owner credentials ( https://tools.ietf.org/html/rfc6749#section-1.3.3 )
- refresh token flow ( https://tools.ietf.org/html/rfc6749#section-1.5 )
- federated scenarios with OpenID Connect and SAML v2 identity providers ( see: https://tools.ietf.org/html/rfc8693 and https://tools.ietf.org/html/rfc7522#section-2.1 correspondingly )
Example API authorization with OAuth2 authorization code flow (line breaks for display purposes only)
curl -X GET --location "https://api.autenti.com/api/v2/auth/authorization" \
--data-urlencode "response_type=code" \
--data-urlencode "client_id=5a8806ef-a7ac-4467-834f-36f5e5471012" \
--data-urlencode "redirect_uri=https://acme.com/redirect" \
--data-urlencode "scope=full" \
--data-urlencode "state=U3VuIEphbiA"
HTTP/1.1 302 Found Location: https://accounts.autenti.com/login?state=erhjwifvhwihvw3248vw8fh4jrvn35ewe5n5u5
HTTP/1.1 302 Found Location: https://acme.com/redirect?code=hwAUwvu2345sdfsfg344324dgH6&state=U3VuIEphbiA
curl -X POST --location "https://api.autenti.com/api/v2/auth/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=authorization_code" \
-d "client_id=5a8806ef-a7ac-4467-834f-36f5e5471012" \
-d "client_secret=22e99dd6-b70e-4dee-80bf-fb728f256df9" \
-d "redirect_uri=https://acme.com/redirect" \
-d "code=hwAUwvu2345sdfsfg344324dgH6"
HTTP/1.1 200 OK Content-Type: application/json Cache-Control: no-store Pragma: no-cache { "access_token":"MTQ0NjJkZmQ5OTM2NDE1ZTZjNGZmZjI3", "token_type":"bearer", "expires_in":3600, "refresh_token":"IwOGYzYTlmM2YxOTQ5MGE3YmNmMDFkNTVk", "scope":"full" }
Example API authorization token refresh
curl -X POST --location "https://api.autenti.com/api/v2/auth/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=refresh_token" \
-d "refresh_token=IwOGYzYTlmM2YxOTQ5MGE3YmNmMDFkNTVk" \
-d "client_id=5a8806ef-a7ac-4467-834f-36f5e5471012" \
-d "client_secret=22e99dd6-b70e-4dee-80bf-fb728f256df9"
HTTP/1.1 200 OK Content-Type: application/json Cache-Control: no-store Pragma: no-cache { "access_token":"r56Q0asg5OTM2NDE1ZTZjNGZmZd4", "token_type":"bearer", "expires_in":3600, "refresh_token":"g22ygg225Kg552hjKKweD", "scope":"full" }
Key concepts and entities
The document process
{
"id": "DOCUMENT_PROCESS:ac842283-afd4-4e26-9873-2bf35bd89b42",
"title": "Sailing boat rental agreement",
"description": "Please review the terms and sign",
"processLanguage": "en",
"status": "PROCESSING",
"parties": [
{
"party": {
"id": "PARTY-PUBLIC_APPROVAL_PROCESS_ID:4060e833",
"firstName": "Mark",
"lastName": "Wazowski",
"name": "Mark Wazowski",
"contacts": [
{
"type": "CONTACT-TYPE:EMAIL",
"attributes": {
"email": "mark.wazowski@acme.com"
}
}
],
"relationships": [
{
"type": "PARTY_RELATIONSHIP-TYPE:REPRESENTATIVE",
"party": {
"name": "Acme Co.",
"extIds": [
{
"identificationSpace": "TAXID-PL-NIP",
"identifier": "898123432"
}
]
},
"attributes": {
"relationshipDescription": "President"
}
}
]
},
"role": "APPROVER",
"participationStatus": "COMPLETED",
"constraints": [
{
"classifiers": [
"CONSTRAINT-UNIQUE_TYPE:PARTICIPATION_PRIORITY"
],
"attributes": {
"priority": 1
}
}
],
"currentUser": false,
"participationEvents": [
{
"eventType": "APPROVAL",
"timestamp": "2020-10-21T15:48:34.863Z"
},
{
"eventType": "VIEWING",
"timestamp": "2020-07-18T19:16:40.997Z"
}
]
},
{
"party": {
"id": "PARTY-PUBLIC_SIGNING_PROCESS_ID:4060e833",
"firstName": "John",
"lastName": "Smith",
"name": "John Smith",
"contacts": [
{
"type": "CONTACT-TYPE:EMAIL",
"attributes": {
"email": "john.smith@acme.com"
}
}
],
"relationships": [
{
"type": "PARTY_RELATIONSHIP-TYPE:REPRESENTATIVE",
"party": {
"name": "Acme Co.",
"extIds": [
{
"identificationSpace": "TAXID-PL-NIP",
"identifier": "898123432"
}
]
},
"attributes": {
"relationshipDescription": "Salesman"
}
}
]
},
"role": "SIGNER",
"participationStatus": "COMPLETED",
"constraints": [
{
"classifiers": [
"CONSTRAINT-UNIQUE_TYPE:PARTICIPATION_PRIORITY"
],
"attributes": {
"priority": 2
}
},
{
"classifiers": [
"CONSTRAINT-UNIQUE_TYPE:SIGNATURE_TYPE"
],
"attributes": {
"requiredClassifiers": [
"SIGNATURE_PROVIDER-SIGNATURE_TYPE:BASIC"
]
}
}
],
"currentUser": true,
"participationEvents": [
{
"eventType": "SIGNATURE",
"timestamp": "2020-10-21T15:48:34.863Z"
},
{
"eventType": "VIEWING",
"timestamp": "2020-06-18T19:16:40.997Z"
}
]
},
{
"party": {
"id": "PARTY-PUBLIC_SIGNING_PROCESS_ID:bdb551b2",
"firstName": "Maurice",
"lastName": "Chevallier",
"name": "Maurice Chevaller",
"contacts": [
{
"type": "CONTACT-TYPE:EMAIL",
"attributes": {
"email": "chevallier1981@gmail.com"
}
}
]
},
"role": "SIGNER",
"participationStatus": "PENDING",
"constraints": [
{
"classifiers": [
"CONSTRAINT-UNIQUE_TYPE:SIGNATURE_TYPE"
],
"attributes": {
"requiredClassifiers": [
"SIGNATURE_PROVIDER-SIGNATURE_TYPE:BASIC"
]
}
},
{
"classifiers": [
"CONSTRAINT-UNIQUE_TYPE:PARTICIPATION_PRIORITY"
],
"attributes": {
"priority": 3
}
}
],
"currentUser": false
},
{
"party": {
"id": "PARTY-PUBLIC_SIGNING_PROCESS_ID:4060e833",
"firstName": "John",
"lastName": "Smith",
"name": "John Smith",
"contacts": [
{
"type": "CONTACT-TYPE:EMAIL",
"attributes": {
"email": "john.smith@acme.com"
}
}
]
},
"role": "SENDER",
"participationStatus": "COMPLETED",
"currentUser": true,
"participationEvents": [
{
"eventType": "SUBMISSION",
"timestamp": "2020-06-18T19:16:40.997Z"
}
]
}
],
"contentElements": [
{
"id": "FILE-SOURCE_FILE:3cf4307e-63cc-4be9-b616-bd2b99d9778e",
"filename": "SailCruiser-15-rental.pdf",
"description": null,
"version": "1",
"modificationTime": null,
"filePurpose": "SOURCE_FILE",
"mimeType": "application/pdf"
},
{
"id": "FILE-DTBS:ac842283-afd4-4e26-9873-2bf35bd89b42/DTBS",
"filename": "SailCruiser-15-rental.pdf",
"description": null,
"version": "999",
"modificationTime": null,
"filePurpose": "PARTIALLY_SIGNED_CONTENT_FILE",
"mimeType": "application/pdf"
}
],
"tags": [
],
"flags": [
"FLAG:VIEWED"
],
"createdAt": "2020-06-18T19:16:40.997Z",
"modifiedAt": "2020-10-21T15:48:34.863Z"
}
Parties
- Individuals (people) - represented by Person structure
- Organizations - companies and other legal entities, represented by Organization structure
- Party groups - groups of parties, grouped by the expected way of participation (such as group of 5 signers, with 2 of them required to proceed), or representing a named group such a department of a company - reserved for future use
{
"party": {
"type" : "PERSON",
"id": "PARTY-PUBLIC_SIGNING_PROCESS_ID:4060e833",
"firstName": "John",
"lastName": "Smith",
"name": "John Smith",
"contacts": [
{
"type": "CONTACT-TYPE:EMAIL",
"attributes": {
"email": "john.smith@acme.com"
}
}
],
"relationships": [
{
"type": "PARTY_RELATIONSHIP-TYPE:REPRESENTATIVE",
"party": {
"type" : "PERSON",
"name": "Acme Co.",
"extIds": [
{
"identificationSpace": "TAXID-PL-NIP",
"identifier": "898123432"
}
]
},
"attributes": {
"relationshipDescription": "Salesman"
}
}
]
},
"role": "SIGNER",
"participationStatus": "COMPLETED",
"constraints": [
{
"classifiers": [
"CONSTRAINT-UNIQUE_TYPE:PARTICIPATION_PRIORITY"
],
"attributes": {
"priority": 2
}
},
{
"classifiers": [
"CONSTRAINT-UNIQUE_TYPE:SIGNATURE_TYPE"
],
"attributes": {
"requiredClassifiers": [
"SIGNATURE_PROVIDER-SIGNATURE_TYPE:BASIC"
]
}
}
],
"currentUser": true,
"participationEvents": [
{
"eventType": "SIGNATURE",
"timestamp": "2020-10-21T15:48:34.863Z"
},
{
"eventType": "VIEWING",
"timestamp": "2020-06-18T19:16:40.997Z"
}
]
}
Content
{
"contentElements": [
{
"id": "FILE-SOURCE_FILE:3cf4307e-63cc-4be9-b616-bd2b99d9778e",
"filename": "SailCruiser-15-rental.pdf",
"description": null,
"version": "1",
"modificationTime": null,
"filePurpose": "SOURCE_FILE",
"mimeType": "application/pdf"
},
{
"id": "FILE-DTBS:ac842283-afd4-4e26-9873-2bf35bd89b42/DTBS",
"filename": "SailCruiser-15-rental.pdf",
"description": null,
"version": "999",
"modificationTime": null,
"filePurpose": "PARTIALLY_SIGNED_CONTENT_FILE",
"mimeType": "application/pdf"
}
]
}
Constraints
{
"classifiers": [
"CONSTRAINT-UNIQUE_TYPE:SIGNATURE_TYPE"
],
"attributes": {
"requiredClassifiers": [
"SIGNATURE_PROVIDER-SIGNATURE_TYPE:QUALIFIED"
]
}
}
The challenge-action-assertion model
An Interactive Voice Response system analogy
Step # | IVR (says) | User (does or says) |
---|---|---|
1 |
Good morning. You have 2 documents requiring your attention. Press 1 for document 1: "Loan agreement", Press 2 for document 2: "Account access proxy". |
Pressed: 2 |
2 |
You can either: Press 1 to sign the document, Press 2 to reject the document |
Pressed: 1 |
3 |
Your consent is required. Say "I consent" to accept the following statements: "I hereby confirm I have read the document titled 'Loan agreement' and agree with it. I want to sign the document". You can also press 1 to consent, or any other key to refuse the consent. |
Says: "I consent" |
4 |
Qualified signature is required. You can either: Press 1 to use Infocert signature, or Press 2 to use SimplySign signature |
Pressed: 1 |
5 |
You have two known certificates: Press 1 to select certificate with ID: "My main certificate", Press 2 to select certificate with ID: "My other certificate", Press 0 to provide other certificate |
Pressed: 2 |
6 |
A text message was sent to your phone number ending with 132. Please key in the digits of the code in the message, followed by # |
Pressed: 2812# |
7 |
We will require you to enter unique process id later. Please write it down: 52234555. Press 1 to continue, or 9 to repeat. |
Pressed: 1 |
8 |
We have gathered all the information required to sign the document. Please type the unique process id you have written down followed by # to continue with signing (irrevocable!), hang up or press # to abort. |
Pressed: 52234555# |
9 |
Processing your request. please stay on the line. […] Document signed successfully. |
Disconnected |
GET /document-processes?status=PROCESSING Authorization: Bearer [token] Content-Type: application/stream+json
GET /document-processes?status=PROCESSING&limit=50 Authorization: Bearer [token] Content-Type: application/json
HTTP/1.1 200 OK Date: Sun, 31 Jan 2021 12:56:12 GMT Content-Type: application/json
[
{
"id" : "DOCUMENT_PROCESS:528aa336-46a0-470f-b861-948fa8625455",
"title" : "Loan agreement"
},
{
"id" : "DOCUMENT_PROCESS:18beb9f0-7bcf-46ae-b4ff-bccac473d274",
"title" : "Account access proxy"
}
]
POST /document-processes/DOCUMENT_PROCESS:18beb9f0-7bcf-46ae-b4ff-bccac473d274/actions Authorization: Bearer [token] Content-Type: application/json
HTTP/1.1 403 Forbidden Date: Sun, 31 Jan 2021 12:56:12 GMT Content-Type: application/json X-CHALLENGE: ewoiY2xhc3NpZmllcnMiIDogWyAiQ0hBTExFTkdFX0NMQVNTSUZJRVItVU5JUVVFX1RZUEU6QUNUSU9OX1NFTEVDVElPTiIsCiJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VU0VSX0lOVEVSQUNUSU9OX1RZUEU6U0VMRUNUSU9OIiBdLAoiYXR0cmlidXRlcyIgOiB7CiJvcHRpb25zIiA6IFsgewoiaWQiIDogIkFDVElPTi1VTklRVUVfVFlQRTpTSUdOQVRVUkVfU0lHTkFUVVJFIiwKImRlc2NyaXB0aW9uIiA6ICJTaWduIiwKIm1ldGEiIDogbnVsbAp9LCB7CiJpZCIgOiAiQUNUSU9OLVVOSVFVRV9UWVBFOlNJR05BVFVSRV9SRUpFQ1RJT04iLAoiZGVzY3JpcHRpb24iIDogIlJlamVjdCIsCiJtZXRhIiA6IG51bGwKfSBdCn0KfQ
{
"type" : "/challenge",
"title" : "Challenge requested",
"status" : 403,
"instance" : "fdd454b7-6de8-4282-a326-0dacda71f19d"
}
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-USER_INTERACTION_TYPE:SELECTION", "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:ACTION_SELECTION" ],
"attributes" : {
"options" : [
{
"id" : "EVENT_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_APPLICATION",
"description" : "Sign"
},
{
"id" : "EVENT_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_REJECTION",
"description" : "Reject to sign"
}
]
}
}
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:ACTION_SELECTION" ],
"attributes" : {
"selectedIds" : ["EVENT_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_APPLICATION"]
}
}
POST /document-processes/DOCUMENT_PROCESS:18beb9f0-7bcf-46ae-b4ff-bccac473d274/actions Authorization: Bearer [token] Content-Type: application/json X-ASSERTION: ewogICJjbGFzc2lmaWVycyIgOiBbICJDSEFMTEVOR0UtQ0xBU1NGSUVSLTpVTklRVUVfVFlQRTpBQ1RJT05fU0VMRUNUSU9OIiBdLAogICJhdHRyaWJ1dGVzIiA6IHsKICAgICJzZWxlY3RlZElkcyIgOiBbIkFDVElPTi1VTklRVUVfVFlQRTpTSUdOQVRVUkVfU0lHTkFUVVJFIl0KICB9Cn0
Why is it so complex?
Generic handling of challenges based on user interaction type
- User interaction: INPUT
- User interaction: SELECTION
- User interaction: CONSENT
- User interaction: NONE
- User interaction: HTTP_REQUEST
- User interaction: VIDEO - reserved for future use, not specified yet
- User interaction: PHOTO - reserved for future use, not specified yet
User interaction: INPUT
{
"classifiers": [
"CHALLENGE_CLASSIFIER-UNIQUE_TYPE:INFOCERT_PIN",
"CHALLENGE_CLASSIFIER-RESTARTABILITY:RESTARTABLE",
"CHALLENGE_CLASSIFIER-USER_INTERACTION_TYPE:USER_INPUT"
],
"attributes": {}
}
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:INFOCERT_PIN" ],
"attributes" : {
"input" : "12345678"
}
}
User interaction: SELECTION
{
"classifiers": [
"CHALLENGE_CLASSIFIER-UNIQUE_TYPE:INFOCERT_ALIAS_SELECTION",
"CHALLENGE_CLASSIFIER-USER_INTERACTION_TYPE:SELECTION"
],
"attributes": {
"mode" : "single",
"options": [
{
"id": "INFOCERT_ALIAS:KT_48601123654",
"description": "KT_48601123654"
},
{
"id": "INFOCERT_ALIAS:KT_48871223654",
"description": "KT_48871223654"
}
]
}
}
{
"classifiers": [
"CHALLENGE_CLASSIFIER-UNIQUE_TYPE:INFOCERT_ALIAS_SELECTION"
],
"attributes": {
"selectedIds": [
"INFOCERT_ALIAS:KT_48871223654"
]
}
}
User interaction: CONSENT
{
"classifiers": [
"CHALLENGE_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_CONSENT_INFOCERT",
"CHALLENGE_CLASSIFIER-USER_INTERACTION_TYPE:CONSENT"
],
"attributes": {
"consents": [
{
"id": "CONSENT-INFOCERT_SIGNATURE_CONSENT_ID:SIG1",
"content": "I hereby agree to sign the presented document"
},
{
"id": "CONSENT-INFOCERT_SIGNATURE_CONSENT_ID:SIG2",
"content": "I confirm the content of the document is known to me"
}
]
}
}
{
"classifiers": [
"CHALLENGE_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_CONSENT_INFOCERT"
],
"attributes": {
"consentedIds": [
"CONSENT-INFOCERT_SIGNATURE_CONSENT_ID:SIG2",
"CONSENT-INFOCERT_SIGNATURE_CONSENT_ID:SIG1"
]
}
}
User interaction: NONE
{
"classifiers": [
"CHALLENGE_CLASSIFIER-UNIQUE_TYPE:ASSERTION_STORE",
"CHALLENGE_CLASSIFIER-USER_INTERACTION_TYPE:NONE"
],
"attributes": {
"assertions": [
"eyJjbGFzc2lmaWVycyI6WyJDSEFMTEVOR0VfT1JfQVNTRVJUSU9OX0NMQVNTXFw6VU5JUVVFX1RZUEU6SU5GT0NFUlRfQUNDRVNTX1RPS0VOIl0sImF0dHJpYnV0ZXMiOnsidmFsdWUiOiJzb21lYWNjZXNzdG9rZW52YWx1ZXRvYmV1c2VkdXNlbGF0ZXIifX0"
],
"invalidations": [
"CHALLENGE_CLASSIFIER-UNIQUE_TYPE:INFOCERT_ACCESS_TOKEN"
],
"replacements": []
}
}
User interaction: HTTP_REQUEST
- http-request - a description of the request to make
- method: any valid HTTP method name, for example GET or POST
- uri: the URL to send the requ to
- headers: an optional (multi-value) map of headers to add to the request
- body: an optional body to be sent with the request
- body-encoding: an encoding applied to the body (helps to avoid issues in escaping special characters in the JSON description). Optional, defaults to plain (literal), other values include base64 or base64 url. The body should be decoded before adding it to the request
- http-request - an optional user interaction mode description, defaults to "browser" which requests opening the response to the request in a web browser (web view, tab, iframe etc.). Can be "headless" which implies there is no meaningful content to be presented to the user nor user interaction involved (reserved for future API calls description, for example for firewall traversal scenarios or sophisticated SSO).
{
"classifiers": [
"CHALLENGE_CLASSIFIER-UNIQUE_TYPE:QUALIFIED_SIGNATURE_UI_REDIRECT",
"CHALLENGE_CLASSIFIER-USER_INTERACTION_TYPE:HTTP_REQUEST"
],
"attributes": {
"http-request" : {
"method" : "POST",
"uri" : "https://autenti.com/sign/1e7c1447-747d-4812-a5ca-89ddebbd41a4",
"headers" : {
"X-AUTH-TOKEN" : ["zB8SttFsNNmYwEOxtXAa"],
"Content-Type" : ["x-www-form-urlencoded"]
},
"body" : "literal body to be sent",
"body-encoding" : "plain"
},
"user-interaction" : "browser"
}
}
Client side assertion store
Request to store state
{
"classifiers": [
"CHALLENGE_CLASSIFIER-UNIQUE_TYPE:ASSERTION_STORE",
"CHALLENGE_CLASSIFIER-USER_INTERACTION_TYPE:NONE"
],
"attributes": {
"assertions": [
"eyJjbGFzc2lmaWVycyI6WyJDSEFMTEVOR0VfT1JfQVNTRVJUSU9OX0NMQVNTXFw6VU5JUVVFX1RZUEU6SU5GT0NFUlRfQUNDRVNTX1RPS0VOIl0sImF0dHJpYnV0ZXMiOnsidmFsdWUiOiJzb21lYWNjZXNzdG9rZW52YWx1ZXRvYmV1c2VkdXNlbGF0ZXIifX0"
],
"invalidations": [
"CHALLENGE_CLASSIFIER-UNIQUE_TYPE:INFOCERT_ACCESS_TOKEN"
],
"replacements": []
}
}
- REQUEST - use (send) in one, single request, the next one in process, an ephemeral assertion
- CONTINUATION - use (send) in all requests till the end of the logical process (say: signing). An application MAY maintain multiple separate CONTINUATION scopes, if multiple processes can be done in parallel (for example: acting on many documents in different tabs). As a rule, acting on the same document from multiple contexts in parallel SHOULD be avoided, and may lead to inability to finish one or all of those parallel processes.
- UNINTERRUPTED_SESSION - use as long as the user interaction with the system is uninterrupted (reserved for future elevated auth scenarios)
- TIMED - use for some limited time, specified in the attribute "expiration" (reserved for future scenarios)
- SESSION - use as long as the user is in session with the app (reserved for future elevated auth scenarios)
- INDEFINITE - store permanently (on disk), removed only on explicit request (see: "invalidations")
Replacements
- (reserved for future use) mark the assertion so that if this assertion is sent, the system will not send assertions classified as described in the "replacements" (but will not remove those assertions from scopes, just ignore them if it decides to send givne assertion).
Restartable challenges
Requesting restart of a step
{
"classifiers": [
"CHALLENGE_CLASSIFIER-UNIQUE_TYPE:CHALLENGE_RESTART"
],
"attributes": {
"challenge": "eyJjbGFzc2lmaWVycyI6WyJDSEFMTEVOR0VfT1JfQVNTRVJUSU9OX0NMQVNTXFw6VU5JUVVFX1RZUEU6U0lHTkFUVVJFX0lORk9DRVJUX1NNU19PVFBfQVVUSE9SSVpBVElPTiIsIkNIQUxMRU5HRV9PUl9BU1NFUlRJT05fQ0xBU1NcXDpSRVNUQVJUQUJJTElUWTpSRVNUQVJUQUJMRSIsIkNIQUxMRU5HRV9PUl9BU1NFUlRJT05fQ0xBU1NcXDpVU0VSX0lOVEVSQUNUSU9OX1RZUEU6VVNFUl9JTlBVVCJdLCJhdHRyaWJ1dGVzIjp7fX0"
}
}
Challenges created as a result of a recoverable error
Integration scenarios & examples
Querying existing documents
GET /api/document-processes/DOCUMENT_PROCESS:ac842283-afd4-4e26-9873-2bf35bd89b42 Authorization: Bearer [token] Content-Type: application/json
{
"id": "DOCUMENT_PROCESS:ac842283-afd4-4e26-9873-2bf35bd89b42",
"title": "Sailing boat rental agreement",
"description": "Please review the terms and sign",
"processLanguage": "en",
"status": "PROCESSING",
"parties": [
{
"party": {
"id": "PARTY-PUBLIC_APPROVAL_PROCESS_ID:4060e833",
"firstName": "Mark",
"lastName": "Wazowski",
"name": "Mark Wazowski",
"contacts": [
{
"type": "CONTACT-TYPE:EMAIL",
"attributes": {
"email": "mark.wazowski@acme.com"
}
}
],
"relationships": [
{
"type": "PARTY_RELATIONSHIP-TYPE:REPRESENTATIVE",
"party": {
"name": "Acme Co.",
"extIds": [
{
"identificationSpace": "TAXID-PL-NIP",
"identifier": "898123432"
}
]
},
"attributes": {
"relationshipDescription": "President"
}
}
]
},
"role": "APPROVER",
"participationStatus": "COMPLETED",
"constraints": [
{
"classifiers": [
"CONSTRAINT-UNIQUE_TYPE:PARTICIPATION_PRIORITY"
],
"attributes": {
"priority": 1
}
}
],
"currentUser": false,
"participationEvents": [
{
"eventType": "APPROVAL",
"timestamp": "2020-10-21T15:48:34.863Z"
},
{
"eventType": "VIEWING",
"timestamp": "2020-07-18T19:16:40.997Z"
}
]
},
{
"party": {
"id": "PARTY-PUBLIC_SIGNING_PROCESS_ID:4060e833",
"firstName": "John",
"lastName": "Smith",
"name": "John Smith",
"contacts": [
{
"type": "CONTACT-TYPE:EMAIL",
"attributes": {
"email": "john.smith@acme.com"
}
}
],
"relationships": [
{
"type": "PARTY_RELATIONSHIP-TYPE:REPRESENTATIVE",
"party": {
"name": "Acme Co.",
"extIds": [
{
"identificationSpace": "TAXID-PL-NIP",
"identifier": "898123432"
}
]
},
"attributes": {
"relationshipDescription": "Salesman"
}
}
]
},
"role": "SIGNER",
"participationStatus": "COMPLETED",
"constraints": [
{
"classifiers": [
"CONSTRAINT-UNIQUE_TYPE:PARTICIPATION_PRIORITY"
],
"attributes": {
"priority": 2
}
},
{
"classifiers": [
"CONSTRAINT-UNIQUE_TYPE:SIGNATURE_TYPE"
],
"attributes": {
"requiredClassifiers": [
"SIGNATURE_PROVIDER-SIGNATURE_TYPE:BASIC"
]
}
}
],
"currentUser": true,
"participationEvents": [
{
"eventType": "SIGNATURE",
"timestamp": "2020-10-21T15:48:34.863Z"
},
{
"eventType": "VIEWING",
"timestamp": "2020-06-18T19:16:40.997Z"
}
]
},
{
"party": {
"id": "PARTY-PUBLIC_SIGNING_PROCESS_ID:bdb551b2",
"firstName": "Maurice",
"lastName": "Chevallier",
"name": "Maurice Chevaller",
"contacts": [
{
"type": "CONTACT-TYPE:EMAIL",
"attributes": {
"email": "chevallier1981@gmail.com"
}
}
]
},
"role": "SIGNER",
"participationStatus": "PENDING",
"constraints": [
{
"classifiers": [
"CONSTRAINT-UNIQUE_TYPE:SIGNATURE_TYPE"
],
"attributes": {
"requiredClassifiers": [
"SIGNATURE_PROVIDER-SIGNATURE_TYPE:BASIC"
]
}
},
{
"classifiers": [
"CONSTRAINT-UNIQUE_TYPE:PARTICIPATION_PRIORITY"
],
"attributes": {
"priority": 3
}
}
],
"currentUser": false
},
{
"party": {
"id": "PARTY-PUBLIC_SIGNING_PROCESS_ID:4060e833",
"firstName": "John",
"lastName": "Smith",
"name": "John Smith",
"contacts": [
{
"type": "CONTACT-TYPE:EMAIL",
"attributes": {
"email": "john.smith@acme.com"
}
}
]
},
"role": "SENDER",
"participationStatus": "COMPLETED",
"currentUser": true,
"participationEvents": [
{
"eventType": "SUBMISSION",
"timestamp": "2020-06-18T19:16:40.997Z"
}
]
}
],
"contentElements": [
{
"id": "FILE-SOURCE_FILE:3cf4307e-63cc-4be9-b616-bd2b99d9778e",
"filename": "SailCruiser-15-rental.pdf",
"description": null,
"version": "1",
"modificationTime": null,
"filePurpose": "SOURCE_FILE",
"mimeType": "application/pdf"
},
{
"id": "FILE-DTBS:ac842283-afd4-4e26-9873-2bf35bd89b42/DTBS",
"filename": "SailCruiser-15-rental.pdf",
"description": null,
"version": "999",
"modificationTime": null,
"filePurpose": "PARTIALLY_SIGNED_CONTENT_FILE",
"mimeType": "application/pdf"
}
],
"tags": [
],
"flags": [
"FLAG:VIEWED"
],
"createdAt": "2020-06-18T19:16:40.997Z",
"modifiedAt": "2020-10-21T15:48:34.863Z"
}
GET /api/document-processes? limit=50 & offset=50 & modifiedAfter=2021-01-12T13:11:02.002Z Authorization: Bearer [token] Accept: application/json
GET /api/document-processes? [limit=5000 & offset=500] & modifiedAfter=2021-01-12T13:11:02.002Z & status=DRAFT Authorization: Bearer [token] Accept: application/stream+json
{ "id": "DOCUMENT_PROCESS:ac842283-afd4-4e26-9873-2bf35bd89b42", // omitted }
{ "id": "DOCUMENT_PROCESS:526803c2-ed2c-4427-9533-ce432639b2c8", // omitted }
{ "id": "DOCUMENT_PROCESS:7afaa96f-3d73-44e4-9551-af9a2014388c", // omitted }
{ "id": "DOCUMENT_PROCESS:e11928c1-ad4b-409d-bab2-2d03a5c49e51", // omitted }
{ "id": "DOCUMENT_PROCESS:7ce5ae9d-67e8-45cf-8c29-d98be9f9f6a1", // omitted }
...
{ "id": "DOCUMENT_PROCESS:756223d4-0933-44dd-be8b-3e27923092eb", // omitted }
{ "id": "DOCUMENT_PROCESS:d250707c-78db-4f8e-a9c9-7dc3f8e62954", // omitted }
{ "id": "DOCUMENT_PROCESS:bb842283-afd4-4e26-9873-f24421223333", // omitted }
Access constraints when accessing documents' list
Retrieving files and files' metadata
GET https://api.autenti.com/api/v2/document-processes/DOCUMENT_PROCESS:cc37ffda-dcce-43f0-8c5a-e1af0868dbdf/files
Accept: application/json
Authorization: Bearer [token]
GET https://api.autenti.com/api/v2/document-processes/DOCUMENT_PROCESS:cc37ffda-dcce-43f0-8c5a-e1af0868dbdf/files/FILE-SOURCE_FILE:3cf4307e-63cc-4be9-b616-bd2b99d9778e
Accept: application/json
Authorization: Bearer [token]
GET https://api.autenti.com/api/v2/document-processes/DOCUMENT_PROCESS:cc37ffda-dcce-43f0-8c5a-e1af0868dbdf/files/FILE-SOURCE_FILE:3cf4307e-63cc-4be9-b616-bd2b99d9778e/content
Accept: */*
If-Match: 212431af2e7
Range: bytes=200-
Authorization: Bearer [token]
Creating & sending a document via API
POST https://api.autenti.com/api/v2/document-processes
Accept: application/json
Content-Type: application/json
Authorization: Bearer [token]
200 OK
Content-Type: application/json
{
"id" : "DOCUMENT_PROCESS:cc37ffda-dcce-43f0-8c5a-e1af0868dbdf",
"title": "Placeholder title",
"processLanguage": "pl"
}
PUT https://api.autenti.com/api/v2/document-processes/DOCUMENT_PROCESS:cc37ffda-dcce-43f0-8c5a-e1af0868dbdf
Accept: application/json
Content-Type: application/json
Authorization: Bearer [token]
{
"title": "Boat rental agreement",
"description": "A boat rental agreement, between Marcin Niegodziwy of Eveil Empire and SunSails Co.",
"processLanguage": "pl",
"parties": [
{
"party": {
"firstName": "Marcin",
"lastName": "Niegodziwy",
"name": "Marcin Niegodziwy",
"email": "marcin.niegodziwy@fake.autenti.com",
"extIds": [],
"relationships": [
{
"type": "PARTY_RELATIONSHIP-TYPE:MEMBER",
"party": {
"name": "The Evil Empire",
"extIds": [
{
"identificationSpace": "TAXID-PL-NIP",
"identifier": "9979979979"
}
]
},
"attributes": {
"relationshipDescription": "Emperor"
}
}
]
},
"role": "SIGNER",
"constraints": [
{
"classifiers": [
"CONSTRAINT-UNIQUE_TYPE:SIGNATURE_TYPE"
],
"attributes": {
"requiredClassifiers": [
"SIGNATURE_PROVIDER-SIGNATURE_TYPE:BASIC"
]
}
}
]
}
],
"tags": [
{
"id": "TAG:5f744c47223ddf2bd8133306"
}
]
}
PATCH https://api.autenti.com/api/v2/document-processes/DOCUMENT_PROCESS:cc37ffda-dcce-43f0-8c5a-e1af0868dbdf
Accept: application/json
#Content-Type: application/json
Content-Type: application/merge-patch+json
version: 1
Authorization: Bearer [token]
{
"title": "Agrrement of evil intent",
"description": null,
"tags": [
{
"id": "TAG:5f744c47223ddf2bd8133306"
}
],
"parties": [
{
"party": {
"firstName": "Marcin",
"lastName": "Niegodziwy",
"name": "Marcin Niegodziwy",
"email": "marcin.niegodziwy@fake.autenti.com",
"extIds": [],
"relationships": [
{
"type": "PARTY_RELATIONSHIP-TYPE:MEMBER",
"party": {
"name": "Evil Empire",
"extIds": [
{
"identificationSpace": "TAXID-PL-NIP",
"identifier": "9979979979"
}
]
},
"attributes": {
"relationshipDescription": "Emperor"
}
}
]
},
"role": "SIGNER",
"constraints": [
{
"classifiers": [
"CONSTRAINT-UNIQUE_TYPE:SIGNATURE_TYPE"
],
"attributes": {
"requiredClassifiers": [
"SIGNATURE_PROVIDER-SIGNATURE_TYPE:BASIC"
]
}
},
{
"classifiers": [
"CONSTRAINT-UNIQUE_TYPE:PARTICIPATION_PRIORITY"
],
"attributes": {
"priority": 3
}
}
]
},
{
"party": {
"firstName": "Marcin",
"lastName": "Nikczemny",
"name": "Marcin Nikczemny",
"email": "marcin.nikczemny@fake.autenti.com",
"extIds": [],
"relationships": [
{
"type": "PARTY_RELATIONSHIP-TYPE:MEMBER",
"party": {
"name": "Evil Empire",
"extIds": [
{
"identificationSpace": "TAXID-PL-NIP",
"identifier": "9979979979"
}
]
},
"attributes": {
"relationshipDescription": "Vice-Emperor"
}
}
]
},
"role": "APPROVER",
"constraints": [
{
"classifiers": [
"CONSTRAINT-UNIQUE_TYPE:PARTICIPATION_PRIORITY"
],
"attributes": {
"priority": 1
}
}
]
},
{
"party": {
"firstName": "Marcin",
"lastName": "Szubrawy",
"name": "Marcin Szubrawy",
"email": "marcin.szubrawy@fake.autenti.com"
},
"role": "VIEWER",
"constraints": [
{
"constrainedActions": [
"CONSTRAINED_ACTION:VIEW"
],
"classifiers": [
"CONSTRAINT-UNIQUE_TYPE:DOCUMENT_ACCESS_OTP_AUTHORIZATION"
]
},
{
"constrainedActions": [
"CONSTRAINED_ACTION:VIEW"
],
"classifiers": [
"CONSTRAINT-UNIQUE_TYPE:PHONE_NUMBER"
],
"attributes": {
"phoneNumber": "48722722722"
}
}
]
}
]
}
PUT https://api.autenti.com/api/v2/document-processes/DOCUMENT_PROCESS:cc37ffda-dcce-43f0-8c5a-e1af0868dbdf/tags
Accept: application/json
Content-Type: application/json
Content-Type: application/merge-patch+json
version: 1
Authorization: Bearer [token]
[
{
"id": "TAG:5f744c47223ddf2bd8133306"
}
]
DELETE https://api.autenti.com/api/v2/documents/DOCUMENT_PROCESS:cc37ffda-dcce-43f0-8c5a-e1af0868dbdf/tags
Accept: application/json
Authorization: Bearer [token]
POST https://api.autenti.com/api/v2/document-processes/DOCUMENT_PROCESS:cc37ffda-dcce-43f0-8c5a-e1af0868dbdf/files
Content-Type: multipart/form-data; boundary=WebAppBoundary
Accept: application/json
Authorization: Bearer [token]
--WebAppBoundary
Content-Disposition: form-data; name="fileMeta"
Content-Type: application/json
{
"filename": "plan_zaglady.pdf",
"filePurpose": "SOURCE_FILE",
"mimeType": "application/pdf"
}
--WebAppBoundary--
Content-Disposition: form-data; name="file"
Content-Type: application/octet-stream
[some file content as stream of bytes]
--WebAppBoundary--
DELETE https://api.autenti.com/api/v2/document-processes/DOCUMENT_PROCESS:cc37ffda-dcce-43f0-8c5a-e1af0868dbdf/files
Accept: application/json
Authorization: Bearer [token]
DELETE https://api.autenti.com/api/v2/document-processes/DOCUMENT_PROCESS:cc37ffda-dcce-43f0-8c5a-e1af0868dbdf/files/FILE:ca0c4ddf-0c73-4530-a2c1-4f7efdd85c1d
Accept: application/json
Authorization: Bearer [token]
Discovering tags available to user
GET https://api.autenti.net/api/v2/tags
Authorization: Bearer [token]
Accept: application/json
200 OK Date: Wed, 10 Feb 2021 15:41:01 GMT Content-Type: application/json [ { "id": "TAG:a1744c47235ff2bd81333333", "name": "Acme Co.", "type": "ORGANIZATION_IMPLICIT" }, { "id": "TAG:5f744c47223ddf2bd8133306", "name": "Acme Co. - under NDA", "type": "ORGANIZATION_SHARED" } ]
- PRIVATE_TAG - reserved for future use by individual users, so that they can mark documents with #hashtags of their own
- ORGANIZATION_SHARED - tags defined by the admisntrators to be used within the organisation. Can be used as a method of selecting documents to apply additional logic (for example: to apply preferences of communication, or to enable moderators access to the document).
- ORGANIZATION_IMPLICIT - tags automatically added to all documents sent in context of given arginisation (when the sender is a representative of an organization). Cannot be explicitly added, will be added automatically upen sendign the document. Each organisational account defines a single tag of this type.
Sending a document
POST https://api.autenti.net/api/v2/document-processes/DOCUMENT_PROCESS:21c3a201-e3ea-4fbd-b850-2f0b8246ac2b/actions
Authorization: Bearer [token]
Content-Type: application/json
403 FORBIDDEN
Content-Type: application/json
X-CHALLENGE: ewogICJjbGFzc2lmaWVycyIgOiBbICJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VU0VSX0lOVEVSQUNUSU9OX1RZUEU6U0VMRUNUSU9OIiwgIkNIQUxMRU5HRV9DTEFTU0lGSUVSLVVOSVFVRV9UWVBFOkFDVElPTl9TRUxFQ1RJT04iIF0sCiAgImF0dHJpYnV0ZXMiIDogewogICAgIm9wdGlvbnMiIDogWwogICAgICAgIHsKICAgICAgICAgICJpZCIgOiAiRVZFTlRfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpFVkVOVF9DTEFTU0lGSUVSLVVOSVFVRV9UWVBFOkRPQ1VNRU5UX1NFTlQiLAogICAgICAgICAgImRlc2NyaXB0aW9uIiA6ICJTZW5kIgogICAgICAgIH0KICAgIF0KICB9Cn0
{"type":"/challenge","title":"Challenge requested","status":403,"detail":"Request to perform challenges described","instance":"12051c21-7287-4727-b42f-8267c0733448"}
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-USER_INTERACTION_TYPE:SELECTION", "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:ACTION_SELECTION" ],
"attributes" : {
"options" : [
{
"id" : "EVENT_CLASSIFIER-UNIQUE_TYPE:EVENT_CLASSIFIER-UNIQUE_TYPE:DOCUMENT_SENT",
"description" : "Send"
}
]
}
}
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:ACTION_SELECTION" ],
"attributes" : {
"selectedIds" : ["EVENT_CLASSIFIER-UNIQUE_TYPE:DOCUMENT_SENT"]
}
}
POST https://api.accept.autenti.net/api/v2/document-processes/DOCUMENT_PROCESS:21c3a201-e3ea-4fbd-b850-2f0b8246ac2b/actions
Authorization: Bearer [token]
Content-Type: application/json
X-ASSERTION: ewogICJjbGFzc2lmaWVycyIgOiBbICJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpBQ1RJT05fU0VMRUNUSU9OIiBdLAogICJhdHRyaWJ1dGVzIiA6IHsKICAgICJzZWxlY3RlZElkcyIgOiBbIkVWRU5UX0NMQVNTSUZJRVItVU5JUVVFX1RZUEU6RE9DVU1FTlRfU0VOVCJdCiAgfQp9
200 OK Date: Wed, 10 Feb 2021 15:41:01 GMT Content-Type: application/json {"timestamp":"2021-02-10T15:37:37.311Z","id":"EVENT-AUTENTI:87c61861-DOCUMENT_SENT","eventType":"EVENT_CLASSIFIER-UNIQUE_TYPE:DOCUMENT_SENT","classifiers":["EVENT_CLASSIFIER-PROCESS:CREATE"],"actor":{"id":"PARTY-PUBLIC_SENDER_PROCESS_ID:87c61861"},"object":{"id":"DOCUMENT_PROCESS:21c3a201-e3ea-4fbd-b850-2f0b8246ac2b","type":"EVENT_OBJECT-TYPE:DOCUMENT_PROCESS"},"attributes":{}}
Signing (approving, reviewing) a document
POST https://api.autenti.net/api/v2/document-processes/DOCUMENT_PROCESS:21c3a201-e3ea-4fbd-b850-2f0b8246ac2b/actions
Authorization: Bearer [token]
Content-Type: application/json
403 FORBIDDEN
Content-Type: application/json
X-CHALLENGE: ewogICJjbGFzc2lmaWVycyIgOiBbICJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VU0VSX0lOVEVSQUNUSU9OX1RZUEU6U0VMRUNUSU9OIiwgIkNIQUxMRU5HRV9DTEFTU0lGSUVSLVVOSVFVRV9UWVBFOkFDVElPTl9TRUxFQ1RJT04iIF0sCiAgImF0dHJpYnV0ZXMiIDogewogICAgIm9wdGlvbnMiIDogWwogICAgICAgIHsKICAgICAgICAgICJpZCIgOiAiRVZFTlRfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpTSUdOQVRVUkVfQVBQTElDQVRJT04iLAogICAgICAgICAgImRlc2NyaXB0aW9uIiA6ICJTaWduIgogICAgICAgIH0sCiAgICAgICAgewogICAgICAgICAgImlkIiA6ICJFVkVOVF9DTEFTU0lGSUVSLVVOSVFVRV9UWVBFOlNJR05BVFVSRV9SRUpFQ1RJT04iLAogICAgICAgICAgImRlc2NyaXB0aW9uIiA6ICJSZWplY3QgdG8gc2lnbiIKICAgICAgICB9CiAgICBdCiAgfQp9
{"type":"/challenge","title":"Challenge requested","status":403,"detail":"Request to perform challenges described","instance":"12051c21-7287-4727-b42f-8267c0733448"}
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-USER_INTERACTION_TYPE:SELECTION", "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:ACTION_SELECTION" ],
"attributes" : {
"options" : [
{
"id" : "EVENT_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_APPLICATION",
"description" : "Sign"
},
{
"id" : "EVENT_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_REJECTION",
"description" : "Reject to sign"
}
]
}
}
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:ACTION_SELECTION" ],
"attributes" : {
"selectedIds" : "EVENT_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_APPLICATION"
}
}
POST https://api.accept.autenti.net/api/v2/document-processes/DOCUMENT_PROCESS:4ee133f5-b37f-4213-b6b6-f7e9a72eb80f/actions
Authorization: Bearer [token]
Content-Type: application/json
X-ASSERTION: ewogICJjbGFzc2lmaWVycyIgOiBbICJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpBQ1RJT05fU0VMRUNUSU9OIiBdLAogICJhdHRyaWJ1dGVzIiA6IHsKICAgICJzZWxlY3RlZElkcyIgOiAiRVZFTlRfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpTSUdOQVRVUkVfQVBQTElDQVRJT04iCiAgfQp9
403 FORBIDDEN
Content-Type: application/json
X-CHALLENGE: eyJjbGFzc2lmaWVycyI6WyJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpQUk9WSURFUl9TRUxFQ1RJT04iLCJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VU0VSX0lOVEVSQUNUSU9OX1RZUEU6U0VMRUNUSU9OIl0sImF0dHJpYnV0ZXMiOnsib3B0aW9ucyI6W3siaWQiOiJTSUdOSU5HX01FVEhPRF9QUk9WSURFUjpBVVRFTlRJIiwiZGVzY3JpcHRpb24iOiJBdXRlbnRpIHNpZ25hdHVyZSIsIm1ldGEiOm51bGx9XX19
X-CHALLENGE: eyJjbGFzc2lmaWVycyI6WyJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpTSUdOQVRVUkVfQ09OU0VOVCIsIkNIQUxMRU5HRV9DTEFTU0lGSUVSLVVTRVJfSU5URVJBQ1RJT05fVFlQRTpDT05TRU5UIl0sImF0dHJpYnV0ZXMiOnsiY29uc2VudHMiOlt7ImlkIjoiQ09OU0VOVC1DT05URU5UX01ENV9IRVg6M2IxNDcwNWM1MWJkNzE0OGY1OThmM2EyYWIwMzA0ZGIiLCJjb250ZW50IjoiT8Wbd2lhZGN6YW0sIMW8ZSB6bmFtIGkgYWtjZXB0dWrEmSB0cmXFm8SHIHcgdWRvc3TEmXBuaW9ueWNoIHBsaWthY2ggb3JheiBha2NlcHR1asSZIHBvc3Rhbm93aWVuaWEgW1JlZ3VsYW1pbnUgUGxhdGZvcm15IEF1dGVudGldKGh0dHBzOi8vYXV0ZW50aS5jb20vcmVndWxhbWlueSkuIn1dfX0
{"type":"/challenge","title":"Challenge requested","status":403,"detail":"Request to perform challenges described","instance":"12051c21-7287-4727-b42f-8267c0733448"}
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:PROVIDER_SELECTION", "CHALLENGE_CLASSIFIER-USER_INTERACTION_TYPE:SELECTION" ],
"attributes" : {
"options" : [ {
"id" : "SIGNING_METHOD_PROVIDER:AUTENTI",
"description" : "Autenti signature",
"meta" : null
} ]
}
}
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_CONSENT", "CHALLENGE_CLASSIFIER-USER_INTERACTION_TYPE:CONSENT" ],
"attributes" : {
"consents" : [ {
"id" : "CONSENT-CONTENT_MD5_HEX:3b14705c51bd7148f598f3a2ab0304db",
"content" : "Oświadczam, że znam i akceptuję treść w udostępnionych plikach oraz akceptuję postanowienia [Regulaminu Platformy Autenti](https://autenti.com/regulaminy)."
} ]
}
}
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:PROVIDER_SELECTION" ],
"attributes" : {
"selectedIds" : ["SIGNING_METHOD_PROVIDER:AUTENTI"]
}
}
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_CONSENT" ],
"attributes" : {
"consentedIds" : [ "CONSENT-CONTENT_MD5_HEX:3b14705c51bd7148f598f3a2ab0304db" ]
}
}
POST https://api.accept.autenti.net/api/v2/document-processes/DOCUMENT_PROCESS:4ee133f5-b37f-4213-b6b6-f7e9a72eb80f/actions
Authorization: Bearer [token]
Content-Type: application/json
X-ASSERTION: ewogICJjbGFzc2lmaWVycyIgOiBbICJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpBQ1RJT05fU0VMRUNUSU9OIiBdLAogICJhdHRyaWJ1dGVzIiA6IHsKICAgICJzZWxlY3RlZElkcyIgOiAiRVZFTlRfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpTSUdOQVRVUkVfQVBQTElDQVRJT04iCiAgfQp9
X-ASSERTION: ewogICJjbGFzc2lmaWVycyIgOiBbICJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpQUk9WSURFUl9TRUxFQ1RJT04iIF0sCiAgImF0dHJpYnV0ZXMiIDogewogICAgInNlbGVjdGVkSWRzIiA6IFsiU0lHTklOR19NRVRIT0RfUFJPVklERVI6QVVURU5USSJdCiAgfQp9
X-ASSERTION: ewogICJjbGFzc2lmaWVycyIgOiBbICJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpTSUdOQVRVUkVfQ09OU0VOVCIgXSwKICAiYXR0cmlidXRlcyIgOiB7CiAgICAiY29uc2VudGVkSWRzIiA6IFsgIkNPTlNFTlQtQ09OVEVOVF9NRDVfSEVYOjNiMTQ3MDVjNTFiZDcxNDhmNTk4ZjNhMmFiMDMwNGRiIiBdCiAgfQp9
200 OK Date: Wed, 10 Feb 2021 15:41:01 GMT Content-Type: application/json {"timestamp":"2021-02-10T15:37:37.311Z","id":"EVENT-AUTENTI:87c61861-SIGNATURE_APPLICATION","eventType":"EVENT_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_REJECTION","classifiers":["EVENT_CLASSIFIER-PROCESS:SIGNATURE"],"actor":{"id":"PARTY-PUBLIC_SIGNING_PROCESS_ID:87c61861"},"object":{"id":"DOCUMENT_PROCESS:b03be081-fd72-48f3-ae52-287b8045e400","type":"EVENT_OBJECT-TYPE:DOCUMENT_PROCESS"},"attributes":{}}
Refusing to sign a document
POST https://api.autenti.net/api/v2/document-processes/DOCUMENT_PROCESS:21c3a201-e3ea-4fbd-b850-2f0b8246ac2b/actions
Authorization: Bearer [token]
Content-Type: application/json
403 FORBIDDEN
Content-Type: application/json
X-CHALLENGE: ewogICJjbGFzc2lmaWVycyIgOiBbICJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VU0VSX0lOVEVSQUNUSU9OX1RZUEU6U0VMRUNUSU9OIiwgIkNIQUxMRU5HRV9DTEFTU0lGSUVSLVVOSVFVRV9UWVBFOkFDVElPTl9TRUxFQ1RJT04iIF0sCiAgImF0dHJpYnV0ZXMiIDogewogICAgIm9wdGlvbnMiIDogWwogICAgICAgIHsKICAgICAgICAgICJpZCIgOiAiRVZFTlRfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpTSUdOQVRVUkVfQVBQTElDQVRJT04iLAogICAgICAgICAgImRlc2NyaXB0aW9uIiA6ICJTaWduIgogICAgICAgIH0sCiAgICAgICAgewogICAgICAgICAgImlkIiA6ICJFVkVOVF9DTEFTU0lGSUVSLVVOSVFVRV9UWVBFOlNJR05BVFVSRV9SRUpFQ1RJT04iLAogICAgICAgICAgImRlc2NyaXB0aW9uIiA6ICJSZWplY3QgdG8gc2lnbiIKICAgICAgICB9CiAgICBdCiAgfQp9
{"type":"/challenge","title":"Challenge requested","status":403,"detail":"Request to perform challenges described","instance":"12051c21-7287-4727-b42f-8267c0733448"}
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-USER_INTERACTION_TYPE:SELECTION", "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:ACTION_SELECTION" ],
"attributes" : {
"options" : [
{
"id" : "EVENT_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_APPLICATION",
"description" : "Sign"
},
{
"id" : "EVENT_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_REJECTION",
"description" : "Reject to sign"
}
]
}
}
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:ACTION_SELECTION" ],
"attributes" : {
"selectedIds" : ["EVENT_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_REJECTION"]
}
}
POST https://api.autenti.net/api/v2/document-processes/DOCUMENT_PROCESS:b03be081-fd72-48f3-ae52-287b8045e400/actions
Authorization: Bearer [token]
Content-Type: application/json
X-ASSERTION: ewogICJjbGFzc2lmaWVycyIgOiBbICJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpBQ1RJT05fU0VMRUNUSU9OIiBdLAogICJhdHRyaWJ1dGVzIiA6IHsKICAgICJzZWxlY3RlZElkcyIgOiBbIkVWRU5UX0NMQVNTSUZJRVItVU5JUVVFX1RZUEU6U0lHTkFUVVJFX1JFSkVDVElPTiJdCiAgfQp9
403 FORBIDDEN
Date: Wed, 10 Feb 2021 15:35:49 GMT
Content-Type: application/json
X-CHALLENGE: eyJjbGFzc2lmaWVycyI6WyJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpTSUdOQVRVUkVfUkVKRUNUSU9OX0NPTlNFTlQiLCJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VU0VSX0lOVEVSQUNUSU9OX1RZUEU6Q09OU0VOVCJdLCJhdHRyaWJ1dGVzIjp7ImNvbnNlbnRzIjpbeyJpZCI6IkNPTlNFTlQtQ09OVEVOVF9NRDVfSEVYOjNiMTQ3MDVjNTFiZDcxNDhmNTk4ZjNhMmFiMDMwNGRiIiwiY29udGVudCI6Ik_Fm3dpYWRjemFtLCDFvGUgem5hbSBpIGFrY2VwdHVqxJkgdHJlxZvEhyB3IHVkb3N0xJlwbmlvbnljaCBwbGlrYWNoIG9yYXogYWtjZXB0dWrEmSBwb3N0YW5vd2llbmlhIFtSZWd1bGFtaW51IFBsYXRmb3JteSBBdXRlbnRpXShodHRwczovL2F1dGVudGkuY29tL3JlZ3VsYW1pbnkpLiJ9XX19
X-CHALLENGE: eyJjbGFzc2lmaWVycyI6WyJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpTSUdOQVRVUkVfUkVKRUNUSU9OX1JFQVNPTiIsIkNIQUxMRU5HRV9DTEFTU0lGSUVSLVVTRVJfSU5URVJBQ1RJT05fVFlQRTpVU0VSX0lOUFVUIl0sImF0dHJpYnV0ZXMiOnt9fQ
{"type":"/challenge","title":"Challenge requested","status":403,"detail":"Request to perform challenges described","instance":"95e66e84-36af-4a56-ace0-15dbec83f886"}
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_REJECTION_CONSENT", "CHALLENGE_CLASSIFIER-USER_INTERACTION_TYPE:CONSENT" ],
"attributes" : {
"consents" : [ {
"id" : "CONSENT-CONTENT_MD5_HEX:3b14705c51bd7148f598f3a2ab0304db",
"content" : "Oświadczam, że znam i akceptuję treść w udostępnionych plikach oraz akceptuję postanowienia [Regulaminu Platformy Autenti](https://autenti.com/regulaminy)."
} ]
}
}
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_REJECTION_CONSENT" ],
"attributes" : {
"consentedIds" : [ "CONSENT-CONTENT_MD5_HEX:3b14705c51bd7148f598f3a2ab0304db" ]
}
}
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-USER_INTERACTION_TYPE:USER_INPUT", "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_REJECTION_REASON" ],
"attributes" : { }
}
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_REJECTION_REASON" ],
"attributes" : {
"userInput" : "The document is not as agreed before"
}
}
POST https://api.autenti.net/api/v2/document-processes/DOCUMENT_PROCESS:b03be081-fd72-48f3-ae52-287b8045e400/actions Authorization: Bearer [token] Content-Type: application/json X-ASSERTION: ewogICJjbGFzc2lmaWVycyIgOiBbICJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpBQ1RJT05fU0VMRUNUSU9OIiBdLAogICJhdHRyaWJ1dGVzIiA6IHsKICAgICJzZWxlY3QiIDogIkVWRU5UX0NMQVNTSUZJRVItVU5JUVVFX1RZUEU6U0lHTkFUVVJFX1JFSkVDVElPTiIKICB9Cn0 X-ASSERTION: ewogICJjbGFzc2lmaWVycyIgOiBbICJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpTSUdOQVRVUkVfUkVKRUNUSU9OX0NPTlNFTlQiIF0sCiAgImF0dHJpYnV0ZXMiIDogewogICAgImNvbnNlbnRzIiA6IFsgIkNPTlNFTlQtQ09OVEVOVF9NRDVfSEVYOjNiMTQ3MDVjNTFiZDcxNDhmNTk4ZjNhMmFiMDMwNGRiIiBdCiAgfQp9 X-ASSERTION: ewogICJjbGFzc2lmaWVycyIgOiBbICJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpTSUdOQVRVUkVfUkVKRUNUSU9OX1JFQVNPTiIgXSwKICAiYXR0cmlidXRlcyIgOiB7CiAgICAidXNlcklucHV0IiA6ICJUaGUgZG9jdW1lbnQgaXMgbm90IGFzIGFncmVlZCBiZWZvcmUiCiAgfQp9
200 OK Date: Wed, 10 Feb 2021 15:37:37 GMT Content-Type: application/json {"timestamp":"2021-02-10T15:37:37.311Z","id":"EVENT-AUTENTI:87c61861-SIGNATURE_REJECTION","eventType":"EVENT_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_REJECTION","classifiers":["EVENT_CLASSIFIER-PROCESS:SIGNATURE"],"actor":{"id":"PARTY-PUBLIC_SIGNING_PROCESS_ID:87c61861"},"object":{"id":"DOCUMENT_PROCESS:b03be081-fd72-48f3-ae52-287b8045e400","type":"EVENT_OBJECT-TYPE:DOCUMENT_PROCESS"},"attributes":{"comment":"The document is not as agreed before"}}
Withdrawing a document before process completion
POST https://api.autenti.net/api/v2/document-processes/DOCUMENT_PROCESS:21c3a201-e3ea-4fbd-b850-2f0b8246ac2b/actions
Authorization: Bearer [token]
Content-Type: application/json
403 FORBIDDEN
Content-Type: application/json
X-CHALLENGE: ewogICJjbGFzc2lmaWVycyIgOiBbICJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VU0VSX0lOVEVSQUNUSU9OX1RZUEU6U0VMRUNUSU9OIiwgIkNIQUxMRU5HRV9DTEFTU0lGSUVSLVVOSVFVRV9UWVBFOkFDVElPTl9TRUxFQ1RJT04iIF0sCiAgImF0dHJpYnV0ZXMiIDogewogICAgIm9wdGlvbnMiIDogWwogICAgICAgIHsKICAgICAgICAgICJpZCIgOiAiRVZFTlRfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpTSUdOQVRVUkVfQVBQTElDQVRJT04iLAogICAgICAgICAgImRlc2NyaXB0aW9uIiA6ICJTaWduIgogICAgICAgIH0sCiAgICAgICAgewogICAgICAgICAgImlkIiA6ICJFVkVOVF9DTEFTU0lGSUVSLVVOSVFVRV9UWVBFOkRPQ1VNRU5UX1dJVEhEUkFXQUwiLAogICAgICAgICAgImRlc2NyaXB0aW9uIiA6ICJXaXRoZHJhdyBkb2N1bWVudCIKICAgICAgICB9LAogICAgICAgIHsKICAgICAgICAgICJpZCIgOiAiRVZFTlRfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpTSUdOQVRVUkVfUkVKRUNUSU9OIiwKICAgICAgICAgICJkZXNjcmlwdGlvbiIgOiAiUmVqZWN0IHRvIHNpZ24iCiAgICAgICAgfQogICAgXQogIH0KfQ
{"type":"/challenge","title":"Challenge requested","status":403,"detail":"Request to perform challenges described","instance":"12051c21-7287-4727-b42f-8267c0733448"}
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-USER_INTERACTION_TYPE:SELECTION", "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:ACTION_SELECTION" ],
"attributes" : {
"options" : [
{
"id" : "EVENT_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_APPLICATION",
"description" : "Sign"
},
{
"id" : "EVENT_CLASSIFIER-UNIQUE_TYPE:SIGNATURE_REJECTION",
"description" : "Reject to sign"
},
{
"id" : "EVENT_CLASSIFIER-UNIQUE_TYPE:DOCUMENT_WITHDRAWAL",
"description" : "Withdraw document"
}
]
}
}
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:ACTION_SELECTION" ],
"attributes" : {
"selectedIds" : ["EVENT_CLASSIFIER-UNIQUE_TYPE:DOCUMENT_WITHDRAWAL"]
}
}
POST https://api.autenti.net/api/v2/document-processes/DOCUMENT_PROCESS:b03be081-fd72-48f3-ae52-287b8045e400/actions
Authorization: Bearer [token]
Content-Type: application/json
X-ASSERTION: ewogICJjbGFzc2lmaWVycyIgOiBbICJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpBQ1RJT05fU0VMRUNUSU9OIiBdLAogICJhdHRyaWJ1dGVzIiA6IHsKICAgICJzZWxlY3RlZElkcyIgOiBbIkVWRU5UX0NMQVNTSUZJRVItVU5JUVVFX1RZUEU6RE9DVU1FTlRfV0lUSERSQVdBTCJdCiAgfQp9
200 OK
Date: Wed, 10 Feb 2021 15:37:37 GMT
Content-Type: application/json
{
"timestamp": "2021-02-10T15:37:37.311Z",
"id": "EVENT-AUTENTI:87c61861-DOCUMENT_WITHDRAWAL",
"eventType": "EVENT_CLASSIFIER-UNIQUE_TYPE:DOCUMENT_WITHDRAWAL",
"actor": {
"id": "PARTY-PUBLIC_SENDER_ID:87c61861"
},
"object": {
"id": "DOCUMENT_PROCESS:b03be081-fd72-48f3-ae52-287b8045e400",
"type": "EVENT_OBJECT-TYPE:DOCUMENT_PROCESS"
},
"attributes": {}
}
Reminding about a document before process completion
A sender (and in case of documents with specific company tags, a configured moderator of documents marked with given tag) can withdraw a document as long as the process was not completed (not all of required participants took part).
Reminding about a document is a simple step process:
As with any action, an intention
POST https://api.autenti.net/api/v2/document-processes/DOCUMENT_PROCESS:21c3a201-e3ea-4fbd-b850-2f0b8246ac2b/actions
Authorization: Bearer [token]
Content-Type: application/json
As the initial request did not contain information about desired action, a challenge response is returned:
{403 FORBIDDEN
Content-Type: application/json
X-CHALLENGE: ewogICJjbGFzc2lmaWVycyIgOiBbICJDSEFMTEVOR0VfQ0xBU1NJRklFUi1VU0VSX0lOVEVSQUNUSU9OX1RZUEU6U0VMRUNUSU9OIiwgIkNIQUxMRU5HRV9DTEFTU0lGSUVSLVVOSVFVRV9UWVBFOkFDVElPTl9TRUxFQ1RJT04iIF0sCiAgImF0dHJpYnV0ZXMiIDogewogICAgIm9wdGlvbnMiIDogWwogICAgICAgIHsKICAgICAgICAgICJpZCIgOiAiRVZFTlRfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpTSUdOQVRVUkVfQVBQTElDQVRJT04iLAogICAgICAgICAgImRlc2NyaXB0aW9uIiA6ICJTaWduIgogICAgICAgIH0sCiAgICAgICAgewogICAgICAgICAgImlkIiA6ICJFVkVOVF9DTEFTU0lGSUVSLVVOSVFVRV9UWVBFOkRPQ1VNRU5UX1dJVEhEUkFXQUwiLAogICAgICAgICAgImRlc2NyaXB0aW9uIiA6ICJXaXRoZHJhdyBkb2N1bWVudCIKICAgICAgICB9LAogICAgICAgIHsKICAgICAgICAgICJpZCIgOiAiRVZFTlRfQ0xBU1NJRklFUi1VTklRVUVfVFlQRTpTSUdOQVRVUkVfUkVKRUNUSU9OIiwKICAgICAgICAgICJkZXNjcmlwdGlvbiIgOiAiUmVqZWN0IHRvIHNpZ24iCiAgICAgICAgfQogICAgXQogIH0KfQ
{"type":"/challenge","title":"Challenge requested","status":403,"detail":"Request to perform challenges described","instance":"12051c21-7287-4727-b42f-8267c0733448"}
The challenge describes the options. Actions are described using a language of desired end result: a type of event generated by successful action. For a hypothetical sender, who is also a signer of the document, the list would be:
Decoded action selection challenge
{
"classifiers" : [ "CHALLENGE_CLASSIFIER-USER_INTERACTION_TYPE:SELECTION", "CHALLENGE_CLASSIFIER-UNIQUE_TYPE:ACTION_SELECTION" ],
"attributes" : {
"options" : [
{
"id" : "EVENT_CLASSIFIER-UNIQUE_TYPE:DOCUMENT_REMINDER_SENT",
Send assertions with action:
{
"classifiers": [
"CHALLENGE_CLASSIFIER-UNIQUE_TYPE:ACTION_SELECTION"
],
"attributes": {
"selectedIds": [
"EVENT_CLASSIFIER-UNIQUE_TYPE:DOCUMENT_REMINDER_SENT"
]
}
}
You will receive:
{
"classifiers": [
"CHALLENGE_CLASSIFIER-UNIQUE_TYPE:DOCUMENT_REMINDER_PARTY_SELECTION",
"CHALLENGE_CLASSIFIER-USER_INTERACTION_TYPE:SELECTION"
],
"attributes": {
"mode": "multi",
"options": [
{
"id": "PARTY-PUBLIC_SIGNING_PROCESS_ID:404869e2",
"description": "Marcin Szubrawy / marcin.szubrawy@fake.autenti.com",
"availability": "AVAILABLE"
},
{
"id": "PARTY-PUBLIC_REVIEW_PROCESS_ID:cd671140",
"description": "Marcin Niegodziwy / marcin.niegodziwy@fake.autenti.com",
"availability": "AVAILABLE"
},
{
"id": "PARTY-PUBLIC_APPROVE_PROCESS_ID:cd671140",
"description": "Marcin Nikczemny / marcin.nikczemny@fake.autenti.com",
"availability": "AVAILABLE"
},
]
}
}
For this challenge we add attribute: mode. Mode: multi means you can choose more than one recipient. You can send a reminder to: signer, reviewer and approver.
{
"classifiers": [
"CHALLENGE_CLASSIFIER-UNIQUE_TYPE:DOCUMENT_REMINDER_PARTY_SELECTION"
],
"attributes": {
"selectedIds": [
"PARTY-PUBLIC_REVIEW_PROCESS_ID:cd671140"
]
}
}