API
The signature API is a HTTP-based API which is based on the OASIS Digital Signature Services specification.
The API is accessible on base url https://sign.myid.be/api
for registered organisations.
HTTPS is required.
The specified endpoints use JSON as language-independent data format. API Reference documentation is available. It is also possible to download the OpenAPI specification.
The Digital Signature Services (DSS) endpoints allow creating and reading so-called signature sessions. The certificates endpoint allows reading public certificates of a user.
Authentication
All API endpoints require authentication with a valid bearer access token having the request_signature
scope. The client must send the token in the Authorization
header when making requests to the API.
The tokens are to be requested by a "Signature" client application using a client credentials grant. You can configure this client application for your organisation using the Management Console.
Example HTTP request:
POST /api/sign
Content-Type: application/json
Authorization: Bearer [access-token]
...
Discovery
A JSON document containing metadata about the signature service is accessible on the following endpoint:
https://sign.myid.be/.well-known/dss-info
.
More information about the metadata format can be found in the OASIS Digital Signature Service Metadata specification.