For testing purposes, Uanataca provides integrators of a pre-configured test-mode One-Shot Optimizer accessible at the following URL:
https://one-shot.developers.uanataca.com
In test environment, requests can be easily created, validated or approved by using a stored default Operator credentials set represented by an alfanumeric string called token. This token can be found when executing the List Tokens call.
List Tokens call output:
{
"status": "200 OK",
"details": {
"6d1cae4d55be4cdf9cac50ee36f73406": {
"username": "9001800",
"password": true,
"pin": true,
"NOTE": "On this demo environment, this method will only return the demo token"
}
}
}
When using our test-mode Optimizer, you must consider:
Want to configure your own test-mode Optimizer? Find instructions in the configuration section.
Uanataca SMS
Other authentication methods
The next section presents the workflow for a simple use case of the One-Shot Signature service with a step-by-step description of the API calls required to allow a user to digitally sign a document provided by the client application.
The basic digital signature process involves the following steps:
1) RETRIEVE AN EXISTING TOKEN FOR THE RAO
2) CREATE A NEW DIGITAL SIGNATURE REQUEST
3) UPLOAD A DOCUMENT
4) RETRIEVE SERVICE CONTRACT
5) GENERATE AN OTP (only for Uanataca SMS)
6) SIGN THE DOCUMENT
7) RETRIEVE SIGNED DOCUMENT
8) DELETE DOCUMENTS FROM OPTIMIZER
STEP 1: RETRIEVE AN EXISTING TOKEN FOR THE RAO
API Reference: List Tokens
The test-mode One-Shot Optimizer is pre-configured with a Registration Authority Officer (RAO) account ready to be used within the test environment. This account has an associated token that can be used to identify the RAO in API calls.
curl -X GET https://one-shot.developers.uanataca.com/api/v1/tokens
This call should return the following JSON object:
{
"status": "200 OK",
"details": {
"6d1cae4d55be4cdf9cac50ee36f73406": {
"username": "9001800",
"password": true,
"pin": true
}
}
}
This output tells us that a single token "6d1cae4d55be4cdf9cac50ee36f73406" exists. This token is associated to the RAO account with id "9001800" and can be used instead of the password and pin.
To use tokens in a production environment, you will need to create them first using the corresponding Create token API call.
STEP 2: CREATE A NEW DIGITAL SIGNATURE REQUEST
API Reference: Create Request
In One-Shot Signature Service, all data corresponding to a given digital signature is collected within a Digital Signature Request. This includes both the identifying information of the signing user -provided when you create the signature request- and the document or documents to be signed, to be uploaded in an upcoming step.
This call must include enough information to identify both the signing user and the RAO approving the request. The full description of the arguments accepted by this endpoint can be found in the API call detailed documentation, but for now it is enough to include at least the following:
curl --location --request POST 'https://one-shot.developers.uanataca.com/api/v1/request' \
--form 'token=6d1cae4d55be4cdf9cac50ee36f73406' \
--form 'profile=PFnubeQAFCiudadano' \
--form 'given_name=name_of_the_user' \
--form 'surname_1=surname_of_the_user' \
--form 'email=user-example@domain.com' \
--form 'mobile_phone_number=+343391234567' \
--form 'document_front=@document_front.png' \
--form 'document_rear=@document_rear.png' \
--form 'document_owner=@document_owner.png'
where "token" is the token representing the RAO's credentials obtained in the previous step.
If the signature request is completed successfully, we will get the unique identifier assigned to it:
{
"status": "201 Created",
"details": 1464
}
The code shown above will be used to identify the created signature request in subsequent calls.
STEP 3: UPLOAD A DOCUMENT
API Reference: Upload Document
After creating the the signature request, we can associate all pdf documents that must be signed by the user.
curl -F "file=@doc.pdf" -X POST https://one-shot.developers.uanataca.com/api/v1/document/1464
Note that the number at the end of the call is the request id we obtained in the previous step.
If the upload is successful, the response will contain the identifier assigned to each document:
{
"status": "200 OK",
"details": "712c29ac-a2dc-4530-8c67-d0f227d8294b"
}
STEP 4: RETRIEVE SERVICE CONTRACT
API Reference: Retrieve Contract
As a Trusted Service Provider, Uanataca must inform certificate requesters about terms and conditions ruling the issuance of certificates.
A service contract is generated for each digital certificate issue. The user must view the request-associated service contract to be signed in the same step as the documents, using the one-time certificate just issued.
curl -X GET https://one-shot.developers.uanataca.com/api/v1/document/1464/contract
The response by the server will be the service contract document file in binary format:
%PDF
...
STEP 5: GENERATE AN OTP (only for Uanataca SMS)
API Reference: Generate OTP code
This step applies only for signatures made using Uanataca SMS method.
Once the documents to be signed are ready, we need to generate a secure One-time password (OTP) that allows the user to sign them. The OTP code is generated by executing the Generate OTP call and the resulting OTP is sent as an SMS message directly to the phone number is provided when creating the signature request.
When calling the OTP endpoint you must add the request identifier returned by the Create Request call:
curl -X POST https://one-shot.developers.uanataca.com/api/v1/otp/1464
A successful call will look like this:
{
"status": "200 OK",
"details": "OTP generated"
}
With this call, an SMS with the secret code is sent to the mobile phone number associated to the signature request.
STEP 6: SIGN THE DOCUMENT
API Reference: Sign
In this step the digital signature certificate is issued, then it signs all documents previously uploaded for the signature request.
Execute the sign call with the request id and json parameters containing the OTP code sent:
curl -d @params.json -H "Content-Type: application/json -X POST https://one-shot.developers.uanataca.com/api/v1/sign/1464
params.json for Uanataca SMS:
{
"secret": "123456"
}
params.json for other authentication methods:
{
"secret": "123456"
"ext_unlock_type": "biometric"
"ext_unlock_value": "12345678-12345678"
}
A successful call will result in the following response:
{
"status": "200 OK",
"details": "Documents correctly signed"
}
STEP 7: RETRIEVE SIGNED DOCUMENT
API reference: Retrieve Document
Once the signature is done, the next step is to get all signed documents.
To do this, query with an HTTP GET request the endpoint /api/v1/document/{pk}/{type}/{uid}, where {pk} is the Request's unique identifier, {type} is the type of the document (it can be "original" for the uploaded document or "signed" for the digitally-signed version) and {uid} is the document unique identifier.
curl -X GET https://one-shot.developers.uanataca.com/api/v1/document/1464/signed/712c29ac-a2dc-4530-8c67-d0f227d8294b
The response obtained by the server will be the document in binary format:
%PDF
...
STEP 8: DELETE DOCUMENTS FROM OPTIMIZER
API reference: Delete All Documents
⚠ Since the service does not delete uploaded files unless explicitly requested through an API call, it is strongly recommended that you backup any file you want to preserve using an alternative system.
Delete all documents associated to a finished digital signature request.
curl -X DELETE https://one-shot.developers.uanataca.com/api/v1/documents/1464
This workflow defines the complete process of issuing eIDAS certificates.
This process involves the following steps:
1) CREATE A NEW VIDEO ID SIGNATURE REQUEST
2) REQUEST APPROVAL
3) UPLOAD A DOCUMENT
4) RETRIEVE SERVICE CONTRACT
5) GENERATE AN OTP (only for Uanataca SMS)
6) SIGN THE DOCUMENT
7) RETRIEVE SIGNED DOCUMENT
8) DELETE DOCUMENTS FROM OPTIMIZER
STEP 1: CREATE A NEW VIDEO ID SIGNATURE REQUEST
API Reference: Create Video ID Request
This call must include preliminary information to identify the signer.
curl -i -X POST https://one-shot.developers.uanataca.com/api/v1/videoid \
-H 'Content-Type: application/json' \
-d '{
"mobile_phone_number": "+34699999999",
"email": "mail@domain",
"registration_authority": "139",
"profile": "PFnubeQAFCiudadano",
"videoid_mode": 1,
"webhook_url": "my-webhook-url.com"
}'
If the signature request is completed successfully, both video and request unique identifiers are returned, as well as the corresponding video id link:
{
"status": "200 OK",
"details": {
"videoid_pk": 150,
"videoid_link": "https://cms.access.bit4id.org:13035/lcmpl/videoid/ZWxlY3Ryb25pY2lkOkl3YlBNdTktcXpBTU1yd0ROeUR0VWNRNk02bVVmVV9SQnZqYnFOR0Vhc2(...)",
"request_pk": 45836
}
}
The request starts at VIDEOPENDING status after creation. The request_pk output parameter will be used to identify this digital signature request in subsequent calls.
At this point, the workflow progress will depend on the video-identification successful completion. This action will change request status from VIDEOPENDING to VIDEOREVIEW.
⚠ In case the process is not totally completed or has failed for any reason, the request will change to VIDEOINCOMPLETE or VIDEOERROR respectively.
To inform business app and validation RAO about this change at the time it takes place, we recommend the implementation of a Webhook. Check our documentation for Webhook Configuration.
If request data needs to be modified, use the Update Request call. Check API Reference. If request data needs to be retrieved, use the Get Request call. Check API Reference.
STEP 2: REQUEST APPROVAL
API Reference: Approve Request
This call makes the request ready for signature. Its status changes to ENROLLREADY and webhook intervention at this point is important for status update. In 1-step mode, both validation and approval occur when executing this call.
curl -i -X POST 'https://one-shot.developers.uanataca.com/api/v1/request/45836/approve' \
-H 'Content-Type: application/json' \
-d '{
"username": "1000279",
"password": "3DPTm:N4",
"pin": "23bYQq9a",
"rao": "1400"
}'
OR
curl -i -X POST 'https://one-shot.developers.uanataca.com/api/v1/request/45836/approve' \
-H 'Content-Type: application/json' \
-d '{
"token": "f734066d1ce36f9cae4d55be4cdac50e",
"rao": "1400"
}'
In case of using a token containing RAO's credentials.
The response is a JSON object with added request approval information.
{
"status": "200 OK",
"details": "Request approved successfully"
}
In case of not approving a request for any reason, the call Cancel Request must be executed. Check API Reference.
STEP 3: UPLOAD A DOCUMENT
API Reference: Upload Document
After creating the the signature request, we can associate all pdf documents that must be signed by the user.
curl -F "file=@doc.pdf" -X POST https://one-shot.developers.uanataca.com/api/v1/document/1464
Note that the number at the end of the call is the request id we obtained in the previous step.
If the upload is successful, the response will contain the identifier assigned to each document:
{
"status": "200 OK",
"details": "712c29ac-a2dc-4530-8c67-d0f227d8294b"
}
STEP 4: RETRIEVE SERVICE CONTRACT
API Reference: Retrieve Contract
As a Trusted Service Provider, Uanataca must inform certificate requesters about terms and conditions ruling the issuance of certificates.
A service contract is generated for each digital certificate issue. The user must view the request-associated service contract to be signed in the same step as the documents, using the one-time certificate just issued.
curl -X GET https://one-shot.developers.uanataca.com/api/v1/document/1464/contract
The response by the server will be the service contract document file in binary format:
%PDF
...
STEP 5: GENERATE AN OTP (only for Uanataca SMS)
API Reference: Generate OTP code
This step applies only for signatures made using Uanataca SMS method.
Once the documents to be signed are ready, we need to generate a secure One-time password (OTP) that allows the user to sign them. The OTP code is generated by executing the Generate OTP call and the resulting OTP is sent as an SMS message directly to the phone number is provided when creating the signature request.
When calling the OTP endpoint you must add the request identifier returned by the Create Request call:
curl -X POST https://one-shot.developers.uanataca.com/api/v1/otp/1464
A successful call will look like this:
{
"status": "200 OK",
"details": "OTP generated"
}
With this call, an SMS with the secret code is sent to the mobile phone number associated to the signature request.
STEP 6: SIGN THE DOCUMENT
API Reference: Sign
In this step the digital signature certificate is issued, then it signs all documents previously uploaded for the signature request.
Execute the sign call with the request id and json parameters containing the OTP code sent:
curl -d @params.json -H "Content-Type: application/json -X POST https://one-shot.developers.uanataca.com/api/v1/sign/1464
params.json for Uanataca SMS:
{
"secret": "123456"
}
params.json for other authentication methods:
{
"secret": "123456"
"ext_unlock_type": "biometric"
"ext_unlock_value": "12345678-12345678"
}
A successful call will result in the following response:
{
"status": "200 OK",
"details": "Documents correctly signed"
}
STEP 7: RETRIEVE SIGNED DOCUMENT
API reference: Retrieve Document
Once the signature is done, the next step is to get all signed documents.
To do this, query with an HTTP GET request the endpoint /api/v1/document/{pk}/{type}/{uid}, where {pk} is the Request's unique identifier, {type} is the type of the document (it can be "original" for the uploaded document or "signed" for the digitally-signed version) and {uid} is the document unique identifier.
curl -X GET https://one-shot.developers.uanataca.com/api/v1/document/1464/signed/712c29ac-a2dc-4530-8c67-d0f227d8294b
The response obtained by the server will be the document in binary format:
%PDF
...
STEP 8: DELETE DOCUMENTS FROM OPTIMIZER
API reference: Delete All Documents
⚠ Since the service does not delete uploaded files unless explicitly requested through an API call, it is strongly recommended that you backup any file you want to preserve using an alternative system.
Delete all documents associated to a finished digital signature request.
curl -X DELETE https://one-shot.developers.uanataca.com/api/v1/documents/1464
In External mode Video ID, digital evidences are uploaded to an independent Video ID platform. External mode Video ID can be executed in 1 or 2 steps.
This process involves the following steps:
1) CREATE A NEW VIDEO ID SIGNATURE REQUEST
2) UPLOAD DATA & VIDEO
3) REQUEST VALIDATION
4) REQUEST APPROVAL
5) UPLOAD A DOCUMENT
6) RETRIEVE SERVICE CONTRACT
7) GENERATE AN OTP (only for Uanataca SMS)
8) SIGN THE DOCUMENT
9) RETRIEVE SIGNED DOCUMENT
10) DELETE DOCUMENTS FROM OPTIMIZER
STEP 1: CREATE A NEW VIDEO ID SIGNATURE REQUEST
API Reference: Create Video ID Request
This call must include preliminary information to identify the signer.
curl -i -X POST https://one-shot.developers.uanataca.com/api/v1/videoid \
-H 'Content-Type: application/json' \
-d '{
"mobile_phone_number": "+34699999999",
"email": "mail@domain",
"registration_authority": "139",
"profile": "PFnubeQAFCiudadano",
"videoid_mode": 1
}'
If the signature request is completed successfully, we will get the unique identifier assigned to it:
{
"status": "200 OK",
"details": {
"videoid_pk": 150,
"videoid_link": "",
"request_pk": 45836
}
}
The response is the a JSON containing important request parameters, in VIDEOPENDING status after creation. The request_pk output parameter will be used to identify this digital signature request in subsequent calls.
If request data needs to be modified, use the Update Request call. Check API Reference.
If request data needs to be retrieved, use the Get Request call. Check API Reference.
STEP 2: UPLOAD DATA & VIDEO
A previously created Video ID Request needs a set of information defined as evidences.
Data and images are uploaded by using the Upload Data Evidence call.
API Reference: Upload Data Evidence
Data objects in detail:
acceptance
: Client acceptance parameters (e.g. Terms & Conditions, Privacy Policy). This is a customizable JSON object.
videoid_data
: Set of information about the Request. Contains:
images
: Pictures associated to the client's ID document plus a face selfie of him/her.
ocr_data
: Text information extracted from the client's ID document via Optical Character Recognition (OCR).
security_checks
: Set of validation fields associated to the client's identity (underaging, matching info, liveliness, etc)
similarity_level
: Similarity level between document picture and face selfie. Ranges within 0 to 100]
curl -i -X POST https://one-shot.developers.uanataca.com/api/v1/videoid/45836/evidences
-H 'Content-Type: application/json'
-d '{
"acceptance": {
"description": "User Accepted Terms and Conditions and Privacy Policy",
"url-doc-privacypolicy": "https://www.uanataca.com/public/pki/privacidad-PSC/",
"ip": "186.0.91.53",
"url-web-videoid": "https://cms.access.bit4id.org:13035/lcmpl/videoid/46b92251-4ba8-4930-a5aa-8631ec4666b6",
"user-agent": "Mozilla/5.0 (Linux; Android 11; AC2003)",
"date": 1622823879708,
"url-doc-termsconditions": "https://www.uanataca.com/public/pki/terminos-VID/"
},
"videoid_data": {
"images": {
"document_front": "/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAIBAQEBAQIBAQECAgICAgQDAgICAgUEBAM (...)",
"document_rear": "/I7ye60+aOKS0mVGVSD9RVfyXukjmnS3cAEbpMVm6M1ncWqS3FszptO1lPRRDJ+orI8b (...)",
"document_photo": "AkjOOwFfHFrrNlpXxcbU9QuIIIkvR56yddgHpX3GEj1PmanmdS/xV1ySVlv/AIbXLPO (...)",
"document_owner": "SSVnovgCZ4Lhk+R3lJPUDJr5t/Z/wBV1DWfjRbeI75B5iQytcykc7yMEAV2/iwC0T34 (...)"
},
"ocr_data": {
"given_name": "Name",
"surname_1": "Surname 1",
"surname_2": "Surname 2",
"mobile_phone_number": "+34999999999",
"email": "mail@domain",
"serial_number": "A9999999E",
"id_document_type": "IDC",
"id_document_country": ES
},
"security_checks": {
"otp_validation": true,
"documents_match": true,
"data_integrity": true,
"document_notcopy": true,
"document_notexpired": true,
"document_notunderage": true,
"liveliness": true
},
"similarity_level": "high"
}
}'
Successful response status
{
"status": "200 OK",
"details": "Videoid evidences uploaded"
}
In the same way, binary multiformat Video is uploaded by using the Upload Video call.
API Reference: Upload Video
curl -i -X POST https://one-shot.developers.uanataca.com/v1/upload/video/30e57b02819a430d8386fd85be9f499f/ \
-H 'Content-Type: multipart/form-data' \
-F video=@sample_folder/sample_video.mp4
Successful response status
{
"status": "200 OK",
"details": "Videoid video upload completed"
}
If the uploaded video needs to be retrieved, use Download Video
STEP 4: REQUEST VALIDATION
2-step mode only
API Reference: Validate Request
A Registration Authority Officer must validate the request data and evidences before approval. This call is used only for 2-step mode.
curl -i -X POST https://api.uanataca.com/api/v1/videoid/45836/validate \
-H 'Content-Type: application/json' \
-d '{
"username": "5012345",
"password": "Gy6F37xK",
"pin": "belorado74",
"rao": "1400"
}'
OR
curl -i -X POST 'https://api.uanataca.com/api/v1/request/45836/validate' \
-H 'Content-Type: application/json' \
-d '{
"token": "f734066d1ce36f9cae4d55be4cdac50e"
}'
In case of using a token containing RAO's credentials.
The validation successful response status is a JSON object containing request information, as the request status changes to CREATED.
{
"status": "200 OK",
"details": "Videoid validated"
}
For unsuccessful validations leading to a request refusal, the corresponding call is Refuse Request. Check API Reference.
STEP 5: REQUEST APPROVAL
API Reference: Approve Request
This call makes the request ready for signature. Its status changes to ENROLLREADY. In 1-step mode, both validation and approval occur when executing this call.
curl -i -X POST 'https://api.uanataca.com/api/v1/request/45836/approve' \
-H 'Content-Type: application/json' \
-d '{
"username": "1000279",
"password": "3DPTm:N4",
"pin": "23bYQq9a",
"rao": 972
}'
The response is a JSON object with added request approval information.
{
"status": "200 OK",
"details": "Request approved successfully"
}
In case of not approving a request for any reason, the call Cancel Request must be executed. Check API Reference.
STEP 6: UPLOAD A DOCUMENT
API Reference: Upload Document
After creating the the signature request, we can associate all pdf documents that must be signed by the user.
curl -F "file=@doc.pdf" -X POST https://one-shot.developers.uanataca.com/api/v1/document/1464
Note that the number at the end of the call is the request id we obtained in the previous step.
If the upload is successful, the response will contain the identifier assigned to each document:
{
"status": "200 OK",
"details": "712c29ac-a2dc-4530-8c67-d0f227d8294b"
}
STEP 7: RETRIEVE SERVICE CONTRACT
API Reference: Retrieve Contract
As a Trusted Service Provider, Uanataca must inform certificate requesters about terms and conditions ruling the issuance of certificates.
A service contract is generated for each digital certificate issue. The user must view the request-associated service contract to be signed in the same step as the documents, using the one-time certificate just issued.
curl -X GET https://one-shot.developers.uanataca.com/api/v1/document/1464/contract
The response by the server will be the service contract document file in binary format:
%PDF
...
STEP 8: GENERATE AN OTP (only for Uanataca SMS)
API Reference: Generate OTP code
This step applies only for signatures made using Uanataca SMS method.
Once the documents to be signed are ready, we need to generate a secure One-time password (OTP) that allows the user to sign them. The OTP code is generated by executing the Generate OTP call and the resulting OTP is sent as an SMS message directly to the phone number is provided when creating the signature request.
When calling the OTP endpoint you must add the request identifier returned by the Create Request call:
curl -X POST https://one-shot.developers.uanataca.com/api/v1/otp/1464
A successful call will look like this:
{
"status": "200 OK",
"details": "OTP generated"
}
With this call, an SMS with the secret code is sent to the mobile phone number associated to the signature request.
STEP 9: SIGN THE DOCUMENT
API Reference: Sign
In this step the digital signature certificate is issued, then it signs all documents previously uploaded for the signature request.
Execute the sign call with the request id and json parameters containing the OTP code sent:
curl -d @params.json -H "Content-Type: application/json -X POST https://one-shot.developers.uanataca.com/api/v1/sign/1464
params.json for Uanataca SMS:
{
"secret": "123456"
}
params.json for other authentication methods:
{
"secret": "123456"
"ext_unlock_type": "biometric"
"ext_unlock_value": "12345678-12345678"
}
A successful call will result in the following response:
{
"status": "200 OK",
"details": "Documents correctly signed"
}
STEP 10: RETRIEVE SIGNED DOCUMENT
API reference: Retrieve Document
Once the signature is done, the next step is to get all signed documents.
To do this, query with an HTTP GET request the endpoint /api/v1/document/{pk}/{type}/{uid}, where {pk} is the Request's unique identifier, {type} is the type of the document (it can be "original" for the uploaded document or "signed" for the digitally-signed version) and {uid} is the document unique identifier.
curl -X GET https://one-shot.developers.uanataca.com/api/v1/document/1464/signed/712c29ac-a2dc-4530-8c67-d0f227d8294b
The response obtained by the server will be the document in binary format:
%PDF
...
STEP 11: DELETE DOCUMENTS FROM OPTIMIZER
API reference: Delete All Documents
⚠ Since the service does not delete uploaded files unless explicitly requested through an API call, it is strongly recommended that you backup any file you want to preserve using an alternative system.
Delete all documents associated to a finished digital signature request.
curl -X DELETE https://one-shot.developers.uanataca.com/api/v1/documents/1464
One-Shot Optimizer can be supplied as a Docker or as a Virtual Machine image.
See the configuration description in:
One-Shot Optimizer on Docker
One-Shot Optimizer on Virtual Machine
This configuration requires a server with a Linux CentOS operating system.
STEP 1: Install Docker and Docker-Compose.
Docker
Run the following commands in this order.
sudo yum update -y
yum install -y yum-utils device-mapper-persistent-data lvm2
yum-config-manager --add-repo https://download.docker.com/linux/centos/docker-ce.repo
sudo yum install -y docker-ce docker-ce-cli containerd.io
sudo systemctl start docker
Docker-Compose
Run the following commands in this order.
sudo curl -L "https://github.com/docker/compose/releases/download/1.28.5/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
chmod +x /usr/local/bin/docker-compose
Run command docker-compose version to check the installation. The outcome should show this information:
STEP 2: Extract and copy One-Shot Optimizer zip content to the server.
Extract all oneshot_optimizer_docker.zip
content in a local folder.
Move One-Shot Optimizer folder to the path /opt in the server.
The outcome should look like this:
STEP 3: Mapping volumes (for environments with a pool of One-Shot Optimizer).
In high performance environments working with a pool of Optimizers, service settings, data and logs must be stored in a shared volume outside Optimizer servers. These volumes must be defined in the docker-compose.yml
file for each One-Shot Optimizer.
cd /opt/oneshot_optimizer
Docker-compose.yml settings file:
STEP 4: Load the One-Shot Docker images.
Run the following commands:
cd /opt/oneshot_optimizer
docker image load -i oneshot_optimizer.tar
docker image load -i oneshot_imgconverter.tar
Remove image files:
rm -rf /opt/oneshot_optimizer/oneshot_optimizer.tar
rm -rf /opt/oneshot_optimizer/oneshot_imgconverter.tar
STEP 5: Launch the service.
Run the following commands:
cd /opt/oneshot_optimizer
docker-compose up -d
Check service status:
docker-compose ps
Name Command State Ports
--------------------------------------------------------------------------------------------------------------------------------------------------
oneshot_optimizer_imgconverter_1 /opt/bit4id/imgconverter/b ... Up 0.0.0.0:49153->5013/tcp,:::49153->5013/tcp
oneshot_optimizer_nginx_1 /docker-entrypoint.sh ngin ... Up 0.0.0.0:443->443/tcp,:::443->443/tcp, 0.0.0.0:80->80/tcp,:::80->80/tcp
oneshot_optimizer_optimizer_1 oneshot_optimizer start Up
All services must be UP.
STEP 6: Service settings.
See service settings configuration section.
STEP 1: Import One-Shot Optimizer (VM) in the virtual environment.
STEP 2: Network configuration.
The network settings are configured in the file ifcfg-ens33
, which can be found in the path /etc/sysconfig/network-scripts. Edit the file and insert the correct IP address, network mask, gateway and DNS for your network.
Then restart network services with command service network restart.
Example:
STEP 3: Service settings.
See service settings configuration section.
TEST environment
Requirements:
The settings.ini
file contains default parameters that can also be adjusted via API using Update Settings call.
Except by tsa_url
, all parameters shown below are replaced every time the Create Video ID Request call is executed.
settings.ini file location:
/opt/oneshot_optimizer/common/etc/settings.ini or custom mapped volume (Docker) /opt/bit4id/oneshot_optimizer/etc/settings.ini (Virtual Machine)
⚠ If billing password is specified, it must be previously converted into Base64 format.
Run the following command to convert your password to base64:
echo -n <<billing_password>> | base64
The following is a view of the settings.ini file:
1 | [general]
2 | environment = test
3 |
4 | [tsa]
5 | tsa_url = https://tsa.access.bit4id.org:13035/tsa/test01
6 |
7 | [billing]
8 | billing_username = user@uanataca.com
9 | billing_password = ejVxTnFrZkI=
10|
11| [request]
12| default_profile = PFnubeQAFCiudadano
13| default_ra = 1000
Once you are done editing the file, restart the One-Shot Optimizer service to make changes take effect.
Virtual Machine:
systemctl restart optimizer
Docker:
cd /opt/oneshot_optimizer
docker-compose restart optimizer
PRODUCTION environment
Requirements:
⚠ We recommend starting from a clean copy of One-Shot Optimizer for this step. This prevents test environment leftover files from causing errors in production.
You should have received a certificate (.cer) and a key (.key) file to be used to identify your application in communications with the production signature service. Place both files in the certificates folder.
settings.ini file location:
/opt/oneshot_optimizer/common/etc/certs/prod or custom mapped volume (Docker) /opt/bit4id/oneshot_optimizer/etc/certs/prod (Virtual Machine)
The following is a view of the settings.ini file. Important: If billing password is specified, it must be previously converted into Base64 format. Run the following command to convert your password to base64:
echo -n <<billing_password>> | base64
settings.ini file:
1 | [general]
2 | environment = prod
3 |
4 | [tsa]
5 | tsa_url = https://tsa.uanataca.com/tsa/tss03
6 |
7 | [billing]
8 | billing_username = user@uanataca.com
9 | billing_password = ejVxTnFrZkI=
10|
11| [request]
12| default_profile = PFnubeQAFCiudadano
13| default_ra = 1000
The file settings.ini
contains default parameters that can also be adjusted via API using the Update Settings call.
Except by tsa_url
, all parameters shown below are replaced every time the Create Video ID Request call is executed.
Once you are done editing the file, restart the One-Shot Optimizer service to changes take effect.
Virtual Machine:
systemctl restart optimizer
Docker:
cd /opt/oneshot_optimizer
docker-compose restart optimizer
One-Shot API requires a Webhook implemented on customer business side to manage our service callbacks. Every request status change will trigger a simple event-notification via HTTP POST, consisting on a JSON object to an URL that must be explicitly included as a required parameter in the Create Video ID Request call, when using Uanataca 1-step or 2-step mode.
The following is a sample view of the JSON object that is sent as a callback at every status change:
{
"status": "VIDEOINCOMPLETE",
"date": "2021-07-20T08:08:21.132394",
"previous_status": "VIDEOPENDING",
"request": 46760,
"registration_authority": 139
}
Where:
status is the most recent status, this is, the status that triggered the notification. date is the date of the request status change in datetime format. previous_status is the status inmediately previous to last change. request is the request unique id. registration_authority is the Registration Authority id number the request is associated.
Sample code
In this sample, every JSON object is stored in a file named 'videoid'.
The webhook parameter used in the Create Video ID Request call is defined as:
{host}/videoid
where {host} is the IP or domain from the server exposing the webhook.
Python
import web
import datetime
urls = (
'/videoid, 'videoid',
)
app = web.application(urls, globals())
app = app.wsgifunc()
class video:
def POST(self):
data = web.data()
f = open("status.json",'a+')
f.write(data)
f.close()
return ''
if __name__ == "__main__":
app.run()
PHP
<?php
//videoid.json
$post = file_get_contents('php://input',true);
$file_handle = fopen('/videoid/status.json', 'w');
fwrite($file_handle, $post);
fclose($file_handle);
?>
Service logs file optimizer.log
is stored in a One-Shot Optimizer local folder.
Docker path:
/opt/oneshot_optimizer/common/logs or custom mapped volume
Virtual Machine path:
/opt/bit4id/oneshot_optimizer/logs
A postman collection is available as a support for a quick start.
It is only required to edit host
variable in Postman environment with the IP or domain of One-Shot Optimizer.
One-Shot Postman collection download
Method | Endpoint | Action |
---|---|---|
GET | /hello | Checks for server UP status |
POST | /settings | Update Settings |
GET | /settings | Get Settings |
GET | /version | Retrieve Optimizer version |
{- "status": "200 OK",
- "details": {
- "request": {
- "default_profile": "PFnubeQAFCiudadano",
- "default_ra": "9999"
}, - "billing": {
- "billing_username": "user@uanataca.com",
- "billing_password": "UGVyb2xpdG8xLg=="
}, - "general": {
- "environment": "test"
}
}
}
Updates configuration parameters present in settings.ini file.
object Timestamp Authority Settings | |
object Request Settings | |
object Billing Settings | |
object General Settings |
Successful Response
Invalid JSON
curl -i -X POST \ https://one-shot.developers.uanataca.com/api/v1/settings \ -H 'Content-Type: application/json' \ -d '{ "tsa": { "tsa_url": "https://tsa.access.bit4id.org:13035/tsa/test01" }, "request": { "default_profile": "PFnubeQAFCiudadano", "default_ra": "1000" }, "billing": { "billing_username": "user@uanataca.com", "billing_password": "ejVxTnFrZkI=" }, "general": { "environment": "test" } }'
{- "status": "200 OK",
- "details": "Settings saved successfully"
}
{- "status": "200 OK",
- "details": {
- "info": {
- "machine": "x86_64",
- "version": "#1 SMP Mon Jun 30 12:09:22 UTC 2014",
- "release": "3.10.0-123.el7.x86_64",
- "hostname": "ip-172-31-5-91",
- "system": "Linux",
- "processor": "x86_64"
}, - "version": "20210721",
- "name": "OneShot Optimizer"
}
}
To inspect Metadata from a signed file, please download our Metadata extraction tool available here. Execute /bin/metadataextractor.exe.
Method | Endpoint | Action |
---|---|---|
POST | /metadata | Upload Metadata |
GET | /settings | List Metadata |
DELETE | /version | Delete Metadata |
GET | /settings | Get Metadata |
DELETE | /version | Delete All Metadata |
{- "status": "200 OK",
- "details": {
- "78d94fead7844136804afcc87f6a80b5": {
- "oid": "1.8.6.7.4.1.47289.100.2.9",
- "metadata": "BTLkEuMRQwEgYDVQQLDAtBQy1VQU5BVEFD\nQTEgMB4GA1UEAwwXVUFOQVRBQ0EgQ0ExIERFVkVMIDIwMTYxGDAWBgN"
}, - "b77b537e3a6247a49468983d6be39ba8": {
- "oid": "1.8.6.7.4.1.47289.100.2.9",
- "metadata": "MIIH0wYJKoZIhvcNAQcDoIIHxDCCB8ACAQAxggHnMIIB4wIBADCByjCBvTELMAkGA1UEBhMCRVMx\nY29tL2FkZHJlc"
}, - "fc2ec0d5ffc34ac1bae21e5882d746b4": {
- "oid": "1.8.6.7.4.1.47289.100.2.9",
- "metadata": "bmF2ZWdhZG9yIMOhw6HDocOhw6EKMTIzNAplc3RvIGVzIHVuYSBwcnVlYmE6IGhveSBlcwptYXJ0ZXNzcwp4eXoxMjM0"
}
}
}
Uploads all metadata information previously converted into Base64 format.
Successful Response
Invalid JSON
curl -i -X POST \ https://one-shot.developers.uanataca.com/api/v1/metadata \ -H 'Content-Type: application/json' \ -d '{ "metadata": "bmF2ZWdhZG9yIMOhw6HDocOhw6EKMTIzNAplc3RvIGVzIHVuYSBwcnVlYmE6IGhveSBlcwptYXJ0ZXNzcwp4eXoxMjM0", "metadata_oid": "1.8.6.7.4.1.47289.100.2.9" }'
{- "status": "200 OK",
- "details": {
- "metadata": "78d94fead7844136804afcc87f6a80b5"
}
}
Retrieves the metadata associated to an specific id.
Successful Response
Invalid metadata uid
curl -i -X GET https://one-shot.developers.uanataca.com/api/v1/metadata/1b8eac803b75418e8e1a9cad0e342949
{- "status": "200 OK",
- "details": {
- "oid": "1.8.6.7.4.1.47289.100.2.9",
- "metadata": "MIIH0wYJKoZIhvcNAQcDoIIHxDCCB8ACAQAxggHnMIIB4wIBADCByjCBvTELMAkGA1UEBhMCRVMx\nY29tL2FkZHJlc3MpMRYwFAYDVQQKDA1VQU5BVEFDQSBTLkEuMRQwEgYDVQQLDAtBQy1VQU5BVEFD\nQTEgMB4GA1UEAwwXVUFOQVRBQ0EgQ0ExIERFVkVMIDIwMTYxGDAWBgNVBGEMD1ZBVEVTLUE2Njcy\nMTQ5OQIIb+3gE1KQamEwDQYJKoZIhvcNAQEBBQAEggEAXv/wMtJGwVF3uUuGdFracjx3V/qCXDVO\nlZR9mtxhYh/sEKw2QWEIDPh8yseqpBbF2lZnYSUrLFaDaP5oXNi+R9Jun87awP2CxLElRG4JY0u5\nl7DQYg8W5DKMb8s6E062mIR6JTwLSAqU81xZrWMtuQ9ymZfU0Q1/hQSW9D2/hvi1ER5NPvjhwS/+DeX\nkdGZlTCCBc4GCSqGSIb3DQEHATAdBglghkgBZQMEASoEEORvtPD7Pvq1yXS0CbnQePGAggWgxLgM\npqmE7mNzNzmRx0v/qQNEDUlD3UbrNGxWxT7w78xbSxzlhj9dQ5N0wlZnzMDI4z1msCvEU3VuLoJw\nL53HBgKRArVFndQzgUqFDSFw1zGqCP9VStwt+VzbkqhTvSWEnNj2uMEneQjCXBIysFr3AQFg1o0C\nrA6ggGgcZ+1+jx2N4IimMLMPUWm19duqHuKHw21U96tj7mHW452Nyh0txDsQa9P+nyfBuehW/RXs\nctBnhUE0Uy7lONgyZBYYJtN7CGK+jhh5k/1pz+qqH3e8oBmbghzu7rlbms/5vz8vQOso2atGc7P5\nABezqTQYXOp6hli9tCvGV3MpG57e6enIuCqvq0LPmkDmxiH7+LfmuJTUzl/W2oOsrVa5fjqcWIy3\nF8509Z7h9uT7q/T3/vRiV5b9i7J/hc0ZPHwsF02LPF3D4oM8o3i4K1DdLeVrnGPq+JYpePlxhibY\nA+cr6QljeJlH9qCO91ogKtcpzWqyxnSGLi9j18KGpfZYQD2aPe+8uSxjlyChMjTu7Kk5KtyT8hNt\nQ2n6bll3TcpQM9HWAxcWyhq+yGPxnE7Dt2YrHa+YWN3UFDMikbTzq6ceAM/orDpZcjb5NEC0uRa3\nXl05fvoK/+ruApkfdZKWtHOQE8g9DIa8lDqnVC39wYIWb\nsuHqzXDwMydJ7vglkehQFESi6c53sMOgXbqdrXyxzIUfwUU0TZidS7Gs7zXiyVNpo1YzCSKnG157\na1HkSBiTnU2h+Nt+6A6GxN44v0K1L7IENWEuJ9hLYudRnGpR/VJbIHbMTwFti2Mld1XWNXVrH+YH\nvj25yzLS2WwqLUFdABtp4bA9CFQPMSqMaQIEr531PYPegQEb8daq1AGmlg4uBkdnOcNIH5ky2JAm\nebSdFpzdH++9WYOvYsWlZ/5JqNQKbIU9XoVq+mClYnP80q/1yBFuGVnb9lagi531M2khMmdhkd4S\n/+bXfy4Jz4WRK5TJpbbJay96QuAQZhpuQeTM4noJSs6tZDLPWV4wCCVhiIvBogdo0wqFj\nT6pVfgKx9L34JTIByTAYqADbcaRBest8O3kzAutEPNesD/rnkoTaGNjrZe84af8PqFzNGb0eKFcY\nq0LglqqQNiQYQfftoM2hKmOx2k1OYJeTtJD+l4yChV6DfQbx2BeJgn8cf64LsRkMeOgPm+BwYkaD\nUqH58affxj9HITMmdaelufH2m3DVZCNJRk+1WsQYkvosEKZNL68N0GKlWb/yDvJLfqtX2uVPBx4e\n6NtrC1AH/c6GTRrG/zlNtknKVXgN9Yc0dCfF9qcHosNHec7pWSxbV85FRkj+/c5R0OvmfbcD1DjV\nGn05/82vOKsBwpsuNxI8p7O/lskYFH6vdmCJ6AxGDT6/tFGi4+jJ41zZqy1BstUooIMyJNznD1QZ\nkp8SBUXram6G2fuWPXFaSz00iTbVpbjMbEOqnTAAREtBCNPBBixjnopEswk9P/t3APYDKEaCpOgW\nZt1ebP4rQYQA5ypDpEL82ZEx09zIovnu4w0S0fz4aIAtEbVI2zVUedv0rjc090mpoYzfwJBn4MaA\nUkcBlLfYQ3eXj4TLEuYYGBzrOCGsUC//M9Qstt1ryIhsVrooa6HsvO92MwbYKKmP2laAJNIziPYN\nmGItRIKNwB6BNMGb\n"
}
}
Deletes the metadata associated to an specific id.
Successful Response
Invalid metadata uid
curl -i -X DELETE https://one-shot.developers.uanataca.com/api/v1/metadata/1b8eac803b75418e8e1a9cad0e342949
{- "status": "200 OK",
- "details": "Metadata successfully deleted"
}
Method | Endpoint | Action |
---|---|---|
POST | /token | Create a new token |
GET | /token/{pk} | Retrieve a token |
DELETE | /token/{uid} | Delete a token |
GET | /tokens | List all available tokens |
Creates a new token that contains the Registration Authority Officer (RAO) credentials.
username required | string The RAO's digital identity username |
password | string The RAO's digital identity password. If not included in this call, must be included in calls that require RAO's credentials |
pin | string The RAO's digital identity PIN. If not included in this call, must be included in calls that require RAO's credentials |
env required | string The API work environment. ⚠ Required only if not set at settings.ini file. Check Update Settings call. |
Successful Response
Invalid JSON | Token already exists
Invalid username
curl -i -X POST \ https://one-shot.developers.uanataca.com/api/v1/token \ -H 'Content-Type: application/json' \ -d '{ "username": "9001800", "password": "Gy6F89xK", "pin": "belorado74", "env": "test" }'
{- "status": "200 OK",
- "details": "a44765ab8ca04e429a565f02d22179a0"
}
Retrieves the token associated credentials with the given unique identifier.
The response gets a true
or false
value regarding if password and PIN parameters are associated to the token.
Successful Response
uid
not found
curl -i -X GET \ https://one-shot.developers.uanataca.com/api/v1/token/a44765ab8ca04e429a565f02d22179a0
{- "status": "200 OK",
- "details": {
- "username": "9001800",
- "password": true,
- "pin": true
}
}
Deletes the token with the specified unique identifier.
Successful Response
uid
not found
curl -i -X DELETE \ https://one-shot.developers.uanataca.com/api/v1/token/a44765ab8ca04e429a565f02d22179a0
{- "status": "200 OK",
- "details": "Token deleted successfully"
}
Returns a list of all tokens available and their associated data.
Successful Response
curl -i -X GET \ https://one-shot.developers.uanataca.com/api/v1/tokens
{- "status": "200 OK",
- "details": {
- "6d1cae4d55be4cdf9cac50ee36f73406": {
- "username": "9001800",
- "password": true,
- "pin": true
}, - "2edfa0ff321b6cf09174e1326c40e174": {
- "username": "9001800",
- "password": true,
- "pin": false
}
}
}
Method | Endpoint | Action |
---|---|---|
POST | /request | Create a new request |
GET | /request/{pk} | Retrieve a new request |
POST | /otp/{pk} | Generate a new OTP |
POST | /sign/{pk} | Start the signature process |
Creates a new digital signature request for the user identified.
given_name required | string The user's given name |
surname_1 required | string The user's first surname |
surname_2 | string The user's second surname |
id_document_type | string Document types allowed for the user identification:
|
id_document_country | string The user's id document country two-letters code (ISO 3166-1 alpha-2). Default "ES" if field is not included. |
serial_number required | string User's id document serial number |
email required | string The user's email |
mobile_phone_number required | string The user's mobile phone number including the international prefix |
registration_authority required | string The Registration Authority id number. ⚠ Required only if not set at settings.ini file. Check Update Settings call. |
profile required | string Digital certificate profiles allowed: * PFnubeQAFCiudadano - Uanataca's eIDAS qualified digital certificate used for qualified signature in the European Union * PFnubeNC - Uanataca's normalized digital certificate used for advanced signature ⚠ Required only if not set at settings.ini file. Check Update Settings call. |
token required | string The Registration Authority Officer (RAO)'s token unique id containing RAO's digital identity credentials. ⚠ Not required when RAO's credentials (username, password, pin) are included as fields in this call. |
username required | string The RAO's digital identity username. ⚠ Not required when included in token. |
password required | string The RAO's digital identity password. ⚠ Not required when included in token. |
pin required | string The RAO's digital identity PIN. ⚠ Not required when included in token. |
document_front | string <binary> Front side image of the user's identification document (JPEG or PNG). |
document_rear | string <binary> Rear side image of the user's identification document (JPEG or PNG) |
document_owner | string <binary> A selfie image of the user holding the identifying document below his/her chin (JPEG or PNG) |
extra_document | string <binary> An extra document to upload. |
env required | string The API work environment. ⚠ Required only if not set at settings.ini file. Check Update Settings call. |
billing_username required | string The client billing username. ⚠ Required only if not set at settings.ini file. Check Update Settings call. |
billing_password required | string The client billing password in Base64 format. ⚠ Required only if not set at settings.ini file. Check Update Settings call. |
useasync | boolean This parameter enables the One-Shot asynchronous workflow. When set to true, the |
callback | string The Webhook URL for the asynchronous service. |
Successful Response
Missing username/password/pin | Invalid profile
Invalid username | password | PIN | registration authority
Invalid username/password/pin
Missing parameters
Invalid environment | Invalid registration authority | Invalid certificates | Invalid billing credentials
curl -i -X POST \ https://one-shot.developers.uanataca.com/api/v1/request \ -H 'Content-Type: multipart/form-data' \ -F given_name=John \ -F surname_1=Smith \ -F surname_2=Lopez \ -F id_document_type=IDC \ -F id_document_country=ES \ -F serial_number=12345678A \ -F email=john_smithlop@uanataca.com \ -F mobile_phone_number=+34999999999 \ -F registration_authority=124 \ -F profile=PFnubeQAFCiudadano \ -F token=a44765ab8ca04e429a565f02d22179a0 \ -F username=9001800 \ -F password=Gy6F89xK \ -F pin=belorado74 \ -F document_front=@sample_folder/img_front.png \ -F document_rear=@sample_folder/img_rear.png \ -F document_owner=@sample_folder/img_owner.png \ -F env=test \ -F billing_username=user@uanataca.com \ -F billing_password=ejVxTnFrZkI= \
{- "status": "201 Created",
- "details": 29571
}
Retrieve request information with the id obtained in the CREATE REQUEST response.
Successful Response
curl -i -X GET \ https://one-shot.developers.uanataca.com/api/v1/request/29571
{- "status": "200 OK",
- "details": {
- "paperless_mode": true,
- "mobile_phone_number": 34600123123,
- "country_name": "ES",
- "approving_user": {
- "pk": 232,
- "request": 4721,
- "permission_profile": 1,
- "registration_authority": 139
}, - "secure_element": 2,
- "communication_language": "",
- "profile": "PFnubeQAFCiudadano",
- "registering_user": {
- "pk": 232,
- "request": 4721,
- "permission_profile": 1,
- "registration_authority": 139
}, - "approving_rao": {
- "is_identificator": false,
- "id_document_description": "",
- "certificate": {
- "profile": "PFnubeAF",
- "status": 0,
- "valid_from": "2019-10-31T16:38:00Z",
- "valid_to": "2021-10-30T16:38:00Z",
- "valid": "VALID",
- "serial_number": "58edb21a8a653533",
- "issuer": "2.5.4.97=VATES-A66721499, CN=UANATACA CA1 DEVEL 2016, OU=AC-UANATACA, O=UANATACA S.A., L=Barcelona (see current address at www.uanataca.com/address), C=ES",
- "data": "MIIH0jCCBbqgAwIBAgIIWO2yGoplNTMwDQYJKoZIhvcNAQELBQAwgb0xCzAJBgNVBAYTAkVTMUQwQgYDVQQHDDtCYXJjZWxvbmEgKHNlZSBjdXJyZW50IGFkZHJlc3MgYXQgd3d3LnVhbmF0YWNhLmNvbS9hZGRyZXNzKTEWMBQGA1UECgwNVUFOQVRBQ0EgUy5BLjEUMBIGA1UECwwLQUMtVUFOQVRBQ0ExIDAeBgNVBAMMF1VBTkFUQUNBIENBMSBERVZFTCAyMDE2MRgwFgYDVQRhDA9WQVRFUy1BNjY3MjE0OTkwHhcNMTkxMDMxMTYzODAwWhcNMjExMDMwMTYzODAwWjBnMQswCQYDVQQGEwJFUzERMA8GA1UEBAwIT3BlcmF0b3IxEDAOBgNVBCoMB09uZVNob3QxGDAWBgNVBAUTD0lEQ0VTLTEyMzIxMzEyMzEZMBcGA1UEAwwQT25lU2hvdCBPcGVyYXRvcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALXDwaw+RL9B18/479y8PrlDCTKQAHeMH4RQh5Fy980RLAJr2hiwfCeJKZ750jqzxATVHKz5mG8brA3YIZbpTCe3WmD1e2VjgSRWFDy18yUqrWqWTAzOtHyGOb6iPOh1Aj8vuBJmBCEoAQQdlXWX8ORfzrQ+Wt14GG9EkYC2WdG6LN3XH6Qso2wvCo/JQKDTYeTAcMqkeqHVqUVz4gcGikcox59kaLgTKwmVjO2Ajmr7xYB9S+/V8pvZk8N3u/fZpS7c9CVMqMidB5K2ZrPGPBA4uKFVLN83Y6lx9dCTaSyACqM8CpfD3CzJU6qt9emDzR6r39W2ylSjCuYXCtQf3scCAwEAAaOCAykwggMlMHIGCCsGAQUFBwEDBGYwZDAIBgYEAI5GAQEwCwYGBACORgEDAgEPMDYGBgQAjkYBBTAsMCoWJGh0dHBzOi8vd3d3LnVhbmF0YWNhLmNvbS9wdWJsaWMvY3BzLxMCRU4wEwYGBACORgEGMAkGBwQAjkYBBgEwgdcGCCsGAQUFBwEBBIHKMIHHMFUGCCsGAQUFBzAChklodHRwOi8vd3d3LnVhbmF0YWNhLmNvbS9wdWJsaWMvZG93bmxvYWQvdHNwX2NlcnRpZmljYXRlcy9zdWJvcmRpbmF0ZTEuY3J0MDYGCCsGAQUFBzABhipodHRwOi8vb2NzcDEudWFuYXRhY2EuY29tL3B1YmxpYy9wa2kvb2NzcC8wNgYIKwYBBQUHMAGGKmh0dHA6Ly9vY3NwMi51YW5hdGFjYS5jb20vcHVibGljL3BraS9vY3NwLzAdBgNVHQ4EFgQU8KukJlm7RtVTT7de7HvygCgrD0IwDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBTKzIqlz6SMIlrW+5f3T7RO/dXvrjCBqgYDVR0gBIGiMIGfMIGRBgsrBgEEAYLxNgEBBTCBgTBNBggrBgEFBQcCAjBBDD9DZXJ0aWZpY2FkbyBjdWFsaWZpY2FkbyBkZSBQZXJzb25hIEbDrXNpY2EgZW4gSFNNIGNlbnRyYWxpemFkby4wMAYIKwYBBQUHAgEWJGh0dHBzOi8vd3d3LnVhbmF0YWNhLmNvbS9wdWJsaWMvY3BzLzAJBgcEAIvsQAEAMIGPBgNVHR8EgYcwgYQwQKA+oDyGOmh0dHA6Ly9jcmwxLnVhbmF0YWNhLmNvbS9wdWJsaWMvcGtpL2NybC9DQTFzdWJvcmRpbmFkYS5jcmwwQKA+oDyGOmh0dHA6Ly9jcmwyLnVhbmF0YWNhLmNvbS9wdWJsaWMvcGtpL2NybC9DQTFzdWJvcmRpbmFkYS5jcmwwDgYDVR0PAQH/BAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAZBgNVHREEEjAQgQ5hc2lAYml0NGlkLmNvbTANBgkqhkiG9w0BAQsFAAOCAgEAXdhMj8k340YquaJ92xtasDXkyA5X3oLyVuuxRmm1WelATEEwLvvnFFCEiyndI0JsTPM+fpdIgpWJVmaFStKHhknJzmjwFsy8a+k5ORbnuuZq+7cgd6q9TcJLR/YljlqzO9Ng22IYM/T6g6tKdxsZqxeumcjN26Z3yn/jnbwJvhbvnvsrr/GiRNcpo/Kz+L5Q90Gd1YOu8ec+wndyQgaa+JnLG7kAgz7OW8tsLVYRSpjx7MF9Pd4IUXboVw2sx7mQwWOCOiup+8zLBJ3tTfphUTwp8dS4j4jElbo7N6IJcLG2+9UfGECmGyPgrDyMWFU6sOcmlZkpaxsCY8j7/qTqovn1a9hpfv+Ngn4ddLSosAeeD0z5O3QUmp1LAdIPNQXHIA8yWlvSTqbeO/Ocf0weqvowN/Q8nGsRaTtQTrMkQGCdTG3aYDYGxaVm5zxBwxm5ujHexPZTE0AFNbsTo7/R0zjK3lovWJpJh+Qm7IPsp4d/RYSS+DZnXBmNg9lQjR9hwezhUlVLyDiVgw9xJ5ddBRPdDiJlqpGZasozyyv6yp4NPgy0ZZHiapqRvfGXSGwslTRaw5ok/66xzFSOP7LZCnvi8h4tKfVXFT5bTFydX13mfPobZk/+GpBP2/MS1yktbef5h46f00c+voAtA2fal/VMDPVWNZ58YTuKHx3zSCo=",
- "subject": "CN=OneShot Operator, 2.5.4.5=IDCES-123213123, 2.5.4.42=OneShot, 2.5.4.4=Operator, C=ES"
}, - "registration_authority": [ ],
- "registration_authority_master": 139,
- "id_document_number": "123213213213",
- "given_name": "OneShot",
- "surname_2": "",
- "pk": 972,
- "surname_1": "Operator",
- "id_document_issuer": ""
}, - "email": "name@domain.com",
- "surname_2": "Surname2",
- "surname_1": "Surname1",
- "validity_time": "1",
- "videoid_mode": false,
- "serial_number": "12345678A",
- "scratchcard": "5039078",
- "registration_authority": 139,
- "id_document_type": "IDC",
- "pk": 45836,
- "given_name": "Name",
- "status": "ENROLLREADY",
- "certificate_set": [ ],
- "id_document_country": "ES"
}
}
Shows the status of a Request executed under asynchronous mode.
Successful Response
Request id not found
curl -i -X GET \ https://one-shot.developers.uanataca.com/api/v1/async/status/29571
{- "status": "200 OK",
- "details": "approved"
}
Generates a One-Time Password (OTP) code for the user. The OTP is sent directly to the user's mobile phone as an SMS message.
⚠This method is only required and available for requests using Uanataca SMS method
Successful Response
curl -i -X POST \ https://one-shot.developers.uanataca.com/api/v1/otp/29571
{- "status": "200 OK",
- "details": "OTP generated"
}
Signs all documents associated to a request using a single-use certificate generated for the signature request.
secret required | string The OTP code sent to the user. |
use_signature_text | boolean Default: true This parameter disables the signature image text |
metadata | string The metadata unique id code obtained from Upload Metadata call. |
ext_unlock_type | string The external authentication method type. This field is required for requests using external authenticacion methods. |
ext_unlock_value | string The id of the external authentication request. This field is required for requests using external authenticacion methods. |
object Visual graphic signature properties. |
Successful Response
curl -i -X POST \ https://one-shot.developers.uanataca.com/api/v1/sign/29571 \ -H 'Content-Type: application/json' \ -d '{ "secret" : "052174", "options": { "5f04778a-54f6-426a-b204-5573eb01e5da": { "position": "300, 100, 500, 150", "image": "b0b6370e-8b54-4d8b-ab6f-a002cf08dd28", "page": 0 } }'
{- "status": "200 OK",
- "details": "Documents correctly signed"
}
(Asynchronous mode) Signs all documents associated to a request using a single-use certificate generated for the signature request.
secret required | string The OTP code sent to the user. |
use_signature_text | boolean Default: true This parameter disables the signature image text |
metadata | string The metadata unique id code obtained from Upload Metadata call. |
ext_unlock_type | string The external authentication method type. This field is required for requests using external authenticacion methods. |
ext_unlock_value | string The id of the external authentication request. This field is required for requests using external authenticacion methods. |
object Visual graphic signature properties. |
Successful Response
curl -i -X POST \ https://one-shot.developers.uanataca.com/api/v1/async/sign/29571 \ -H 'Content-Type: application/json' \ -d '{ "secret" : "052174", "options": { "5f04778a-54f6-426a-b204-5573eb01e5da": { "position": "300, 100, 500, 150", "image": "b0b6370e-8b54-4d8b-ab6f-a002cf08dd28", "page": 0 } }'
{- "status": "200 OK",
- "details": "Documents correctly signed"
}
Method | Endpoint | Action |
---|---|---|
POST | /document/{pk} | Upload a document to be signed |
GET | /document/{pk}/{type}/{uid} | Retrieve a document |
DELETE | /document/{pk}/{type}/{uid} | Delete a document |
GET | /documents/{pk} | List all request associated documents |
DELETE | /documents/{pk} | Delete all request associated documents |
GET | /document/{pk}/contract | Retrieve the service contract |
Uploads a pdf document to be signed. The document is associated to a signature request.
Successful Response
curl -i -X POST \ https://one-shot.developers.uanataca.com/api/v1/document/29571 \ -H 'Content-Type: multipart/form-data' \ -F file=@sample_folder/document.pdf
{- "status": "200 OK",
- "details": "a73b1253-838f-4340-8ae8-e0a1524f7472"
}
Retrieves the specified original or signed document.
Successful Response
curl -i -X GET \ https://one-shot.developers.uanataca.com/api/v1/document/29571/signed/a73b1253-838f-4340-8ae8-e0a1524f7472
%PDF-1.7 %���� 1 0 obj <</Type/Catalog/Pages 2 0 R/Lang(es-ES) /StructTreeRoot 10 0 R/MarkInfo<</Marked true>>/Metadata 26 0 R/ViewerPreferences 27 0 R>> endobj 2 0 obj <</Type/Pages/Count 1/Kids[ 3 0 R] >> endobj 3 0 obj <</Type/Page/Parent 2 0 R/Resources<</Font<</F1 5 0 R>>/ExtGState<</GS7 7 0 R/GS8 8 0 R>>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 595.32 841.92] /Contents 4 0 R/Group<</Type/Group/S/Transparency/CS/DeviceRGB>>/Tabs/S/StructParents 0>> endobj (...)
Deletes the specified original or signed document.
Successful Response
curl -i -X DELETE \ https://one-shot.developers.uanataca.com/api/v1/document/29571/signed/a73b1253-838f-4340-8ae8-e0a1524f7472
{- "status": "200 OK",
- "details": "Document successfully deleted"
}
curl -i -X GET \ https://one-shot.developers.uanataca.com/api/v1/documents/29571
{- "status": "200 OK",
- "details": {
- "5f04778a-54f6-426a-b204-5573eb01e5da": {
- "upload_date": "11/11/2019 18:03:07",
- "ext": ".pdf",
- "size": 128012,
- "mime": "application/pdf",
- "filename": "test-11.pdf"
}, - "b1902f56-ca7b-4ef4-8741-242dc211c037": {
- "upload_date": "11/11/2019 18:03:12",
- "ext": ".pdf",
- "size": 100337,
- "mime": "application/pdf",
- "filename": "test.pdf"
}
}
}
Deletes all documents associated to a specific request.
Successful Response
curl -i -X DELETE \ https://one-shot.developers.uanataca.com/api/v1/documents/29571
{- "status": "200 OK",
- "details": "Documents deleted successfully"
}
Retrieve the service contract regarding the user's digital certificate issuing.
Successful Response
curl -i -X GET \ https://one-shot.developers.uanataca.com/api/v1/document/29571/contract
%PDF-1.7 %���� 1 0 obj <</Type/Catalog/Pages 2 0 R/Lang(es-ES) /StructTreeRoot 10 0 R/MarkInfo<</Marked true>>/Metadata 26 0 R/ViewerPreferences 27 0 R>> endobj 2 0 obj <</Type/Pages/Count 1/Kids[ 3 0 R] >> endobj 3 0 obj <</Type/Page/Parent 2 0 R/Resources<</Font<</F1 5 0 R>>/ExtGState<</GS7 7 0 R/GS8 8 0 R>>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 595.32 841.92] /Contents 4 0 R/Group<</Type/Group/S/Transparency/CS/DeviceRGB>>/Tabs/S/StructParents 0>> endobj (...)
Method | Endpoint | Action |
---|---|---|
POST | /image | Upload a new image |
GET | /image/{uid} | Retrieve an image |
DELETE | /image/{uid} | Delete an image |
GET | /images | List all uploaded images |
DELETE | /images | Delete all uploaded images |
Uploads an image for using in a visual graphic signature.
Successful Response
curl -i -X POST \ https://one-shot.developers.uanataca.com/api/v1/image \ -H 'Content-Type: multipart/form-data' \ -F image=@sample_folder/image.png
{- "status": "200 OK",
- "details": "bfd74f73-7b22-40a6-ad37-6fc867263309"
}
curl -i -X GET \ https://one-shot.developers.uanataca.com/api/v1/image/bfd74f73-7b22-40a6-ad37-6fc867263309
The retrieved image in png format
curl -i -X DELETE \ https://one-shot.developers.uanataca.com/api/v1/image/bfd74f73-7b22-40a6-ad37-6fc867263309
{- "status": "200 OK",
- "details": "Image deleted"
}
{- "status": "200 OK",
- "details": {
- "2d845d2c-c94f-47f0-b9ad-6275d294bb25": {
- "upload_date": "2021-06-02 02:12:16.369317",
- "ext": ".png",
- "size": [
- 1920,
- 1080
], - "mime": "image/png",
- "filename": "tmprubric-4499623105711609371.png"
}, - "33a1886f-3546-46b4-b981-031cdf7ba9ff": {
- "upload_date": "2021-06-03 15:18:20.671054",
- "ext": ".png",
- "size": [
- 600,
- 600
], - "mime": "image/png",
- "filename": "tmprubric-4873527110174301865.png"
}
}
}
curl -i -X DELETE \ https://one-shot.developers.uanataca.com/api/v1/images
{- "status": "200 OK",
- "details": "Images deleted successfully"
}
Method | Endpoint | Action |
---|---|---|
POST | /videoid | Create Video ID Request |
POST | /videoid/{request_pk}/evidences | Upload Data Evidences |
POST | /videoid/{request_pk}/evidences/video | Upload Video |
PUT | /request/{request_pk} | Update Request |
DELETE | /request/{request_pk} | Cancel Request |
POST | /videoid/{request_pk}/refuse | Refuse Request |
POST | /request/{request_pk}/approve | Approve Request |
GET | /download/video/{video_identifier} | Download Video |
Creates a new signature request to be used over Video ID validation process.
mobile_phone_number required | string The signer's mobile phone number |
email required | string The signer's email |
registration_authority | string The Registration Authority ID number ⚠ Required only if not set at settings.ini file. Check Update Settings call. |
profile required | string The certificate profile ⚠ Required only if not set at settings.ini file. Check Update Settings call. |
billing_username required | string The client billing username. ⚠ Required only if not set at settings.ini file. Check Update Settings call. |
billing_password required | string The client billing password in Base64 format. ⚠ Required only if not set at settings.ini file. Check Update Settings call. |
webhook_url | string The webhook URL. ⚠ Not required for external authentication. See Webhook Configuration section |
env required | string The API work environment. ⚠ Required only if not set at settings.ini file. Check Update Settings call. |
Successful Response
Invalid JSON | Missing required parameters
Permission Denied
Invalid Registration Authority
Invalid Billing Credentials
curl -i -X POST \ https://one-shot.developers.uanataca.com/api/v1/videoid \ -H 'Content-Type: application/json' \ -d '{ "mobile_phone_number": "+34699999999", "email": "mail@domain", "registration_authority": "139", "profile": "PFnubeQAFCiudadano", "billing_username": "user@uanataca.com", "billing_password": "ejVxTnFrZkI=", "webhook_url": "my-webhook-url.com", "env": "test" }'
{- "status": "200 OK",
- "details": {
- "videoid_pk": 137,
- "videoid_link": "",
- "request_pk": 45836
}
}
Upload Request associated data
Successful Response
Invalid JSON | Missing required parameters
Invalid Request pk
Missing information | Evidences already uploaded
curl -i -X POST \ https://one-shot.developers.uanataca.com/api/v1/videoid/45836/evidences \ -H 'Content-Type: application/json' \ -d '{ "acceptance": { "description": "User Accepted Terms and Conditions and Privacy Policy", "url-doc-privacypolicy": "https://www.uanataca.com/public/pki/privacidad-PSC/", "ip": "186.0.91.53", "url-web-videoid": "https://cms.access.bit4id.org:13035/lcmpl/videoid/46b92251-4ba8-4930-a5aa-8631ec4666b6", "user-agent": "Mozilla/5.0 (Linux; Android 11; AC2003)", "date": 1622823879708, "url-doc-termsconditions": "https://www.uanataca.com/public/pki/terminos-VID/" }, "videoid_data": { "images": { "document_front": "/9j/4AAQSkZJRgABAQAAAQABAAD/2wBDAAIBAQEBAQIBAQECAgICAgQDAgICAgUEBAM (...)", "document_rear": "/I7ye60+aOKS0mVGVSD9RVfyXukjmnS3cAEbpMVm6M1ncWqS3FszptO1lPRRDJ+orI8b (...)", "document_photo": "AkjOOwFfHFrrNlpXxcbU9QuIIIkvR56yddgHpX3GEj1PmanmdS/xV1ySVlv/AIbXLPO (...)", "document_owner": "SSVnovgCZ4Lhk+R3lJPUDJr5t/Z/wBV1DWfjRbeI75B5iQytcykc7yMEAV2/iwC0T34 (...)" }, "ocr_data": { "given_name": "Name", "surname_1": "Surname 1", "surname_2": "Surname 2", "mobile_phone_number": "+34999999999", "email": "mail@domain", "serial_number": "A9999999E", "id_document_type": "IDC", "id_document_country": ES }, "security_checks": { "otp_validation": true, "documents_match": true, "data_integrity": true, "document_notcopy": true, "document_notexpired": true, "document_notunderage": true, "liveliness": true }, "similarity_level": "high" } }'
{- "status": "200 OK",
- "details": "Videoid evidences uploaded"
}
Upload Request associated video
Successful Response
Invalid Request pk
curl -i -X POST \ https://one-shot.developers.uanataca.com/api/v1/videoid/45836/evidences/video/ \ -H 'Content-Type: multipart/form-data' \ -F video=@sample_folder/sample_video.mp4
{- "status": "200 OK",
- "details": "Videoid video upload completed"
}
Updates a Video ID signature request.
scratchcard required | string The request scratchcard id. ⚠ The scratchcard id can be found as a field of the object details when executing Get Request call. |
given_name | string The signer's given name |
surname_1 | string The signer's first surname |
surname_2 | string The signer's second surname |
birth_date | string The signer's birth date |
email required | string The signer's email |
mobile_phone_number | string The signer's mobile phone number |
serial_number | string The signer's document ID number |
registration_authority required | string The Registration Authority id number |
profile required | string The certificate profile |
country_name required | string The user's id document country two-letters code (ISO 3166-1 alpha-2) |
Successful Response
JSON syntax error
Forbidden
Invalid Registration Authority
Invalid Request pk | Missing required parameters
curl -i -X PUT \ https://one-shot.developers.uanataca.com/api/v1/request/45836 \ -H 'Content-Type: application/json' \ -d '{ "scratchcard": "1234567", "given_name": "John", "surname_1": "Smith", "surname_2": "Lopez", "birth_date": "01/01/2000", "email": "mail@domain.com", "mobile_phone_number": "+34999999999", "serial_number": "A9999999E", "registration_authority": "1234", "profile": "PFnubeQAFCiudadano", "country_name": "ES" }'
{- "status": "200 OK",
- "details": {
- "videoid_pk": 137,
- "videoid_link": "",
- "request_pk": 45836
}
}
Cancels the Video ID One-Shot Signature request
Successful Response
Invalid Request pk
curl -i -X DELETE \ https://one-shot.developers.uanataca.com/api/v1/request/45836/
{- "status": "200 OK",
- "details": "Request directory removed successfully"
}
Refuse validation for a Video ID Request
token required | string The token containing RAO's credentials. ⚠ Not required when RAO's credentials (username, password, pin) are included as fields in this call. |
username required | string The RAO's username ⚠ Not required when included in token. |
password required | string The RAO's password ⚠ Not required when included in token. |
pin required | string The RAO's PIN ⚠ Not required when included in token. |
rao | string The RAO's id ⚠ Not required when included in token. |
reason required | string Reason that caused Video ID refusal |
Successful Response
Invalid JSON | Missing required parameters
Invalid RAO credentials
Missing required parameters
curl -i -X POST \ https://one-shot.developers.uanataca.com/api/v1/videoid/45836/refuse \ -H 'Content-Type: application/json' \ -d '{ "token": "6d1cae4d55be4cdf9cac50ee36f73406", "username": "9001800", "password": "Gy6F37xK", "pin": "belorado74", "rao_id": "1400", "reason": "Expired document" }'
{- "status": "200 OK",
- "details": "Videoid refuse completed"
}
Approval of a request by a RAO. At this moment the RAO will sign the receipt and the contract.
token required | string The token containing RAO's credentials. ⚠ Not required when RAO's credentials (username, password, pin) are included as fields in this call. |
username required | string The RAO's username ⚠ Not required when included in token. |
password required | string The RAO's password ⚠ Not required when included in token. |
pin required | string The RAO's PIN ⚠ Not required when included in token. |
rao | string The RAO's id ⚠ Not required when included in token. |
Successful Response
Invalid JSON | Missing required parameters
Invalid RAO credentials
Missing required parameters | Invalid Request pk
curl -i -X POST \ https://one-shot.developers.uanataca.com/api/v1/request/45836/approve/ \ -H 'Content-Type: application/json' \ -d '{ "token": "6d1cae4d55be4cdf9cac50ee36f73406", "username": "9001800", "password": "Gy6F89xK", "pin": "belorado74", "rao": "898" }'
{- "status": "200 OK",
- "details": "Request approved successfully"
}
Download the video file associated to a Request
Successful Response
Invalid Request pk
curl -i -X GET \ https://one-shot.developers.uanataca.com/api/v1/videoid/45836/download/video
{- "title": "404 Not Found",
- "description": "Request not found"
}