Validate signatures using PhenixID Authentication Service

Overview

This future allows you to validate the signatures for a document by using PDFSignatureStatusValve on PhenixID Signing Service (PAS).

A button to use this future will appear next to the expected signers.

This future is also available using the Automation API.

Configuration for Signing Workflow

Add or edit the following in the config/config.json file.

  "validateSignaturesService": {
    "basicAuth": {
      "basicAuthUsername": "api",
      "basicAuthPassword": "password",
      "enabled": true
    },
    "enabled": true,
    "url": "https://localhost:8443/validate/"
  }
Click to copy

Configuration for PAS

Create a pipe that uses PDFSignatureStatusValve and enable it for HTTP. This example also uses HttpBasicAuthValve and InternalUserStoreValidatorValve to only allow internal users. 

{
      "id": "SignAppVerifyPipeAPI",
      "description": "Verify signed document via API ",
      "http_enabled": "true",
      "http_path_pattern": "PUT:/validate",
      "valves": [
        {
          "name": "HttpBasicAuthValve",
          "enabled": "true",
          "config": {
            "username_dest": "basicAuthUsername",
            "password_dest": "basicAuthPassword"
          }
        },
        {
          "name": "InternalUserStoreValidatorValve",
          "enabled": "true",
          "config": {
            "username": "{{attributes.basicAuthUsername}}",
            "password_param_name": "{{attributes.basicAuthPassword}}"
          }
        },
        {
          "name": "ItemCreateValve",
          "config": {
            "dest_id": "verification_result"
          }
        },
        {
          "name": "PropertyAddValve",
          "config": {
            "name": "b64",
            "value": "{{request.body}}"
          }
        },
        {
          "name": "PropertyBase64DecoderValve",
          "config": {
            "source": "b64",
            "dest": "temporary"
          }
        },
        {
          "name": "PropertyRemoveValve",
          "enabled": "true",
          "config": {
            "name": "b64"
          }
        },
        {
          "name": "PDFSignatureStatusValve",
          "enabled": "true",
          "config": {
            "pdfSource": "{{item.temporary}}",
            "trustStorePath": "C:/Program Files/PhenixID/SigningService/custom/trustedcas.jks",
			"trustStorePassword": "secret"
          }
        },
        {
          "name": "PropertyRemoveValve",
          "enabled": "true",
          "config": {
            "name": "temporary"
          }
        }
      ]
    }
Click to copy

Add a internal user for the basic authentication

  "USERS": [
    ...
    {
      "id": "api",
      "password": "password",
      "description": "API user"
    }
  ],
Click to copy