External Signer Verification

When a signer is trying to confirm their approval of a document within ValidSign, it is sometimes desirable for the system to verify the signer's identity via their credentials with an external organization (e.g., credentials from Personal Certificate, iDIN, eHerkenning, DigID etc.).

Within this instruction we will inform you what Signer Verification types ValidSign is supporting and how to attach those to a signer.

Verification Methods

Supported Verification Methods

The following verification methods will be supported with ValidSign:

  • Qualified PKI using Cloud Certificate
  • Qualified PKI using Hardware token
  • iDIN
  • DigID
  • eHerkenning
  • iDEAL
  • itsme
  • BankID (Swedish, Norway & Finland)
Attach verification method to signer

To attach a verification method, the method should be available for your ValidSign account. Contact our support for more information.

Once the verification method is attached to your account, you can attach the verification method with the example code below to a signer.

Get the role ID of the signer
=========================
GET /api/packages/{packageId}/roles/

Attach verification method
=========================
POST /api/packages/{packageId}/roles/{roleId}/verification

Body payload
-------------------
{
"typeId": "iDIN",
"payload": ""
}
// Define the variables
private static final String CREATE_VERIFICATION_TYPE_ID = "iDIN";
private static final String CREATE_VERIFICATION_PAYLOAD = "";

// Get the created package by ID
retrievedPackage = eslClient.getPackage(packageId);

// Get the signer by email
Signer signer = retrievedPackage.getSigner("signer1@example.com");

// Create a verification method
signerVerificationToBeCreated = SignerVerificationBuilder
   .newSignerVerification(CREATE_VERIFICATION_TYPE_ID)
   .withPayload(CREATE_VERIFICATION_PAYLOAD)
   .build();

// Attach the verification method to the signer
eslClient.createSignerVerification(packageId, signer.getId(), signerVerificationToBeCreated);

// Get the signer verification after creation
retrievedSignerVerificationAfterCreate = eslClient.getSignerVerification(packageId, signer.getId());
// Define the variables
public readonly string CREATE_VERIFICATION_TYPE_ID = "iDIN";
public readonly string CREATE_VERIFICATION_PAYLOAD = "";

// Get the created package by ID
retrievedPackage = eslClient.GetPackage(packageId);

// Get the signer by email
Signer signer = retrievedPackage.GetSigner("signer1@example.com");

// Create a verification method
signerVerificationToBeCreated = SignerVerificationBuilder
   .NewSignerVerification(CREATE_VERIFICATION_TYPE_ID)
   .WithPayload(CREATE_VERIFICATION_PAYLOAD)
   .Build();

// Attach the verification method to the signer
eslClient.CreateSignerVerification(packageId, signer.Id, signerVerificationToBeCreated);

// Get the signer verification after creation
retrievedSignerVerificationAfterCreate = eslClient.GetSignerVerification(packageId, signer.Id);
Get available verification methods

To attach a new verification method to the signer, it is necessary to first request which verification methods are activated.
Via the example below you can request which authentication methods are activated for your environment.

GET /api/account/{accountId}/verificationTypes