Getting Started

To start using the Sign’Stash services you need to previously subscribe to the service and have a qualified remote certificate issued by one of the supported Certificated Authorities.

Subscribe Sign’Stash

If you don’t have an issuer account, you will need to execute the following steps:

 

1. Navigate to Sign’Stash Portal and choose your preferred bundle.



2. Fill in the subscription form with your document issuer company data and your user information.

If you are subscribing through a contact of a partner of ours, please fill-in the provided partner code on the subscription form as this cannot be changed at a later time.

 

 

3. After our operators validate the provided information, you will received two e-mails with the following information:

  • Confirmation that your issuer company was successfully activated for consumption of Sign’Stash services.

 

 

  • Operator account creation notification.

Following the provided link, you will be required to define the operator account password in order to access your issuer company backoffice.

If the operator credentials are not defined within the defined period, then you can execute a “forget password” flow to request a new link.

 

 

 

Client Service Setup

Once you have your Sign’Stash subscription finalized, you will need to access with your operator account the service backoffice to finalize the service provisioning.

 

1. Certificate Enrollment

Login in the backoffice with your operator account and access “Certificates > Add Certificate” option.

 

Select the Certificate Authority (CA) to which you have a remote certificate and follow the described instructions in order to provide Sign’Stash the necessary access to the certificate that will be used to sign your digital documents.

ADVANCED SETTING: The platform will create/associate the registered certificate with the “Principal” wallet. In most scenarios, this is the recommended setting and you don't need to change it but just accept this default value. If your particular use case requires multiple wallets, to help organize the certificates and manage several access credentials, you must click on the “Manage wallets” button which allows to create new wallets or delete existing ones. This is an advanced configuration and unnecessary in the most use cases.

Currently Sign’Stash only support remote certificates issued by Multicert Certificate Authority. Please refer to Multicert online store for instructions on how to acquire a qualified remote seal certificate.

 

1.a) Certificate client account authentication

Authenticate with the client account created during the client certificate issuance. If in doubt, please confirm access to your client account of Multicert’s certificate issuance system in https://www.multicert.com/3ws/login.

 

Confirm redirection to authenticate in Multicert’s Certificate Issuance System
Authenticate in Multicert’s Certificate Issuance System

 

Confirm acceptance for Sign’Stash to access your certificates

1.b) Multifactor authentication

If your remote certificate requires additional authorization to be accessed while registering, a dialog box will appear to insert the authorization response.

Remote certificates issued by Multicert Certificate Authority only support authorization through OTP code or/and the certificate PIN.

For security reasons the Authorization Code input has a validity of 2 minutes.

For security reasons, the Sign’Stash solution cannot have indefinite access to your certificate, thus you will need to renew the acceptance of Sign’Stash access to your certificate on a periodic basis (every 60 days).

Sign’Stash will start to notify on daily basis one week before the current access will expire, and an acceptance renewal is necessary for Sign’Stash to continue to use the certificate.

For more information please consult https://must.atlassian.net/wiki/spaces/SIGNSTASH/pages/3440813

 

2. Client Service Configuration

Upon subscription, Sign’Stash will create a default client service configuration that will hold the configurations needed for your service to consume.

In order for your service to start consuming the API services, you will need to access “Client Services > Detail” and select “Edit” option.

 

In the “Edit” panel you will need to:

  • define the client service access credentials to be presented in the authentication flow.

  • select which wallet, if applicable, and certificate will this client service use to sign documents

 

3. Testing the Configuration

Once you have setup your client service, you can check if all the mandatory requirements were properly set. To do this you can use the “Validate service” option in the client service detail view.

To execute a full signature flow you will be required to present a pdf document to sign, the defined client service credential and a destination e-mail address to which the document will be sent.

 

Congratulations !! You are now all set to start your development to have your services working with Sign’Stash.