The Sign service supports scopes and claims as shown below
Scopes
The following scopes with corresponding API access are supported. See the section on Access Tokens sign for further information on the use of the signdoc/read_write scope.
| Scope | Access |
|---|---|
| signdoc/read_write | API access to SignDoc RS |
| sign | Access to start a sign session using the authorize endpoint |
Claims
The following table shows the supported claims in response from the sign service after a sing session has been finished.
| Claim | Example | Result specifier | Description |
|---|---|---|---|
documentHashs |
| documentHash | array of hashes over the documents to be signed in the same order as the documents in the signing order. |
sdos | "sdos": [ "PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZ......" ] | sdo | the sdo represented as base64 (unpack to UTF-8), one for each document |
| merchantSignatures | "merchantSignatures": [ "MIAGCSqGSIb3DQEHAqCAMIACAQExDzANB...." ] | basicSignature | the merchant signature, one for each document |
| endUserSignatures | "endUserSignatures": [ "MIAGCSqGSIb3DQEHAqCAMIACAQExDTALBAA....." ] | basicSignature | the endUser signature, one for each document |
| signId | "910bd95b-41c0-4b6d-ae3f-d9458110d12a" | the sign_id used | |
| clientId | "oidc-testclient" | OIDC client used | |
| orderState | "SIGN_COMPLETED" | Current order state | |
| orderName | "Overlay-example" | name of order |