Browse/status and Certificate/accesslevel: Difference between pages

From SafeStamper API documentation
(Difference between pages)
Jump to navigation Jump to search
m (1 revision imported)
 
api>Admin
No edit summary
 
Line 1: Line 1:
This operation returns the status of a web browsing certification.
This operation changes the access protection of a certificate.
 
There are three access protection modes for a certificate:
* '''PUBLIC''' The certificate can be downloaded by anyone who has its validation URL. This is the default, so that any party that receives a Safe Stamper certificate can verify its authenticity.
* '''PRIVATE''' Only the owner can download the certificate
* '''PASSWORD''' The validation URL asks for a password before downloading the certificate.
 
If you plan to give the certificate to a third party or use it in any legal proceeding, you should make it public or password-protected and provide the password along with the certificate, to allow the receiving party to verify the certificate authenticity.
 
The certificate owner can always download the certificate without a password. API applications can use [[certificate/get]] to download certificates from their users even if they are private or password-protected.


= URL =
= URL =
<nowiki>https://www.safestamper.com/api/browse/status</nowiki>
<nowiki>https://www.safestamper.com/api/certificate/accesslevel</nowiki>


= Parameters =
= Parameters =
* '''sharedkey''': Your API client shared key
* '''sharedkey''': Your API client shared key
* '''code''': The certification code received in the [[browse/stamp]] bringback URL
* '''authkey''': Authkey of certificate owner
* '''code''': Code of certificate to set the password
* '''level''': Access level for the certificate (''PUBLIC'', ''PRIVATE'' or ''PASSWORD'')
* '''password''': Certificate access password. Required for ''PASSWORD'' access level.
* '''signature''': Parameters signature, as explained in [[Signature parameter]]
* '''signature''': Parameters signature, as explained in [[Signature parameter]]


= Returns =
= Returns =


A JSON object with the following fields:
HTTP 200 OK
 
* '''code''': The certification code
* '''status''': Certification status
** ''RUNNING'': The browsing session is still running
** ''PENDING_CERTIFICATION'': The browsing session was completed, but the certification is being processed
** ''FINISHED'': The certification has been completed and the certificate PDF is ready for download
** ''CANCELLED'': The user cancelled the browsing session
* '''certificateUrl''': Certificate download URL (for ''FINISHED'' status)


= HTTP Errors =
= HTTP Errors =


* '''403''' Forbidden: the sharedkey or signature are not valid, or the specified job does not belong to the API client
* '''401''' Unauthorized: the authkey is not exist
* '''404''' Not found: the certification code is not correct.
* '''403''' Forbidden: the sharedkey or signature are not valid
* '''404''' Not found: the certificate does not exist
* '''400''' Unrecognized access level or password not provided for PASSWORD level


= Example =
= Example =
Line 30: Line 36:
REQUEST:
REQUEST:
<pre>
<pre>
https://www.safestamper.com/api/browse/status
https://www.safestamper.com/api/certificate/accesslevel
?sharedkey=5hmpod0d2vx7fnh6ysxab3olz
?authkey=0021d81c-e4a5-4869-8384-2fd70cdb58ec
&code=161209-2DVSJZ
&code=150730-U27FJH
&signature=d7d141d923775616a12800ce52a5dc327919c29c
&level=PASSWORD
&password=1234
&sharedkey=axvmfqn8aex21mxhq5zsj7l482saxfu7j4hh
&signature=b1b22b34967fdf2eb67c3569a1e8b90f9fb63e77
</pre>
</pre>


RESPONSE (actual response has no line breaks or indentation):
RESPONSE:
<pre>
 
{
HTTP 200 OK
  "code":"161209-2DVSJZ",
  "status":"FINISHED",
  "certificateUrl":"http://www.safestamper.com/certificate/161209-2DVSJZ"
}
</pre>

Revision as of 12:00, 22 September 2020

This operation changes the access protection of a certificate.

There are three access protection modes for a certificate:

  • PUBLIC The certificate can be downloaded by anyone who has its validation URL. This is the default, so that any party that receives a Safe Stamper certificate can verify its authenticity.
  • PRIVATE Only the owner can download the certificate
  • PASSWORD The validation URL asks for a password before downloading the certificate.

If you plan to give the certificate to a third party or use it in any legal proceeding, you should make it public or password-protected and provide the password along with the certificate, to allow the receiving party to verify the certificate authenticity.

The certificate owner can always download the certificate without a password. API applications can use certificate/get to download certificates from their users even if they are private or password-protected.

URL

https://www.safestamper.com/api/certificate/accesslevel

Parameters

  • sharedkey: Your API client shared key
  • authkey: Authkey of certificate owner
  • code: Code of certificate to set the password
  • level: Access level for the certificate (PUBLIC, PRIVATE or PASSWORD)
  • password: Certificate access password. Required for PASSWORD access level.
  • signature: Parameters signature, as explained in Signature parameter

Returns

HTTP 200 OK

HTTP Errors

  • 401 Unauthorized: the authkey is not exist
  • 403 Forbidden: the sharedkey or signature are not valid
  • 404 Not found: the certificate does not exist
  • 400 Unrecognized access level or password not provided for PASSWORD level

Example

REQUEST:

https://www.safestamper.com/api/certificate/accesslevel
?authkey=0021d81c-e4a5-4869-8384-2fd70cdb58ec
&code=150730-U27FJH
&level=PASSWORD
&password=1234
&sharedkey=axvmfqn8aex21mxhq5zsj7l482saxfu7j4hh
&signature=b1b22b34967fdf2eb67c3569a1e8b90f9fb63e77

RESPONSE:

HTTP 200 OK