Skip to main content

Introduction to CSC component

The CSC component exposes the CSC API, as defined by the Cloud Signature Consortium, to allow the integration of the signing services with compliant signature applications.

The CSC API is an open standard designed for secure, cloud-based remote digital signatures, enabling users to sign documents digitally without the need for local software. This solution meets global e-signature regulations like eIDAS in the EU, making digital signing easier, more accessible, and legally compliant.

Cloud Signature Consortium

Learn more about the Cloud Signature Consortium, refer to the Cloud Signature Consortium website.

The implementation supports CSC API version 2.0.0.2.

The following endpoints are supported:

  • info
  • credentials/list
  • credentials/info
  • signatures/signDoc (only for documentDigest)

Additionally, the CSC component supports the following non CSC API features:

Signing with CSC component

The CSC components supports the following credential types and associated signing operations:

Credential TypeSigning Operation
Short-lived credentialImmediate signing, one-time signing requests without need to pre-provision users. Useful when you do not require users to create accounts, signing after identification and destroy the private keys after the signing operation.
Session credentialsFor transactions that require signatures within a specific timeframe. Useful when users would like to sign data within short timeframe but requires multiple signatures. Session credentials are like short-lived credentials that can be used multiple times within its short validity.
Long-lived credentialsFor users who need extended, secure access to their signing credentials. Provisioned credentials that are associated with identities. Users do not need to be identified for every signing operation.

CSC component deployment

The CSC component is deployed as containerized microservices, which can be scaled horizontally to meet the demand of the signing service. The CSC component can be deployed in a cloud environment or on-premises.

The main configuration file application.yml needs to be mounted to container on location /opt/cscapi/application.yml. Additional files and configuration needs to be provided based on application.yml

The database should be created and configured before running the CSC component. Currently supported databases are:

  • PostgreSQL
  • MySQL

For more information about the configuration of the CSC component, see Configuration.