Introduction to CSC component
The CSC component exposes the CSC API, as defined by the Cloud Signature Consortium, to allow the integration of the signing services with compliant signature applications.
The CSC API is an open standard designed for secure, cloud-based remote digital signatures, enabling users to sign documents digitally without the need for local software. This solution meets global e-signature regulations like eIDAS in the EU, making digital signing easier, more accessible, and legally compliant.
Learn more about the Cloud Signature Consortium, refer to the Cloud Signature Consortium website.
The implementation supports CSC API version 2.0.0.2
.
The following endpoints are supported:
info
credentials/list
credentials/info
signatures/signDoc
(only fordocumentDigest
)
Additionally, the CSC component supports the following non CSC API features:
Signing with CSC component
The CSC components supports the following credential types and associated signing operations:
Credential Type | Signing Operation |
---|---|
Short-lived credential | Immediate signing, one-time signing requests without need to pre-provision users. Useful when you do not require users to create accounts, signing after identification and destroy the private keys after the signing operation. |
Session credentials | For transactions that require signatures within a specific timeframe. Useful when users would like to sign data within short timeframe but requires multiple signatures. Session credentials are like short-lived credentials that can be used multiple times within its short validity. |
Long-lived credentials | For users who need extended, secure access to their signing credentials. Provisioned credentials that are associated with identities. Users do not need to be identified for every signing operation. |
CSC component deployment
The CSC component is deployed as containerized microservices, which can be scaled horizontally to meet the demand of the signing service. The CSC component can be deployed in a cloud environment or on-premises.
The main configuration file application.yml
needs to be mounted to container on location /opt/cscapi/application.yml
.
Additional files and configuration needs to be provided based on application.yml
The database should be created and configured before running the CSC component. Currently supported databases are:
- PostgreSQL
- MySQL
For more information about the configuration of the CSC component, see Configuration.