Automatic Qualified Electronic Signature with OTP
NEWFrom: €0.007 + VAT
Automatic Qualified Electronic Signature with OTP (EU-QES_otp), the fee-free service for signing documents in automatic mode and in bulk or individually, directly from the server.
The Automatic Qualified Electronic Signature (QES) with OTP is the solution via API to automate and simplify signature processes, in full compliance with European regulations.
Strong authentication, using One Time Passwords, enhances the security level of the electronic signature and provides additional protection to signed documents.
The service is flexible and customizable. In particular, it allows you to choose
- which signature format to use (CAdES, PAdES, XAdES, and PKCS#1)
- whether the document validation and signature modes should be synchronous or asynchronous
- from 30 customizable security levels
There are no annual fees: the only fixed cost is the certificate activation fee (€99). Afterwards, you only pay for actual usage.
The Automatic Qualified Electronic signature is available on OpenAPI also for legal entities, through a specific service (Qualified Electronic Seal).
The electronic signature has full European validity: it is recognised by European Union law through the eIDAS regulation.
The solution can be integrated via API into management software, software and websites, to make the signing of large volumes of documents immediate and secure.
Before using the Qualified Electronic Signature with OTP, it is necessary to purchase a signing certificate via the dedicated POST /certificates/namirial-otp endpoint. For the identification procedure, video recognition is included in the price, and can be done from the office or from home, in a matter of seconds. Alternatively, other identification procedures are available via SPID, CIE, CNS, Digital Signature.
After the certificate activation, it will be possible to start using the specific automatic signature service, which is available via API either with OTP or without OTP (in the latter case, the reference endpoint is EU-QES_automatic).
Request for Qualified Electronic Signature with OTP (EU-QES_otp)
POST/EU-QES_otp
The POST/EU-QES_otp endpoint allows you to apply the qualified electronic signature via API.
{
"inputDocument":[
{
"sourceType": "remote",
"url": "https://my-domain.com/remoteResource.pdf",
},
{
"sourceType": "remote",
"payload": "BASE64string",
}
],
"certificateUsername": "[email protected]",
"certificatePassword": "password123",
"title": "PAdES Signature",
"description": "PAdES Signature of a remote and base64 file",
"signatureType": "pades",
}
The mandatory fields for proceeding with the signature are:
- Document (inputDocument)
- Certificate Username
- Certificate Password
If not specified (in the signatureType field), the system will look for the most suitable format (CAdES, PAdES, XAdES, and PKCS#1) based on the mimeType of the uploaded file.
As mentioned above, the service is highly flexible and allows you to configure, for example, document validation and signing modes (synchronous or asynchronous), signature level, hash algorithm, and possible callbacks.
Some options may be available only for specific signature formats (e.g., signature placement in the PDF document).
Additionally, the service allows for timestamping the document with any type of timestamp.
Response for Qualified Electronic Signature with OTP (EU-QES_otp)
POST/EU-QES_otp
The content of the response after the request will clearly depend on the request status and could be:
- awaiting validation
- awaiting completion of the signing process
- signing process completed
In case of completing the signing process, the response will contain data such as state (DONE), options, date:
{
"data":{
"id": "67af252164f60538280f70f9",
"updatedAt": "2025-02-14 11:12:53.699+00:00",
"createdAt": "2025-02-14 11:12:34.218+00:00",
"certificateType": "EU-QES_automatic",
"state": "DONE",
"signatureType": "pades",
"options": {
"asyncDocumentsValidation": false,
"asyncSignature": false,
"level": "B",
"hashAlgorithm": "SHA256",
"encryptInAnyCase": false,
"page": 1,
"withSignatureField": false,
},
"document": {
"title": "B",
"description": "",
"inputDocuments": [
{
"sourceType": "base64",
"createdAt": "2025-02-14 11:12:33.819+00:00",
"mimetype": "application/pdf",
"extension": "pdf",
"size": 339,
"id": "67af252164f60538280f70fb",
"md5": "694be78a9eaa52d602bec92e211fa5dc",
"name": "694be78a9eaa52d602bec92e211fa5dc.pdf",
}
],
"validatedDocument": {,
"mimetype": "application/pdf",
"extension": "pdf",
"size": "339",
"createdAt": "2025-02-14 11:12:33.819+00:00",
"id": "67af252164f60538280f70fb",
"md5": "694be78a9eaa52d602bec92e211fa5dc",
"name": "694be78a9eaa52d602bec92e211fa5dc.pdf",
}
}
Audit
GET /signatures/{id}/{actionType}
At the end of the signing process, it will be possible to request details of the completed signing process, the signed document, the validated document, or the audit trail, which is the document containing all the information that led to the successful completion of the signature. In case of disputes, this file will allow for the technical reproduction of every step of the procedure.
Signature Validity Verification
POST /verify
Openapi also allows you to verify whether a document has actually been signed, who the signature is associated with, and how long it remains valid. The relevant endpoint in this case is POST /verify.
REQUEST EXAMPLE
When making a request, it is necessary to upload the signed document.
{
"inputDocument": "BASE64string",
"detachedContent": "BASE64string",
"pdfEncryptionPassword": "password123",
"recursive": true,
"verifyOnDate": "2025-02-14"
}RESPONSE EXAMPLE
The system will return various information about the document. First, it specifies whether the document has been properly signed, in which format, and whether the signature is valid.
Additionally, it provides:
- the document owner
- the certificate status and its associated date
- whether the certificate has been revoked (along with the relevant date)
- whether the document has been timestamped (along with the relevant date)
{
"data": {
"checkDate": "2025-02-14 11:11:01.892+00:00",
"verificationDate": "2025-02-14 11:11:01.892+00:00",
"signatureFormat": "PAdES",
"nrOfSignatures": 1,
"overallVerified": true,
"signatureReportList": [
{
"id": "0",
"integrity": true,
"signatureAlgorithmName": "SHA256withRSA",
"subjectDN": "C=IT,SURNAME=ROSSI,GIVENNAME=MARIO,SERIALNUMBER=TINIT-RSSMRA73R02H501H,CN=ROSSI MARIO,DNQ=AUSL2023021972028357",
"issuerDN": "C=IT,O=Namirial S.p.A./02046570426,OU=Certification Authority,CN=Namirial CA Firma Qualificata",
"subjectCN": "ROSSI MARIO",
"issuerCN": "Namirial CA Firma Qualificata",
"serialNumber": "5557601230250214000",
"signerCertificateStatus": "VALID",
"signerCertificateNotBefore": "2025-02-14 11:11:01.892+00:00",
"signerCertificateNotAfter": "2025-02-14 11:11:01.892+00:00",
"signerCertificateRevocationDate": "2025-02-14 11:11:01.892+00:00",
"issuerCertificateStatus": "VALID",
"issuerCertificateRevocationDate": "2025-02-14 11:11:01.892+00:00",
"trustedSignatureDate": false,
"signatureDate": "2025-02-14 11:11:01.892+00:00",
"issuerTrustedList": true,
"keySize": 2048,
"qcComplianceStatus": "VALID",
"qcSSCDStatus": "VALID",
"derEncodedSignerCert": "BASE64string"
}
],
"noteReportList": [
{
"policy": 3,
"about": 2,
"type": 1,
"synopsis": "Certified qualified in conformity",
"description": "The qualified certificate of ROSSI MARIO complies with European Directive 1999/93/EC"
}
],
"plainDocument": "BASE64string"
},
"message": "Signature is valid",
"error": null,
"success": true
}The automatic qualified electronic signature is designed for those who need to sign a large number of documents on a daily basis and in mass mode (e.g. administrators, doctors, law firms, public bodies). The main benefits of this type of signature include time and cost savings, optimisation of document workflows and digitisation of processes.
Do you need help?
Haven't found the answer you're looking for?
Fill in all the details, we will get back to you as soon as possible!
The Automatic Qualified Electronic Signature (QES) is an innovative API solution that allows documents to be signed in an automated, mass or individual manner and with or without human interaction. The signature can be applied synchronously or asynchronously, within seconds.
Both services allow any electronic document to be signed securely and with European validity. However, they have different characteristics:
- the Massive Automatic Signature Certificate (EU-QES_automatic) allows for automated signing, as it does not require human intervention, which means that multiple documents can be signed en masse
- the Remote signature certificate with OTP (EU-QES_otp) provides a higher level of security through the use of OTPs (One Time Passwords), but requires human intervention to sign the document
The service supports all formats: CAdES, PAdES, XAdES, and PKCS#1.
Yes, in order to be able to use the Automatic Qualified Electronic Signature or with OTP via API, you must first request the appropriate signature certificate via one of the following endpoints:
- POST /certificates/namirial-automatic for the massive automatic signature certificate
- POST /certificates/namirial-otp for the remote signing certificate with OTP
The certificate is valid for one year.
After the certificate has been purchased, it will be possible to proceed with signing (the reference endpoints in this case are POST /EU-QES_automatic for automatic signing and POST /EU-QES_otp for signing with OTP).
Yes, the service complies with the eIDAS Regulation and has full legal validity across Europe.
Yes, the qualified electronic signature service for legal persons is also available on Openapi, which involves the use of the Qualified Electronic Seal (QeSeal). The Seal guarantees the provenance, authenticity and integrity of the computer document to which it is affixed.
The validity of a signed document can be verified through the POST /verify endpoint. The response will include details such as:
- Confirmation of the signature validity and format used
- Document owner
- Certificate status and date
- Any certificate revocation with the respective date
- Presence and date of a timestamp
The Automatic Qualified Electronic Signature service is extremely useful for those who need to automate the signing process or sign a large volume of documents on a massive and daily basis. For example, it is already chosen by:
- administrators
- doctors
- law firms
- banking institutions and insurance companies
- public bodies
This solution allows them to save time in day-to-day bureaucratic operations and greatly streamline their signature processes.
The service is delivered within seconds.
The service has no annual fees. There is only a payment for certificate activation (€99) and for actual use.
For the use of the QES signature with OTP, the cost is from 0.007€ on subscription and 0.025€ on top-up.
Carbon free energy for Our Cloud 
Low CO2
© 2024 Openapi SpA, a single-member company, under the direction and control of Open Holding Srl.
Viale Filippo Tommaso Marinetti 221 - 00143 Rome - Business Register: 1378273, Share Capital: €50,000.00, VAT Number: IT12485671007, Recipient Code: 'USAL8PV' - Certified Email: 
Openapi is certified in: Quality System **UNI EN ISO 9001:2015** - Data Quality **ISO 25012:2014** - Security Management **ISO/IEC 27001:2022** - Geneder Equality According UNI PdR 125:2022
All prices are net of any VAT, stamp duty, registration fees, or other taxes that may be due. All logos listed on the portal are copyrighted and owned by their respective owners.
