Elektroniskā paraksta paketes izveidošana serverī
Creates a batch of digital signatures from the hashes of the data to be signed using a server signing identity.
The signature is created with the signing identity on server specified in the request. This identity must belong to the end-user on behalf of whom the operation is performed.
This method can be used for single signing as well. Main differences: Batch method response with base64 encoded Signed data, but single signing method response with PKCS#1 raw signature.
|Identifier of the signing identity that must be used for generating the signature (it must be a server signing identity that belongs to the end-user on behalf of whom the signature is performed).|
|Algorithm for obtaining the cryptographic hashes to be used for generating the signatures (rsa-sha1, rsa-sha256, rsa-sha384 and rsa-sha512) if no other algorithm is specified for each of them.|
|Information on the cryptographic hashes to be used for generating the signatures.|
|Base64 encoding of the cryptographic hash used to generate the signatures.|
|Algorithm that must be used to generate one of the digital signatures ("rsa-sha1", "rsa-sha256", "rsa-sha384" and "rsa-sha512").|
The request must contain a bearer access token generated by a trusted authorization server associated to the domain of the signing identity to be used for generating the signature. This token must have a scope that includes the value configured for the signing identity (by default,
urn:safelayer:eidas:sign:identity:use:server) and must be used as explained in RFC 6750. Basically, the token must be included in an
Authorization header as follows:
The access token must be obtained via an authorization code grant OAuth 2.0 flow.
Digital signatures encoded in base64. The signatures follow the same order as the cryptographic hashes from which they were created appear in the request.