authSignatureRequest (Command)

  • Published on Jul 7, 2025
  • 2 minute(s) read
Prev Next

Availability: OneSpan Authentication Server 3.17 and later

Scenario: Signature

Support:  full-sdk   auth-sdk 

The authSignatureRequest command initiates a data signing transaction. The respective workflow is determined by the respective choice element included in the request:

  • push. This triggers transaction data signing via push notification (push and sign). It creates a signature request key and distributes it to the respective authenticator applications via push notifications.
  • requestKey. This triggers transaction data signing using a Cronto image (scan and sign). It uses a signature request key previously retrieved using genRequest (see genRequest (Command)).

The command suspends its working thread (releasing any database locks) and resumes after receiving a continue signal by another authSignature call.

The signing request is retrieved by the client using getPreparedSignatureRequest (see getPreparedSignatureRequest (Command)).

Parameters

  Table:  authSignatureRequest input parameters
Parameter name Data type Description
componentType String Required. The name of the related client component.
user UserInput Required. The user account to be used.
serialNumber String Optional. The serial number of the authenticator to handle the signature request specifically. If omitted, a push notification is sent to any applicable authenticator instance.
push PushSignatureRequest Required. Choice element, mutually exclusive with requestKey. The request method – push notification – is implicitly determined by the data type. The element body contains the signature data (see PushSignatureRequest (Data type)).
requestKey String

Required. Choice element, mutually exclusive with push. The request method – scan and sign – is implicitly determined by the data type. The value is the request key as returned by a previous genRequest request (see genRequest (Command)).

Availability: 3.27 and later
  Table:  authSignatureRequest output parameters
Parameter name Data type Description
status CommandStatusResponse

Required. The error stack, if applicable, which indicates that the command has not completed successfully. This also includes the result and status codes returned by the command.
result AuthSignatureRequestResult Optional. The result of the command (see  AuthSignatureRequestResult (Data type)).

PushSignatureRequest (Data type)

The PushSignatureRequest type consists of a choice between different signature data types used for transaction data signing via push notification. For instance, a list of separate key/value signature data fields or a complete binary data signature body.

  Table:  PushSignatureRequest (Data type)
Parameter name Data type Description
signatureFields SignatureFields Choice element. The signature data fields to sign (see Table: SignatureFields (Data type)).
signatureBody Binary data (Hex) Choice element. The hexadecimal binary data to sign.
  Table:  SignatureFields (Data type)
Parameter name Data type Description
title String Title of the secure channel message.
dataField DataField Optional. Zero or more key/value data fields.

AuthSignatureRequestResult (Data type)

  Table:  AuthSignatureRequestResult (Data type)
Parameter name Data type Description
user UserOutput The resolved user information (see Table: UserOutput (Data type)).
serialNumber String The serial number of the authenticator effectively used to complete the signing request.
  Table:  UserOutput (Data type)
Element name Data type Description
userID String The resolved user ID.
domain String The user domain.
orgUnit String Optional. The organizational unit of the user.

Examples

Push and sign

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soapenv:Header/>
  <soapenv:Body>
    <sig:authSignatureRequest xmlns:prov="http://www.vasco.com/IdentikeyServer/IdentikeyTypes/Signature">
      <componentType>Push Notification Client</componentType>
      <user xsi:type="BASIC-TYPES:UserInput">
        <userID>user01</userID>
      </user>
      <serialNumber>12345678</serialNumber>
      <push xsi:type="SIGNATURE-TYPES:PushSignatureRequest">
        <signatureBody>0F1F2F3F4F5F6F7F8F9F0FAFBFCFDFEFFF</signatureBody>
      </push>
    </sig:authSignatureRequest>
  </soapenv:Body>
</soapenv:Envelope>

Scan and sign

<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV:Header/>
  <SOAP-ENV:Body>
    <sig:authSignatureRequest xmlns:sig="http://www.vasco.com/IdentikeyServer/IdentikeyTypes/Signature">
      <componentType>Client</componentType>
      <user>
        <userID>user</userID>
      </user>
      <requestKey>1234567890</requestKey>
    </sig:authSignatureRequest>
  </SOAP-ENV:Body>
</SOAP-ENV:Envelope>