Integrate qualified electronic signatures directly into your application via REST API. Built on the Cloud Signature Consortium (CSC) standard v2.0.
CSC API
The AlfaTrust Remote Signing Service Provider (RSSP) implements the Cloud Signature Consortium API v2.0 — the industry standard for remote qualified signatures, ensuring interoperability across compliant clients and platforms.
REST API
A simplified REST API is also available for straightforward integrations. Full OpenAPI (Swagger) documentation is provided. Authentication uses OAuth 2.0 client credentials.
Signing flow
- Client application computes document hash and sends it to the CSC Gateway
- User authorizes the signature via OTP (SAD — Signature Activation Data)
- AlfaTrust RSSP signs the hash using the private key stored in HSM
- A qualified timestamp is applied to the signature
- Signed document is returned to the client
Supported formats
- PAdES (PDF) — baseline B, T, LT, LTA
- CAdES (CMS) — detached and enveloped
SDK libraries
Client libraries available for .NET/C#, Java, and Python. Each library covers authentication, credential management, signing, and timestamp verification.