Introduction

What is it

One-Shot Optimizer enables your end users to digitally sign documents within your application. This is done in a streamlined way, hiding the details of the signature process from the users.

The One-Shot Optimizer API provides an interface for a client application to request the creation of certificates and the use of those certificates to digitally sign documents. The process is designed so that no sensitive data has to be sent away from your premises, as the signature service only needs to see the hashes of the documents to be signed.

Glossary

The operation of the One-Shot Optimizer involves the following components:

Client Application

A business-specific application that requires digital signature as part of its operation.

End User

A user of the client application, who is expected to digitally sign a document.

One-Shot Signature Service

Uanataca's digital signature service.

One-Shot Optimizer

A software API component that connects the client application and the signature service.

OTP

A One-Time Password token used to simplify the digital signature procedure.

How it works

The One-Shot Optimizer operation workflow is summarized by the following image:

A typical use-case of the One-Shot Optimizer may involve the following steps:

  1. The client application requests the creation and approval of a new digital signature certificate, providing all required data through API calls.
  2. The One-Shot Optimizer API returns an identifier for the certificate request.
  3. The client application provides the One-Shot Optimizer the document to be signed by the end user.
  4. The client application presents the document to be signed to its end user.
  5. After reviewing the document, the end user agrees to sign it.
  6. The client application starts the signature process by requesting the generation of a One-Time Password (OTP) token for the signature.
  7. The One-Shot Signature service sends the OTP directly to the end user through an SMS message.
  8. By introducing the OTP, the end user identifies himself as the subject of the signature certificate.
  9. The client application provides the OTP and the identifier of the signature request to the One-Shot Optimizer.
  10. The One-Shot Optimizer takes care of computing the hash of the document to be signed...
  11. and sends them together with the request identifier and OTP to the One-Shot Signature service.
  12. The One-Shot Signature service generates the signature certificate for the end user and uses it to sign the hash.
  13. The signed hashes and the signature identifier are returned to the One-Shot Optimizer...
  14. who takes care of generating the signed document envelope, combining the documents with the signed hashes.
  15. Finally, the client application calls the One-Shot Optimizer API to obtain the signed document.