Table of Contents
  1. JSON
  2. XML
  3. Input Parameters
    1. Attachment file names
  4. Response Parameters
  5. Calculating the Key Signature
  6. Calculating the Request Signature
  7. Javascript Library

/Legal/AddIdAttachment

Allows the client to add an attachment to a Legal Identity application.

JSON

Request
{
	"keyId": Required(Str(PKeyId)),
	"legalId": Required(Str(PLegalId)),
	"nonce": Required(Str(PNonce)),
	"keySignature": Required(Str(PKeySignature)),
	"requestSignature": Required(Str(PRequestSignature)),
	"attachmentBase64": Required(Str(PAttachmentBase64)),
	"attachmentFileName": Required(Str(PAttachmentFileName)),
	"attachmentContentType": Required(Str(PAttachmentContentType))
}
Response (if successful)
{
	"Identity": Required(PIdentity)
}

XML

Request
<AddIdAttachment xmlns="https://waher.se/Schema/BrokerAgent.xsd"
                 keyId=(Required(Str(PKeyId)))
                 legalId=(Required(Str(PLegalId)))
                 nonce=(Required(Str(PNonce)))
                 keySignature=(Required(Str(PKeySignature)))
                 requestSignature=(Required(Str(PRequestSignature)))
                 attachmentBase64=(Required(Str(PAttachmentBase64)))
                 attachmentFileName=(Required(Str(PAttachmentFileName)))
                 attachmentContentType=(Required(Str(PAttachmentContentType))) />
Response (if successful)
<IdentityResponse xmlns="https://waher.se/Schema/BrokerAgent.xsd">
	<[Required(PIdentity)]>
</IdentityResponse>

Input Parameters

Parameter Description
PKeyId Identity of key to use for signing the Identity application.
PLegalId Identity of the Legal Identity Application.
PNonce A unique random string, at least 32 characters long, with sufficient entropy to not be reused again. If reused, an error will be returned.
PKeySignature Cryptographic signature of the key ID, using the key password.
PRequestSignature Cryptographic signature of the requesut, using the account password.
PAttachmentBase64 Base-64-encoding of attachment to add to the Identity application.
PAttachmentFileName File name of attachment.
PAttachmentContentType Content-Type of attachment.

Attachment file names

The file name of the attachment can have a meaning to services processing the information. For automated processing for KyC for instance, the file name is used to determine the type of image in the application. The following table lists the file names that are recognized various KyC services. The file extension used is not important, as long as the file name is recognized.

File Name (without extension) Description
ProfilePhoto A profile photo.
IdCardFront Front side of a national ID card.
IdCardBack Back side of a national ID card.
Passport Personal information page and signature page in one image.
DriverLicenseFront Front side of a driver’s license.
DriverLicenseBack Back side of a driver’s license.

Response Parameters

Parameter Description
PIdentity Updated Identity object generated by the server.

Calculating the Key Signature

The signature in PKeySignature is calculated as follows.

  1. Concatenate the strings PUserName ":" Host ":" PLocalName ":" PNamespace ":" PKeyId and call it s1, where Host is the host/domain name of the server. It is taken from the HTTP Host request header, so it must be the same as is used in the URL of the request. PUserName is the name of the account, used when creating the current account or logging in to the current account. PLocalName and PNamespace are the local name and namespace corresponding to the algorithm used for the key.

  2. UTF-8 encode the secret corresponding to the key, and call it Key1.

  3. UTF-8 encode the string s1, and call it Data1.

  4. Calculate the HMAC-SHA256 signature using Key1 and Data1, and call it H1.

  5. Base64-encode H1. The result is the key signature of the request.

Calculating the Request Signature

The signature in PRequestSignature is calculated as follows.

  1. Concatenate the strings s1 ":" PKeySignature ":" PNonce ":" PAttachmentBase64 ":" PAttachmentFileName ":" PAttachmentContentType, and call it s2. s1 is the intermediate result of computing the key signature in the previous step.

  2. UTF-8 encode the secret corresponding to the account, and call it Key2.

  3. UTF-8 encode the string s2, and call it Data2.

  4. Calculate the HMAC-SHA256 signature using Key2 and Data2, and call it H2.

  5. Base64-encode H2. The result is the signature of the request.

Javascript Library

Use the following asynchronous method in the Javascript Library, to call this resource. It computes the signatures according to the above specification.

var Response = await AgentAPI.Legal.AddIdAttachment(LocalName,Namespace,KeyId,KeyPassword,AccountPassword,LegalId,Attachment,FileName,ContentType);
Test








Request Payload:

Response Payload: