Digital Signature Verification API

Digital Signature Verification API API ID: 6122

Digital Signature Verification API ensures compliance by validating electronic signatures, including QES and AdES.
Use this API from your AI agent via MCP
Works with OpenClaw, Claude Code/Desktop, Cursor, Windsurf, Cline and any MCP-compatible AI client.
Docs & setup
Create a skill by wrapping this MCP: https://mcp.zylalabs.com/mcp?apikey=YOUR_ZYLA_API_KEY

The Digital Signature Validator API provides endpoints to validate electronic signatures in documents. It supports both Qualified Electronic Signatures (QES) and Advanced Electronic Signatures (AdES) validation under standards like eIDAS. The validation process ensures the signatures' authenticity, compliance, and legal validity.

In a simplified model, validating a digital signature involves two main steps:

Cryptographic Validation: Ensuring the digital signature's cryptographic integrity by decrypting its value and comparing the result to the hash of the signed data.

Certificate Validation: Confirming the validity of the signing certificate, which includes performing certification path validation.

API Documentation

Endpoints

This endpoint validates Qualified Electronic Signatures (QES) in a document to ensure their authenticity,
compliance, and legal validity under regulations such as eIDAS. The validation process includes:

1. Extracting the Signature: Identifies and extracts the signature and its associated metadata from the document.
2. Cryptographic Integrity Check: Ensures that the signature's cryptographic mechanisms (e.g., hash, encryption) are valid and unaltered.
3. Certificate Qualification Validation:
- Confirms that the certificate used to create the signature is a Qualified Certificate for Electronic Signatures (QC).
- Checks the certificate's validity, including expiration, revocation status (via CRL and OCSP), and compliance with trusted root CAs.
- Verifies the certificate's qualification status using extensions and identifiers defined in standards such as ETSI EN 319 412.
- Ensures that the issuing Certificate Authority (CA) is on an officially trusted list (e.g., EU Trusted List).
4. Regulatory Compliance Check: Verifies that the signature fulfills all legal and technical requirements for QES as per eIDAS.

The method supports signature validation for the following document formats: PDF, XML.



                                                                            
POST https://zylalabs.com/api/6122/digital+signature+verification+api/8389/qualified+electronic+signature+validation

Qualified Electronic Signature Validation - Endpoint Features

Object Description
Request Body [Required] File Binary
Test Endpoint

API EXAMPLE RESPONSE

       
                                                                                                        
                                                                                                                                                                                                                                                                                                                                        {
  "documentName": "string",
  "summary": {
    "totalSignatures": 1073741824,
    "validSignatures": 1073741824
  },
  "signatures": [
    {
      "signatureId": "string",
      "indication": "string",
      "indicationDetails": "string",
      "signer": "string",
      "validationTime": "2025-02-08T20:59:59.039Z",
      "signingTime": "2025-02-08T20:59:59.039Z",
      "signingCertificate": {
        "subject": "string",
        "issuer": "string",
        "serialNumber": "string",
        "validFrom": "2025-02-08T20:59:59.039Z",
        "validTo": "2025-02-08T20:59:59.039Z"
      },
      "certificateChain": [
        {
          "subject": "string",
          "issuer": "string",
          "serialNumber": "string",
          "validFrom": "2025-02-08T20:59:59.039Z",
          "validTo": "2025-02-08T20:59:59.039Z"
        }
      ],
      "signatureDetails": {
        "errors": [
          "string"
        ],
        "warns": [
          "string"
        ],
        "infos": [
          "string"
        ]
      }
    }
  ]
}

Qualified Electronic Signature Validation - CODE SNIPPETS


    curl --location 'https://zylalabs.com/api/6122/digital+signature+verification+api/8389/qualified+electronic+signature+validation' \
    --header 'Content-Type: application/json' \ 
    --form 'image=@"FILE_PATH"'

API Access Key & Authentication

After signing up, every developer is assigned a personal API access key, a unique combination of letters and digits provided to access to our API endpoint. To authenticate with the Digital Signature Verification API simply include your bearer token in the Authorization header.
Headers
Header Description
Authorization [Required] Should be Bearer access_key. See "Your API Access Key" above when you are subscribed.

Simple Transparent Pricing

No long-term commitment. Upgrade, downgrade, or cancel anytime. Free Trial includes up to 50 requests.

🚀 Enterprise

Starts at
$ 10,000/Year

  • Custom Volume
  • Custom Rate Limit
  • Specialized Customer Support
  • Real-Time API Monitoring
zeiss-logo amazon-logo zoom-logo decathlon-logo
Book a Call

Customer favorite features

  • ✔︎ Only Pay for Successful Requests
  • ✔︎ Free 7-Day Trial
  • ✔︎ Multi-Language Support
  • ✔︎ One API Key, All APIs.
  • ✔︎ Intuitive Dashboard
  • ✔︎ Comprehensive Error Handling
  • ✔︎ Developer-Friendly Docs
  • ✔︎ Postman Integration
  • ✔︎ Secure HTTPS Connections
  • ✔︎ Reliable Uptime

Digital Signature Verification API FAQs

The API confirms that the certificate used in the signature is a Qualified Certificate (QC) by: 1. Checking its compliance with ETSI EN 319 412 standards. 2. Verifying its revocation status using Certificate Revocation Lists (CRL) and Online Certificate Status Protocol (OCSP). 3. Ensuring that the issuing CA is recognized on EU Trusted List.

A Qualified Electronic Signature (QES) is the highest level of electronic signature under regulations like eIDAS. It provides legal equivalence to handwritten signatures. Validation ensures that the signature is authentic, legally compliant, and has not been tampered with.

The API currently supports validation of QES signatures in PDF and XML document formats.

Yes, the API ensures that validated signatures meet all the legal and technical requirements defined under eIDAS and other relevant electronic signature standards. This makes it suitable for use in legally binding digital transactions.

The API follows a multi-step process to validate QES, including: 1. Extracting the signature and metadata from the document. 2. Performing a cryptographic integrity check to ensure the signature is unaltered. 3. Validating the certificate, checking expiration, revocation status, and compliance with official trusted lists (e.g., EU Trusted List). 4. Ensuring the signature meets eIDAS legal and technical requirements.

The endpoint returns a JSON response containing details about the document, including the total number of signatures, valid signatures, and specific information for each signature, such as validation status, signer details, and certificate information.

Key fields include `documentName`, `summary` (with `totalSignatures` and `validSignatures`), and an array of `signatures` containing details like `signatureId`, `indication`, `signer`, and `signingCertificate`.

The response is structured in a hierarchical format, starting with document-level information, followed by a summary of signatures, and detailed validation results for each signature in an array format.

Users can customize their requests by providing parameters such as the document format (PDF or XML) and the signature data to be validated, ensuring the API processes the correct information.

The endpoint provides information on the validity of signatures, details about the signing certificate, validation time, signing time, and any errors or warnings encountered during the validation process.

Users can analyze the `summary` to assess overall signature validity and review individual `signatures` for detailed validation results, including any errors or warnings, to ensure compliance and authenticity.

The API performs multiple checks, including cryptographic integrity verification, certificate validation against trusted lists, and compliance with eIDAS standards, ensuring high data accuracy and reliability.

Typical use cases include validating electronic contracts, ensuring compliance in legal documents, and verifying signatures in financial transactions, where authenticity and legal validity are crucial.

General FAQs

Please have a look at our Refund Policy: https://zylalabs.com/terms#refund

To obtain your API key, you first need to sign in to your account and subscribe to the API you want to use. Once subscribed, go to your Profile, open the Subscription section, and select the specific API. Your API key will be available there and can be used to authenticate your requests.

You can’t switch APIs during the free trial. If you subscribe to a different API, your trial will end and the new subscription will start as a paid plan.

If you don’t cancel before the 7th day, your free trial will end automatically and your subscription will switch to a paid plan under the same plan you originally subscribed to, meaning you will be charged and gain access to the API calls included in that plan.

The free trial ends when you reach 50 API requests or after 7 days, whichever comes first. 

No, the free trial is available only once, so we recommend using it on the API that interests you the most. Most of our APIs offer a free trial, but some may not include this option.

 Yes, we offer a 7-day free trial that allows you to make up to 50 API calls at no cost, so you can test our APIs without any commitment. 

Zyla API Hub is like a big store for APIs, where you can find thousands of them all in one place. We also offer dedicated support and real-time monitoring of all APIs. Once you sign up, you can pick and choose which APIs you want to use. Just remember, each API needs its own subscription. But if you subscribe to multiple ones, you'll use the same key for all of them, making things easier for you.

Prices are listed in USD (United States Dollar), EUR (Euro), CAD (Canadian Dollar), AUD (Australian Dollar), and GBP (British Pound). We accept all major debit and credit cards. Our payment system uses the latest security technology and is powered by Stripe, one of the world's most reliable payment companies. If you have any trouble paying by card, just contact us at [email protected]

Additionally, if you already have an active subscription in any of these currencies (USD, EUR, CAD, AUD, GBP), that currency will remain for subsequent subscriptions. You can change the currency at any time as long as you don't have any active subscriptions.
The local currency shown on the pricing page is based on the country of your IP address and is provided for reference only. The actual prices are in USD (United States Dollar). When you make a payment, the charge will appear on your card statement in USD, even if you see the equivalent amount in your local currency on our website. This means you cannot pay directly with your local currency.
Occasionally, a bank may decline the charge due to its fraud protection settings. We suggest reaching out to your bank initially to check if they are blocking our charges. Also, you can access the Billing Portal and change the card associated to make the payment. If these does not work and you need further assistance, please contact our team at [email protected]
Prices are determined by a recurring monthly or yearly subscription, depending on the chosen plan.
API calls are deducted from your plan based on successful requests. Each plan comes with a specific number of calls that you can make per month. Only successful calls, indicated by a Status 200 response, will be counted against your total. This ensures that failed or incomplete requests do not impact your monthly quota.
Zyla API Hub works on a recurring monthly subscription system. Your billing cycle will start the day you purchase one of the paid plans, and it will renew the same day of the next month. So be aware to cancel your subscription beforehand if you want to avoid future charges.
To upgrade your current subscription plan, simply go to the pricing page of the API and select the plan you want to upgrade to. The upgrade will be instant, allowing you to immediately enjoy the features of the new plan. Please note that any remaining calls from your previous plan will not be carried over to the new plan, so be aware of this when upgrading. You will be charged the full amount of the new plan.
To check how many API calls you have left for the current month, refer to the 'X-Zyla-API-Calls-Monthly-Remaining' field in the response header. For example, if your plan allows 1,000 requests per month and you've used 100, this field in the response header will indicate 900 remaining calls.
To see the maximum number of API requests your plan allows, check the 'X-Zyla-RateLimit-Limit' response header. For instance, if your plan includes 1,000 requests per month, this header will display 1,000.
The 'X-Zyla-RateLimit-Reset' header shows the number of seconds until your rate limit resets. This tells you when your request count will start fresh. For example, if it displays 3,600, it means 3,600 seconds are left until the limit resets.
Yes, you can cancel your plan anytime by going to your account and selecting the cancellation option on the Billing page. Please note that upgrades, downgrades, and cancellations take effect immediately. Additionally, upon cancellation, you will no longer have access to the service, even if you have remaining calls left in your quota.
After 7 days, you will be charged the full amount for the plan you were subscribed to during the trial. Therefore, it's important to cancel before the trial period ends. Refund requests for forgetting to cancel on time are not accepted.
When you subscribe to an API free trial, you can make up to 50 API calls. If you wish to make additional API calls beyond this limit, the API will prompt you to perform an "Start Your Paid Plan." You can find the "Start Your Paid Plan" button in your profile under Subscription -> Choose the API you are subscribed to -> Pricing tab.
Payout Orders are processed between the 20th and the 30th of each month. If you submit your request before the 20th, your payment will be processed within this timeframe.
You can contact us through our chat channel to receive immediate assistance. We are always online from 8 am to 5 pm (EST). If you reach us after that time, we will get back to you as soon as possible. Additionally, you can contact us via email at [email protected]
Start Free Trial
 Service Level
100%
 Response Time
383ms

Category:

Legal & Compliance

Tags:

Related APIs

SSL Verification Details API

SSL Verification Details API
Security & Cybersecurity Free 7-Day Trial

Service Level:

100%

Response Time:

559ms

Authentic Email Verification API

Authentic Email Verification API
Communication & Messaging Free 7-Day Trial

Service Level:

100%

Response Time:

577ms

Secure Email Validation and Verification API

Secure Email Validation and Verification API
Communication & Messaging Free 7-Day Trial

Service Level:

100%

Response Time:

1,865ms

Secure Email Data Verification API

Secure Email Data Verification API
Security & Cybersecurity Free 7-Day Trial

Service Level:

100%

Response Time:

187ms

Smart Mail Verify API

Smart Mail Verify API
Communication & Messaging Free 7-Day Trial

Service Level:

100%

Response Time:

120ms

Dynamic Email Verification API

Dynamic Email Verification API
Communication & Messaging Free 7-Day Trial

Service Level:

100%

Response Time:

720ms

Authentic Email Verification API

Authentic Email Verification API
Communication & Messaging Free 7-Day Trial

Service Level:

100%

Response Time:

1,131ms

Verify Email API

Verify Email API
Communication & Messaging Free 7-Day Trial

Service Level:

100%

Response Time:

37ms

Smart Email Authenticity Check API

Smart Email Authenticity Check API
Communication & Messaging Free 7-Day Trial

Service Level:

100%

Response Time:

618ms

SSL - TLS Certificate Verification API

SSL - TLS Certificate Verification API
Security & Cybersecurity Free 7-Day Trial

Service Level:

100%

Response Time:

1,726ms

You might also like