Frequently asked questions and troubleshooting for One-Shot end users and integrators. Short answers are given below; for more integration and API details, see Developer documentation.
Billing credentials are the credentials used by the platform to meter and bill your usage of One-Shot (and other services such as SignBox and Timestamp). They are separate from the credentials you use for the Registration Authority Operator (RAO) or for signing.
To obtain billing credentials, contact your commercial contact or Operations directly. They will provide the username and password (or the appropriate authentication method for your contract).
Yes. You can use a token instead of sending RAO username, password and PIN in each request. In both sandbox and production you create the token with the Create Token API and use the returned token in subsequent calls (e.g. Create Request). This is not a Bearer or API key—it is the token returned by the create-token operation. See Get started and the One-Shot OpenAPI specification for parameters.
You configure the graphic signature (visual appearance of the signature in the signed PDF) in the Sign call. In the request body, use the signature.appearance object to set text, position, and an optional image (e.g. base64 or reference).
For the full set of parameters and examples, see the Sign operation in the One-Shot OpenAPI specification. The structure is similar to signature appearance in other Uanataca services; use the OpenAPI schema for the exact field names and formats.
The OTP generated before the Sign call is valid for 5 minutes. Use it in the Sign request as soon as it is received to avoid expiry.
Yes. The Redis container is required for One-Shot Optimizer. See Docker installation and Service settings.
No. With One-Shot, only the hash of each document is sent to the signature service; the original document content does not leave your infrastructure. Documents are processed in your environment (or in the Optimizer you operate), and the signed result is returned to you. See Architecture and Signing flow.
You can load up to 10 documents in a single One-Shot transaction. You can do it in one or several Upload Document calls, but the total must not exceed 10 documents per transaction.
To use asynchronous mode, set useasync=true and provide a callback URL when calling Create Request (POST /oneshot/api/v1/create). The API returns quickly; processing continues on the server, and status changes are sent to your callback URL. The flow steps are the same as the classic workflow. For the full flow and webhook payload, see Asynchronous flow.
Their obligatoriness varies depending on the configuration of the Registration Authority you are using and the specific conditions of each case. For more information, contact your commercial contact or Operations directly.
The Registration Authority (RA) id to use is always the one provided by your commercial contact or Operations, or, if applicable, the one included in the dataset you received to use the service. This applies in both sandbox and production. You need this RA id when creating requests and when using RAO credentials or tokens. See Get started.
The 500 error related to certificates is usually due to one of the following:
- The certificates are malformed or do not follow the naming convention required for the certificate.
- The certificates are expired or invalid.
- You are using a Registration Authority (RA) to which those certificates do not belong.
Check the certificate format, naming, validity, and that they correspond to the RA you are using. If the problem persists, contact your commercial contact or Operations directly with the request id and error details (without exposing secrets).
For more integration and API details, see Developer documentation.