## Workflow types overview

One-Shot Signature supports several workflows. Choose the one that matches how you identify the signer and how you provide document data (full PDFs or precomputed hashes).

| Workflow | Description | When to use |
|  --- | --- | --- |
| [Classic workflow](/products/namirialpkiaas/one-shot/enterprise-documentation/products-and-modules/workflows/classic-workflow) | OTP sent by Uanataca via SMS (or other approved method). You upload PDF documents; the Optimizer hashes them and returns signed PDFs. | Standard in-app signing with SMS OTP or similar. |
| [Hash signature flow](/products/namirialpkiaas/one-shot/enterprise-documentation/products-and-modules/workflows/hash-signature-flow) | You upload a JSON containing a message digest and options. The service signs the hash and returns a P7M (CMS) structure, not a full PDF. | You already compute hashes and need only the signed CMS. |
| [Asynchronous mode flow](/products/namirialpkiaas/one-shot/enterprise-documentation/products-and-modules/workflows/asynchronous-flow) | Same sequence as classic, but the Create Request includes a callback URL and `useasync=true`. The API responds quickly; processing continues in the background and status updates are sent via webhook. | When you want shorter API response times; total processing time is unchanged. |
| [eIDAS VideoID](/products/namirialpkiaas/one-shot/enterprise-documentation/products-and-modules/workflows/videoid-eidas) | User completes video identification on a Uanataca VideoID link. Request moves to VIDEOREVIEW; RAO approves it; then you upload documents, retrieve contract, send OTP, sign, and retrieve signed documents. | eIDAS-compliant identification via Uanataca's VideoID. |
| [VideoID External mode](/products/namirialpkiaas/one-shot/enterprise-documentation/products-and-modules/workflows/videoid-external) | You create a VideoID request and then upload identification data and video (evidences) to the API. After RAO approval, the flow continues as in eIDAS VideoID (documents, contract, OTP, sign, retrieve). | VideoID when your platform collects the evidence and video. |


## Common concepts

- **RAO (Registration Authority Officer)**
The operator that approves certificate requests. In One-Shot you act as RAO: you provide user data and request certificate issuance. Sandbox provides a default token for the RAO; in production you create tokens or use credentials.
- **Service contract**
As a Trusted Service Provider, Uanataca provides a service contract (PDF) per certificate issuance. The user must be able to view it together with the documents to be signed.
- **OTP (One-Time Password)**
For Uanataca SMS flow, an OTP is generated and sent to the user's mobile; the user enters it in the sign step. Other authentication methods (e.g. biometric, external) can be used when approved.
- **Webhooks**
For asynchronous flow and VideoID, a webhook URL receives status changes (e.g. VIDEOPENDING → VIDEOREVIEW → ENROLLREADY). See [Webhook configuration](/products/namirialpkiaas/one-shot/enterprise-documentation/developer-documentation/callbacks/webhooks).


For a high-level view of the signing process, see [Signing flow](/products/namirialpkiaas/one-shot/enterprise-documentation/get-started/signing-flow). For full API details, see the [API reference](/products/namirialpkiaas/one-shot/openapi).