This section describes the high-level steps involved in a signing operation performed through SignBox.
The process is asynchronous and relies on callback mechanisms to return results.
A typical signing operation follows these steps:
- The business application prepares the document to be signed.
- A cryptographic hash of the document is generated locally.
- The hash is sent to SignBox through the REST API.
- SignBox forwards the signing request to the Trusted Service Center.
- The signature is generated using keys stored in a QSCD.
- The signing result is returned to the client application via callbacks.
Signing operations are executed asynchronously.
Client applications must implement callback endpoints to receive status notifications and signed results. This design allows SignBox to process large volumes of signing jobs efficiently.
For details on callback configuration, see Webhooks.