openapi: 3.0.3 info: title: Firma con IO - Issuer API version: 1.2.1 servers: - url: https://api.io.pagopa.it/api/v1/sign description: production security: - SubscriptionKey: [] paths: /dossiers: post: operationId: createDossier tags: - Dossier summary: Create a Dossier requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/CreateDossierBody" responses: "201": description: The Dossier detail content: application/json: schema: $ref: "#/components/schemas/DossierDetailView" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" "403": $ref: "#/components/responses/Forbidden" "429": $ref: "#/components/responses/TooManyRequests" default: $ref: "#/components/responses/Unexpected" /dossiers/{id}: get: operationId: getDossier tags: - Dossier summary: Get a Dossier by Id parameters: - in: path name: id required: true schema: $ref: "#/components/schemas/Id" responses: "200": description: The Dossier detail content: application/json: schema: $ref: "#/components/schemas/DossierDetailView" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" "403": $ref: "#/components/responses/Forbidden" "404": $ref: "#/components/responses/NotFound" "429": $ref: "#/components/responses/TooManyRequests" default: $ref: "#/components/responses/Unexpected" /dossiers/{id}/signature-requests: get: operationId: getRequestsByDossier tags: - Dossier summary: Get the Signature Requests created from a Dossier parameters: - in: path name: id required: true schema: $ref: "#/components/schemas/Id" - in: query name: continuationToken required: false schema: type: string - in: query name: limit required: false schema: type: integer minimum: 25 maximum: 100 responses: "200": description: The Dossier detail content: application/json: schema: $ref: "#/components/schemas/SignatureRequestList" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" "403": $ref: "#/components/responses/Forbidden" "404": $ref: "#/components/responses/NotFound" "429": $ref: "#/components/responses/TooManyRequests" default: $ref: "#/components/responses/Unexpected" /signers: post: operationId: getSignerByFiscalCode tags: - Signer summary: Get Signer By Fiscal COde requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/GetSignerByFiscalCodeBody" responses: "201": description: The Signer detail content: application/json: schema: $ref: "#/components/schemas/SignerDetailView" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" "403": $ref: "#/components/responses/Forbidden" "429": $ref: "#/components/responses/TooManyRequests" default: $ref: "#/components/responses/Unexpected" /signature-requests: post: operationId: createSignatureRequest tags: - Signature Request summary: Create a Signature Request requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/CreateSignatureRequestBody" responses: "201": description: The Signature Request detail content: application/json: schema: $ref: "#/components/schemas/SignatureRequestDetailView" "401": $ref: "#/components/responses/Unauthorized" "403": $ref: "#/components/responses/Forbidden" "422": $ref: "#/components/responses/UnprocessableContent" "429": $ref: "#/components/responses/TooManyRequests" default: $ref: "#/components/responses/Unexpected" /signature-requests/{id}: get: operationId: getSignatureRequest tags: - Signature Request summary: Get a Signature Request by Id parameters: - in: path name: id required: true schema: $ref: "#/components/schemas/Id" responses: "200": description: The Signature Request detail content: application/json: schema: $ref: "#/components/schemas/SignatureRequestDetailView" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" "403": $ref: "#/components/responses/Forbidden" "404": $ref: "#/components/responses/NotFound" "429": $ref: "#/components/responses/TooManyRequests" default: $ref: "#/components/responses/Unexpected" /signature-requests/{id}/status: put: operationId: setSignatureRequestStatus tags: - Signature Request summary: Set the status of a Signature Request parameters: - in: path name: id required: true schema: $ref: "#/components/schemas/Id" requestBody: required: true content: application/json: schema: $ref: "#/components/schemas/SetSignatureRequestStatusBody" responses: "204": description: Signature Request status successfully set "401": $ref: "#/components/responses/Unauthorized" "403": $ref: "#/components/responses/Forbidden" "404": $ref: "#/components/responses/NotFound" "422": $ref: "#/components/responses/UnprocessableContent" "429": $ref: "#/components/responses/TooManyRequests" default: $ref: "#/components/responses/Unexpected" /signature-requests/{req_id}/documents/{doc_id}/upload_url: get: operationId: getDocumentUploadUrl tags: - Signature Request summary: Get the Upload Url for the specified document parameters: - in: path name: req_id required: true schema: $ref: "#/components/schemas/Id" - in: path name: doc_id required: true schema: $ref: "#/components/schemas/Id" responses: "200": description: The Upload Url content: application/json: schema: $ref: "#/components/schemas/UploadUrl" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" "403": $ref: "#/components/responses/Forbidden" "404": $ref: "#/components/responses/NotFound" "429": $ref: "#/components/responses/TooManyRequests" default: $ref: "#/components/responses/Unexpected" /signature-requests/{req_id}/notification: put: operationId: sendNotification tags: - Signature Request summary: Send a signature request notification to user via IO message parameters: - in: path name: req_id required: true schema: $ref: "#/components/schemas/Id" responses: "201": description: The notification detail content: application/json: schema: $ref: "#/components/schemas/NotificationDetailView" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" "403": $ref: "#/components/responses/Forbidden" "429": $ref: "#/components/responses/TooManyRequests" default: $ref: "#/components/responses/Unexpected" /validate-document: post: operationId: validateDocument tags: - Utility summary: Validate a PDF document against a list of signature fields requestBody: content: multipart/form-data: schema: type: object properties: document: type: string format: binary signature_fields: type: array items: $ref: "#/components/schemas/SignatureField" required: - document encoding: document: contentType: application/pdf responses: "200": description: the validation result content: application/json: schema: $ref: "#/components/schemas/DocumentValidationResult" "400": $ref: "#/components/responses/BadRequest" "401": $ref: "#/components/responses/Unauthorized" "403": $ref: "#/components/responses/Forbidden" "429": $ref: "#/components/responses/TooManyRequests" default: $ref: "#/components/responses/Unexpected" components: securitySchemes: SubscriptionKey: type: apiKey name: Ocp-Apim-Subscription-Key in: header description: The API key can be obtained from the reserved area responses: NotFound: description: The specified resource was not found content: application/json: schema: $ref: "#/components/schemas/ProblemDetail" BadRequest: description: Validation error on body content: application/json: schema: $ref: "#/components/schemas/ProblemDetail" Forbidden: description: You don't have enough privileges to perform this action content: application/json: schema: $ref: "#/components/schemas/ProblemDetail" Unauthorized: description: Unauthorized content: application/json: schema: $ref: "#/components/schemas/ProblemDetail" UnprocessableContent: description: Unprocessable Content content: application/json: schema: $ref: "#/components/schemas/ProblemDetail" TooManyRequests: description: Too Many Requests content: application/json: schema: $ref: "#/components/schemas/ProblemDetail" Unexpected: description: Unexpected error content: application/json: schema: $ref: "#/components/schemas/ProblemDetail" schemas: ProblemDetail: type: object properties: type: type: string format: uri description: |- An absolute URI that identifies the problem type. When dereferenced, it SHOULD provide human-readable documentation for the problem type (e.g., using HTML). default: about:blank example: https://example.com/problem/constraint-violation title: type: string description: >- A short, summary of the problem type. Written in english and readable for engineers (usually not suited for non technical stakeholders and not localized); example: Service Unavailable status: type: integer format: int32 description: >- The HTTP status code generated by the origin server for this occurrence of the problem. minimum: 100 maximum: 600 exclusiveMaximum: true example: 200 detail: type: string description: |- A human readable explanation specific to this occurrence of the problem. example: There was an error processing the request instance: type: string format: uri description: >- An absolute URI that identifies the specific occurrence of the problem. It may or may not yield further information if dereferenced. Clause: type: object properties: title: type: string minLength: 5 maxLength: 80 type: type: string enum: ["REQUIRED", "UNFAIR", "OPTIONAL"] required: - title - type ExistingSignatureFieldAttrs: type: object properties: unique_name: type: string required: - unique_name SignatureFieldToBeCreatedAttrs: type: object properties: coordinates: type: object properties: x: { type: number } y: { type: number } required: [x, y] page: type: number minimum: 0 size: type: object properties: w: { type: number, minimum: 0 } h: { type: number, minimum: 0 } required: [w, h] required: - coordinates - page - size SignatureFieldAttrs: oneOf: - $ref: "#/components/schemas/ExistingSignatureFieldAttrs" - $ref: "#/components/schemas/SignatureFieldToBeCreatedAttrs" SignatureField: type: object properties: attrs: $ref: "#/components/schemas/SignatureFieldAttrs" clause: $ref: "#/components/schemas/Clause" required: - attrs - clause DocumentMetadata: type: object properties: title: type: string minLength: 3 maxLength: 60 signature_fields: type: array items: $ref: "#/components/schemas/SignatureField" required: - title DocumentMetadataList: type: array items: $ref: "#/components/schemas/DocumentMetadata" minLength: 1 DossierSupportEmail: type: string description: Issuer's support email for a specific dossier. format: email example: demo@example.com DossierTitle: type: string minLength: 3 CreateDossierBody: type: object properties: title: $ref: "#/components/schemas/DossierTitle" support_email: $ref: "#/components/schemas/DossierSupportEmail" documents_metadata: $ref: "#/components/schemas/DocumentMetadataList" required: - title - documents_metadata SetSignatureRequestStatusBody: type: string x-extensible-enum: - READY - CANCELLED DossierDetailView: type: object properties: id: $ref: "#/components/schemas/Id" title: $ref: "#/components/schemas/DossierTitle" support_email: $ref: "#/components/schemas/DossierSupportEmail" documents_metadata: $ref: "#/components/schemas/DocumentMetadataList" created_at: $ref: "#/components/schemas/Timestamp" updated_at: $ref: "#/components/schemas/Timestamp" required: - id - title - documents_metadata - created_at - updated_at Timestamp: type: string format: UTCISODateFromString description: A date-time field in ISO-8601 format and UTC timezone. x-import: "@pagopa/ts-commons/lib/dates" example: "2018-10-13T00:00:00.000Z" Id: type: string description: Entity Id format: NonEmptyString example: 01ARZ3NDEKTSV4RRFFQ69G5FAV x-import: "@pagopa/ts-commons/lib/strings" FiscalCode: type: string description: User's fiscal code. format: FiscalCode x-import: "@pagopa/ts-commons/lib/strings" example: SPNDNL80R13C555X GetSignerByFiscalCodeBody: type: object properties: fiscal_code: $ref: "#/components/schemas/FiscalCode" required: - fiscal_code SignerDetailView: type: object properties: id: $ref: "#/components/schemas/Id" required: - id CreateSignatureRequestBody: type: object properties: dossier_id: $ref: "#/components/schemas/Id" signer_id: $ref: "#/components/schemas/Id" expires_at: $ref: "#/components/schemas/Timestamp" documents_metadata: $ref: "#/components/schemas/DocumentMetadataList" required: - dossier_id - signer_id Document: type: object properties: id: $ref: "#/components/schemas/Id" metadata: $ref: "#/components/schemas/DocumentMetadata" created_at: $ref: "#/components/schemas/Timestamp" updated_at: $ref: "#/components/schemas/Timestamp" required: - id - metadata - created_at - updated_at DocumentToBeUploaded: allOf: - $ref: "#/components/schemas/Document" - type: object properties: status: type: string enum: - WAIT_FOR_UPLOAD required: - status DocumentToBeValidated: allOf: - $ref: "#/components/schemas/Document" - type: object properties: status: type: string enum: - WAIT_FOR_VALIDATION uploaded_at: $ref: "#/components/schemas/Timestamp" required: - status - uploaded_at DocumentReady: allOf: - $ref: "#/components/schemas/Document" - type: object properties: status: type: string enum: - READY uploaded_at: $ref: "#/components/schemas/Timestamp" url: type: string format: uri required: - status - uploaded_at - url DocumentRejected: allOf: - $ref: "#/components/schemas/Document" - type: object properties: status: type: string enum: - REJECTED uploaded_at: $ref: "#/components/schemas/Timestamp" rejected_at: $ref: "#/components/schemas/Timestamp" reject_reason: type: string required: - status - uploaded_at - rejected_at - reject_reason DocumentDetailView: oneOf: - $ref: "#/components/schemas/DocumentToBeUploaded" - $ref: "#/components/schemas/DocumentToBeValidated" - $ref: "#/components/schemas/DocumentReady" - $ref: "#/components/schemas/DocumentRejected" SignatureRequestStatus: type: string x-extensible-enum: - DRAFT - READY - WAIT_FOR_SIGNATURE - SIGNED - REJECTED - CANCELLED SignatureRequestDetailView: type: object properties: id: $ref: "#/components/schemas/Id" status: $ref: "#/components/schemas/SignatureRequestStatus" dossier_id: $ref: "#/components/schemas/Id" signer_id: $ref: "#/components/schemas/Id" expires_at: $ref: "#/components/schemas/Timestamp" documents: type: array items: $ref: "#/components/schemas/DocumentDetailView" notification: $ref: "#/components/schemas/NotificationDetailView" created_at: $ref: "#/components/schemas/Timestamp" updated_at: $ref: "#/components/schemas/Timestamp" signed_at: $ref: "#/components/schemas/Timestamp" rejected_at: $ref: "#/components/schemas/Timestamp" reject_reason: type: string qr_code_url: type: string format: uri cancelled_at: $ref: "#/components/schemas/Timestamp" required: - id - status - dossier_id - signer_id - expires_at - documents - created_at - updated_at SignatureRequestListView: type: object properties: id: $ref: "#/components/schemas/Id" signer_id: $ref: "#/components/schemas/Id" dossier_id: $ref: "#/components/schemas/Id" status: $ref: "#/components/schemas/SignatureRequestStatus" created_at: $ref: "#/components/schemas/Timestamp" updated_at: $ref: "#/components/schemas/Timestamp" expires_at: $ref: "#/components/schemas/Timestamp" required: - id - signer_id - dossier_id - status - created_at - updated_at - expires_at SignatureRequestList: type: object properties: items: type: array items: $ref: "#/components/schemas/SignatureRequestListView" continuation_token: type: string required: - items UploadUrl: type: string format: uri NotificationDetailView: type: object properties: io_message_id: type: string required: - io_message_id DocumentValidationResult: type: object properties: is_valid: type: boolean violations: type: array items: type: string required: - is_valid