The ZealiD Developer Hub

Welcome to the ZealiD developer hub. You'll find comprehensive guides and documentation to help you start working with ZealiD as quickly as possible, as well as support if you get stuck. Let's jump right in!

Get Started    Discussions

Data API in detail

Here you can find every call explained in detail with sample requests and responses

Data API endpoints

Authenticate your users:

Work with user documents:

get_token

API reference for developers

📘

Required input

  • grant_type should be "authorization_code"
  • code should be the code that you receive as url parameter after scanning authentication QR code
  • redirect_uri should be your desired redirect point

🚧

Be aware!

  • After receiving HERMES_TOKEN it's valid only for particular period of time

  • Use correct subdomain:

    • core-hermes - production environment
    • hermes-dev - testing environment

Example request:

curl https://core-hermes.zealid.com/mediator/api/get_token
    -X POST
    -H "Content-type: application/json"
    -H "Authorization: HMAC hmac_string"
    -d @- << EOF
{
    "grant_type": "authorization_code",
    "code": "HERMES_CODE",
    "redirect_uri": "https://example.com"
}
EOF

Example response:

{
    "access_token": "hermes_token_el1gLMbW_qVhIwZeDvuF7Epk9ZxYYqbL7_cWdbYryGI",
    "status": "OK"
}

get_data

API reference for developers

📘

Expected output

  • Default output of get_data call includes: your customer_id and your personal_data (first_name, last_name, serial_number)
  • Data included in response is configurable

🚧

About customer_id

  • The customer_id is required in every call related to actions with documents (upload, sign, retrieve)

  • Use correct subdomain:

    • core-hermes - production environment
    • hermes-dev - testing environment

Example request:

curl https://core-hermes.zealid.com/mediator/api/get_data
    -X POST
    -H "Content-type: application/json"
    -H "Authorization: HMAC hmac_string"
    -d @- << EOF
{
    "token": "hermes_token_el1gLMbW_qVhIwZeDvuF7Epk9ZxYYqbL7_cWdbYryGI"
}
EOF

Example response:

{
    "customer_id": "cust_uGgWMSI_JKBFsNsXh9UTY14A-zxPnZ_5mPkk2A6-U_U",
    "data": {
        "first_name": "Matas",
        "last_name": "Balcaitis",
        "serial_number": "PNOLT-39412161111"
    },
    "status": "success",
    "success": true
}

get_documents

API reference for developers

📘

Expected output

Returns all user documents uploaded/signed with user customer_id

🚧

Be aware!

  • We do not provide document storage service!

    • All documents have expiration time - 30 days
    • All documents older than 30 days are removed from our storage - make sure to download your documents before expiration time
  • Use correct subdomain:

    • core-hermes - production environment
    • hermes-dev - testing environment

Example request:

curl https://core-hermes.zealid.com/mediator/api/user/cust_uGgWMSI_JKBFsNsXh9UTY14A-zxPnZ_5mPkk2A6-U_U/get_documents
    -X GET
    -H "Content-type: application/json"
    -H "Authorization: HMAC hmac_string"

Example response:

[
    {
        "created": "2020-08-13 08:11:07",
        "id": "7872e574-7454-4f76-bd67-d79b1dc9de36",
        "name": "myamazingfile.pdf",
        "status": "pending",
        "type": "pdf"
    },
    {
        "created": "2020-08-13 08:11:31",
        "id": "abc77afa-0d4e-4d36-9dac-a05f4a614a88",
        "name": "hash_to_sign.p7s",
        "status": "pending",
        "type": "hash"
    },
    {
        "created": "2020-08-13 08:11:36",
        "id": "8b1016dc-7eb4-44d1-bf0c-8a8ba132cc66",
        "name": "hash_to_sign.p7s",
        "status": "signing",
        "type": "hash"
    }
]

upload

API reference for developers

📘

Required input

  • content should be base64 string of your pdf file content
  • digest should be sha1 string of your pdf file content
  • filename should be your desired filename with ".pdf" extension

🚧

Be aware!

  • There exists file size limit which currently stand at 30Mb

    • If you have a need to work with bigger files please contact our support!
  • Use correct subdomain:

    • core-hermes - production environment
    • hermes-dev - testing environment

Example request:

curl https://core-hermes.zealid.com/mediator/api/upload/cust_uGgWMSI_JKBFsNsXh9UTY14A-zxPnZ_5mPkk2A6-U_U
    -X POST
    -H "Content-type: application/json"
    -H "Authorization: HMAC hmac_string"
    -d @- << EOF
{
    "content": "base64...",
    "digest": "sha1...",
    "filename": "my_document.pdf"
}
EOF

Example response:

{
    "id": "d7d8c763-75b5-42ec-a42c-849cbbc6fdda",
    "success": true
}

Upload Hash

API reference for developers

📘

Required input

  • content should be content of hash you want to sign
  • hashname name how you want to call your hash

🚧

Be aware!

  • Use correct subdomain:
    • core-hermes - production environment
    • hermes-dev - testing environment
curl https://core-hermes.zealid.com/mediator/api/upload/hash/cust_uGgWMSI_JKBFsNsXh9UTY14A-zxPnZ_5mPkk2A6-U_U
    -X POST
    -H "Content-type: application/json"
    -H "Authorization: HMAC hmac_string"
    -d @- << EOF
{
    "content": "any_hash_you_want_to_sign",
    "hashname": "my_first_hash"
}
EOF
{
    "id": "d7d8c763-1234-42ec-a42c-849cbbc6fdda",
    "success": true
}

Sign

API reference for developers

📘

Required input

  • document_id should be id of document that you want to sign - after uploading document you retrieve it's id in response
  • title should be random message that will be displayed on your phone screen when approving signing transaction
  • redirect_uri should be your preferred redirect url where you will be redirected after scanning QR code in your browser
  • customer_id should be your customer id which you receive during get_data response

🚧

Be aware!

  • Response of this call is HTML template including QR code that you need to scan with your ZealiD app to confirm signing transaction

  • Use correct subdomain:

    • core-hermes - production environment
    • hermes-dev - testing environment
  • NOTE: as "document" we refer either to uploaded PDF or HASH

Example request:

curl https://core-hermes.zealid.com/mediator/api/sign
    -X POST
    -H "Content-type: application/json"
    -H "Authorization: HMAC hmac_string"
    -d @- << EOF
{
    "document_id": "d7d8c763-75b5-42ec-a42c-849cbbc6fdda",
    "title": "my_first_signing",
    "redirect_url": "https://example.com",
    "customer_id": "cust_uGgWMSI_JKBFsNsXh9UTY14A-zxPnZ_5mPkk2A6-U_U"
}
EOF

Example response:

<!doctype html>\n<html>\n<head>\n<meta charset="utf-8">\n<meta name="viewport" content="width=device-width; initial-scale=1.0; maximum-scale=1.0; user-scalable=0;" />\n\n<style>\n    html, body {\n        height: 100%;\n        margin: 0;         /* Reset default margin on the body element */\n    }\n    iframe {\n        display: block;       /* iframes are inline by default */\n        background: #fff;\n        border: none;         /* Reset default border */\n        width: 100%;\n        height: 100%;\n    }\n</style>\n\n<script type=text/javascript src="/static/jquery.js"></script>\n\n<script type="text/javascript">\nrunScript();\n\nfunction runScript() {\n    if(window.$) {\n        $(function () {\n            var redirectLink = \'\';\n            var checkStatusTime = 1000.0;\n            var requestTimeout = 5000.0;\n            var redirectIn = 0;\n            var redirectToUrl = function() {\n                document.location = redirectLink;\n            };\n            var request_additional_session_data = false;\n            var have_additional_session_data = false;\n            var cookies;\n            var cookie;\n            var cookie_domain;\n            var url = "";\n            var key = "";\n\n            var worker = function () {\n                url = \'https://hermes-dev.zealid.com/mediator/api/auth_link/remote_session_status/g6SyUEe--Ar3I9IkexBE7gh2uOYcAISOj9iSQ642QkU\';\n\n                $.ajax({\n                    url: url,\n                    timeout: requestTimeout,\n                    success: function(data) {\n                        console.log("DATA: " + data);\n                        console.log("Status: " + data.status);\n\n                        if ("redirect_url" in data && data.redirect_url != false) {\n                            console.log("Redirecting to: " + data.redirect_url);\n                            redirectLink = data.redirect_url;\n                            parent.postMessage(redirectLink, "*");\n                            redirectIn = data.redirect_in * 1000.0;\n                            setTimeout(redirectToUrl, redirectIn);\n                        } else {\n                            setTimeout(worker, checkStatusTime);\n                        }\n                    },\n                    failed: function() {\n                        setTimeout(worker, checkStatusTime);\n                    },\n                    error: function() {\n                        setTimeout(worker, checkStatusTime);\n                    }\n                });\n            };\n\n            worker();\n\n            $(\'.cancel-button\').on(\'click\', function () {\n                document.location = \'\';\n            });\n        });\n    } else {\n        window.setTimeout(runScript, 100);\n    }\n}\n</script>\n\n</head>\n\n<body>\n        <img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAcIAAAHCAQAAAABUY/ToAAAEBklEQVR4nO2cUYrjOBCGv1oZ+qXBgjlA5mEPsCcY53EfFuZIQzMnapgD2CeYK2wfoEGGfWmwqX2QZMtJJ1myyUycqf/B3dj6sGUqqiqVZFHOU/fbmSAYaaSRRhpppJFG3h4pSRV0HmTbi8gWoBOR1LTPrbYXuaeR90Kiqqo0qqoaXDq0gLY4pZnOxcPUuF1XP428Hlmlv72H5hnoPr8J4AZpwge08w4BF1sJuOEnPq2Rt0hWe2f6BwVGURiQJnjR7vOr7M0BrKufRl6P3LUhoQ75/94DtSLUIM3zpe5p5H2Re/FQm89pW6tCPWDxkJFHFc0iKQXRBw65ldmQkaWiL9sJdrTbvEkcgrrNAJ136G6rdfXTyOuTvUg8dB4Ap+ncpE4qZHvJexp5H2QR+6jqQI6CVLXFpXPxECBeUPNlRpbK8VAZNc/2QpOv7jYxGzIyK6VawcXRB+qBlI3pQD6XrakJ08i1rn4aeT0yj0PReUGRwkdrArStsy+LGZrZkJGl8jgENDowOy9tYwOX0rHJfMyGjFxqHnNUA8zl1hRTh1x9nRya+TIjlypsqJ2ioCYfyinqOeI2GzKyVE7EkstKYU+2lOS3psxfwy8XU+9XpRc6sh59Xf38v6RInJhWlS1Ote133twokM/J9iL3NHItZIfvR3+K1LZ/UJqXipiNdZsBlAD0FfLlZZ6iziH2kd/nX7/zMXw752lP6TDpvhPOI8HLscHmMNkT9PHP8+55XIfJxy3884Pf7SnFlyfUr5JrY68VUA18+v43VVxJ1IPSA9RveSXR4df+7ePXPx5dOHHP9yQevDv1tO/p0zGnwq39su+LzNFNnokmpvVTSWMKp1PSH8PuXykeOkzOC9B/3D1vkVys/Vgk+CmZD+Q5ozmwNhsyslRR62iCU23roZhtjCXYdEE15ftmQ0aWShZR5ynqWBEL5ZaO2K4oeJgNGfkemRYM6dNGVbaMok9+lBhEx3nHlwel81NettJ+GnlxshiHUiQdynEoOq+2nur2s5NbVz+NvB5ZZMsC1SDNsxskLQB5E+g/qIBA5wN0/jUn0evqp5HXI6d9HXOBjFw0mzdyzOGRWt3eyF0V9bJiD4emPD75sqn1ZEhmQ0ZO0qXSFqAcGRVq5hHJbMjIPXLx3Q+nNC8iIp4UZ8d1+rHmOsqC/BlPa+Rtkfv7XGtNSxin6aLFEkbLy4zcVeHB0qQixOJ9owPE3RxFOSQ7PbMhIw+QIpsUROuThxQe9SK7G6Zv4mmNvAVybzVF046Qdt6Paa90/OpQPwowVjY/ZORS+/FQ2l9WjjkwzWJbbm/k+2QnKREDcq2j2+RJoqheRMSP9j1GI5fa/77Zf5R949xII4000kgjjbwT8l9p2q+s5kF1XQAAAABJRU5ErkJggg==" alt="Discovery QR" />\n</body>\n</html>

Updated 5 months ago

Data API in detail


Here you can find every call explained in detail with sample requests and responses

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.