MyDatasure - Qualified Trust Service Provider

For documentation about Datasure Proof Vault, please see Swagger tab.

You can join the standard API according to the RFC3161 protocol. You can find a variety of RFC3161 libraries for your language or directly generate the Timestamp Query (TSQ) thanks to OpenSSL.
You must transmit a "Timestamp Request" to the timestamp authority's endpoint, with the corresponding header (application/timestamp-query). Make sure your TSQ is valid before sending and its content (hash of the data to be timestamped, hashing algorithm, ...). It is not necessary to specify the OID (Timestamp Policy) because by default the timestamp units choose the only available qualified timestamp policy (1.3.6.1.4.1.58753.1.1.1.1).
However, it is absolutely necessary to specify a hash algorithm that is robust enough in accordance with current ETSI standards (minimum and default: sha256).

Endpoint (POST)	Private url. Please connect to your customer account to see it.
Basic Authentication	You indicate your email as 'username' and your 'password' of the Datasure platform. Header must have the "Authorization" key with value "Basic username:password" (Base64)
Body of the POST request	Your TSQ according to RFC3161.

The response is status 200 with the content of the Timestamp Response (TSR) in the body. You must retrieve the TSR in order to integrate it into your use cases.

For the convenience of some customers, you have access to a simple HTTP REST API that allows you to send a PDF file in a POST request and retrieve the PDF file with an incorporated timestamp : it is the PAdES format (thus visible in the signature banner in clients such as Adobe Acrobat Reader).

Endpoint (POST)	Private url. Please connect to your customer account to see it.
Authentication	You indicate your email as 'username' and your 'password' of the Datasure platform. Header must have the "Authorization" key with value "Basic username:password" (Base64)
Body	Key: 'pdf' Value: your PDF file (multipart/form-data)

The timestamp authority sends you a 200 OK status with the PDF file with the incorporated timestamp in PADES format in the body. You just need to save this version of the file for your use cases.

With this Premium tool, you can generate unlimited PDF proof certificates digitally signed by Datasure for all your achieved timestamps. You need to send, in the URL, the Serial Number of the token for which you want to have a proof certificate. Each generation of PDF certificate costs you 1 timestamp credit. This is a GET method.

Endpoint (GET)	Private url. Please connect to your customer account to see it.
Basic Authentication	You indicate your email as 'username' and your 'password' of the Datasure platform. Header must have the "Authorization" key with value "Basic username:password" (Base64)
Parameters	{serial_number} in the URL parameter : Serial number of the timestamp record

Be sure to get the correct serial number from your tokens in your application to be able to generate proof certificates from this API.

Download the Timestamping Response (TSR) for a given serial number, encoded in DER format complying with RFC 3161.

Endpoint (GET)	Private url. Please connect to your customer account to see it.
Basic Authentication	You indicate your email as 'username' and your 'password' of the Datasure platform. Header must have the "Authorization" key with value "Basic username:password" (Base64)
Parameters	serialNumber: Serial number of the timestamp record
Responses	200: TSR downloaded successfully, 404: TSR not available or not found, 500: Internal server error

Retrieves detailed information of a Timestamp Record based on its serial number.

Endpoint (GET)	Private url. Please connect to your customer account to see it.
Basic Authentication	You indicate your email as 'username' and your 'password' of the Datasure platform. Header must have the "Authorization" key with value "Basic username:password" (Base64)
Parameters	serialNumber: Serial number of the Timestamp Record
Responses	200: Timestamp Record details, 404: Timestamp Record not found

Searches for all Timestamp Records containing the given fingerprint and returns an array of their serial numbers.

Endpoint (GET)	Private url. Please connect to your customer account to see it.
Basic Authentication	You indicate your email as 'username' and your 'password' of the Datasure platform. Header must have the "Authorization" key with value "Basic username:password" (Base64)
Parameters	fingerprint: Fingerprint hash to search for
Responses	200: List of serial numbers, 404: No records found for the given fingerprint

Validate a SHA-256 hash and generate a Timestamping Response (TSR) if the hash is valid.

Endpoint (POST)	Private url. Please connect to your customer account to see it.
Basic Authentication	You indicate your email as 'username' and your 'password' of the Datasure platform. Header must have the "Authorization" key with value "Basic username:password" (Base64)
Request Body	hash: SHA-256 hash for which the TSR is to be generated
Responses	200: TSR generated successfully, 400: Invalid hash format, 500: Internal server error

This endpoint computes the SHA-256 hash of the file you provide and directly returns the Timestamp Response (TSR). The file size limit is 100MB per file. Only one file should be sent per POST request.

Endpoint (POST)	Private url. Please connect to your customer account to see it.
Basic Authentication	You indicate your email as 'username' and your 'password' of the Datasure platform. Header must have the "Authorization" key with value "Basic username:password" (Base64)
Request Body	file: File to upload (multipart/form-data)
Responses	200: TSR done successfully, 400: No file given or too big size (100MB), 500: Server internal error

With Premium offer, You're entitled to have your own official verification page (White mark) that you can iframe in your own project. This page can be used to search any timestamp records you've done, by serial number, hash, or even a file itself.

URL Endpoint	Private url. Please connect to your customer account to see it.

For test purposes only, we expose a timestamp unit RFC3161 with dummy timestamps. It doesn't consum any token from your customer plan. This token will has no trust for CA and has no legal value. Warning : Please don't send many requests to not saturate the server.

Endpoint (POST)	Private url. Please contact Presales if you need it for testing.
Basic Authentication	You indicate your email as 'username' and your 'password' of the Datasure platform. Header must have the "Authorization" key with value "Basic username:password" (Base64)
No auth	There is no authentification needed.
Body of the POST request	Your TSQ in binary.

Warning : this API should NOT be use in production.

Open API Swagger	Click here to open OpenAPI Swagger Documentation in new window

1. Standard API - RFC3161

2. PAdES timestamp for PDF files

3. PDF Certificate of TSA operation (Premium)

4. Download TSR from Serial Number (Premium)

5. Get Details of a Timestamp Record (Premium)

6. Search Timestamp Records by Fingerprint (Premium)

7. Generate Timestamp Response (TSR) from SHA-256 hash (Premium)

8. Generate Timestamp Response (TSR) from a File (Premium)

9. Official Verification Page (Premium)

10. Dummy Timestamp API