# Signature Validation

<mark style="color:yellow;">`POST`</mark> `https://api.zapsign.com.br/api/v1/validate-pdf-signature/`

**Description:**\
This endpoint validates digital signatures in PDF files sent via request. The verification returns whether the document is valid or invalid.

The criteria for a document to be considered valid are:

* The document has one or more digital signatures.
* All signatures contained in the file were made by ZapSign.
* All signatures in the file are cryptographically valid.
* The document has not been altered after being signed.
* There are no signatures rejected by the signer.
* There are no pending signatures.

In case of an invalid document, the endpoint returns a message with the reason why it was invalidated.

**How to Use:**

Send a POST request in `multipart/form-data` format containing the PDF file in the `file` field.

**Headers**

| Key          | Value               |
| ------------ | ------------------- |
| Content-Type | multipart/form-data |

**Request Body (form-data)**

| Key  | Type       | Description              |
| ---- | ---------- | ------------------------ |
| file | file (PDF) | PDF file to be validated |

**Response Body (JSON)**

| Key         | Type    | Description                                                    |
| ----------- | ------- | -------------------------------------------------------------- |
| isValid     | Boolean | `true` if the file is signed and valid, and `false` if invalid |
| message     | Text    | Message regarding the validation result                        |
| authority   | Text    | Common Name of the Certifying Authority                        |
| signingDate | Text    | Signing date formatted dd/mm/YYYY hh:mm:ss                     |
| commonName  | Text    | Common Name of the signature (ZapSign)                         |

**Response Examples:**

**Valid Document:**

<mark style="color:green;">`200: OK`</mark>

```json
{
    "isValid": true,
    "message": "Document signed correctly (CN=ZAPSIGN) and without subsequent notes.",
    "authority": "AC Certisign Multipla G7",
    "signingDate": "11/19/2024 14:34:58",
    "commonName": "ZAPSIGN PROCESSAMENTO DE DADOS LTDA"
}
```

**Invalid Document:**

<mark style="color:green;">`200: OK`</mark>

<pre class="language-json"><code class="lang-json"><strong>{
</strong>    "isValid": false,
    "message": "Signature Signature1 does not cover the whole document",
    "authority": "N/A",
    "signingDate": "N/A",
    "commonName": "N/A"
}
</code></pre>