Government Portal Integration

Integrate SecureSign with government and compliance portals.

Overview

SecureSign supports CCA-compliant DSC signing for Indian government portals. Replace Java applets, emSigner, and browser extensions with the SecureSign Mobile App (mobile) or SecureSign Desktop Software (Windows, Linux, macOS desktop browsers).

Integration Flow

Platform Overview Mobile App and Desktop Software (same securesign:// deep link) MOBILE PATH DESKTOP PATH Browser 1 Portal 2 Hash DEEP LINK 3 securesign://sign ?requestId&hashBase64 4 Mobile App 5 DSC Token CALLBACK callbackUrl?ss_result=... Browser JS 1 Portal DEEP LINK 2 securesign://sign opens Desktop Software 3 Token, cert, PIN callbackUrl 4 Desktop Software 5 DSC Token signatureBase64 to browser Product UI (both paths) Mobile App DSC Rajesh K. 4A3B..1D PIN Sign with DSC Narrow phone — Android / iOS Desktop Software DSC Sign Rajesh K. | 4A3B2C1D valid 2027 Sign with DSC Wide window — Windows / Linux / macOS No public SDK — Mobile App + Desktop Software only | Enterprise SDK: contact enterprise@toolsbots.com
Mobile: SecureSign Mobile App deep link | Desktop: SecureSign Desktop Software
  1. Portal generates document hash (SHA-256) on server
  2. User clicks Sign with DSC
  3. Portal invokes SecureSign via securesign://sign deep link (Mobile App or Desktop Software)
  4. User signs with DSC token + PIN
  5. Portal receives signature and uploads to government backend

CCA Compliance & Multi-Vendor DSC

SecureSign supports Class 2 and Class 3 DSC tokens issued by Certifying Authorities licensed by the Controller of Certifying Authorities (CCA), Government of India. Certificate chain validation, CRL, and OCSP checks run via the Certificates API.

Supported Certifying Authorities

The following CCA-licensed CAs are supported. Full details and token detection behaviour are documented on Device & Token — Supported DSC Vendors.

  • eMudhra, Capricorn, (n)Code Solutions, GNFC
  • VSign (Verasys Technologies), IDSign, SignX, Pantasign, XtraTrust
  • SafeScrypt (Sify Technologies), CDSL Ventures, ProDigiSign, Care4Sign
  • CSC (Common Service Centre)
  • NIC — government entities only

Requirements

  • Register portal domain in SecureSign Admin Console
  • Use live API key (ss_live_) in production
  • HTTPS callback URLs only
  • Submit audit logs for compliance via Audit Logs API

Portal-specific guides: GST / MCA / GeM / eTender