GST / MCA / GeM / eTender
Portal-specific signing integration guides.
GST Portal
GST returns and filings use hash signing on return XML. Generate the hash server-side, then redirect the user to the SecureSign deep link.
- Server generates SHA-256 hash of return XML (base64)
- Redirect browser to
securesign://signwithdocumentType=hash - Mobile App or Desktop Software signs and returns to
callbackUrl - Upload
signatureBase64to GST API
$params = http_build_query([
'requestId' => bin2hex(random_bytes(16)),
'hashBase64' => base64_encode(hash('sha256', $doc, true)),
'hashAlgo' => 'SHA256',
'documentType' => 'hash',
'callbackUrl' => 'https://portal.example.gov.in/sign/callback',
'apiKey' => 'ss_live_abc123xyz'
]);
header('Location: securesign://sign?' . $params);MCA Portal
MCA filings use PDF and XML signing. Use the same deep link with documentType=pdf or documentType=xml and include documentBase64 when required.
| Document | Deep link |
|---|---|
| PDF forms | documentType=pdf + documentBase64 |
| XML filings | documentType=xml + document payload |
GeM Portal
GeM bid submissions typically require PDF signing with visible signature appearance. Pass documentType=pdf and appearance parameters via deep link query string. See Signature Customization.
eTender Portals
eTender workflows combine hash signing for bid hashes and PDF signing for tender documents. Use documentType=hash or documentType=pdf on the same securesign://sign handoff.