How to sign system user token

In this article

    Before requesting a new system user ticket, you have to sign your system user token with your RSA private key.

    The SignedSystemToken element has the following format:

    • plain text system user token
    • a period (.)
    • a UTC date time formatted as YYYYMMddhhmm using leading zeros
    • a period (.)
    • a Base64 encoded, signed version of the first 3 items

    For example:

    System User Token.YYYYMMDDHHMM.mwhpYcNBfFqEaL0uLkCwXB99sM/Wo7DOnhjRwsmwNAd2EmBM1z+Co=


    You can get the SuperOffice public key from in the online-sdk-downloads.

    To sign the token:

    1. Concatenate the first 3 items: PLAINTEXT_TOKEN.TIMESTAMP

    2. Using the partner's private certificate key, sign the concatenated items

    3. Base64 encode the signed result

    Signing with JavaScript

    const utcTimestamp = moment.utc().format('YYYYMMDDHHmm');
    const data = `YOUR_SYSTEM_USER_TOKEN.${utcTimestamp}`;
    let sign = crypto.createSign('SHA256');
    sign = sign.sign(rsaPrivateKey, 'base64');
    const signedToken = `${data}.${sign}`;

    Signing with PHP

    $systemUserTokenAndTime = Application Name-pzqc70604i.201511111342
    $signature = signVariable($systemUserTokenAndTime)
    $signedSystemToken = $systemUserTokenAndTime + "." + base64_encode($signature)