Getting started

Base URL

All requests go to:

https://signex.kz/api

1. Authentication

Sign in via POST /api/auth/login. The server sets a __Host-Signex.Auth cookie. Include it in every subsequent request along with the X-XSRF-TOKEN header for mutating requests.

curl

# Sign in and save cookie
curl -c cookies.txt -X POST https://signex.kz/api/auth/login \
  -H "Content-Type: application/json" \
  -d '{"email":"you@example.com","password":"your-password"}'

TypeScript (fetch)

const res = await fetch("https://signex.kz/api/auth/login", {
  method: "POST",
  credentials: "include",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({ email: "you@example.com", password: "your-password" }),
});
if (!res.ok) throw new Error(`Login failed: ${res.status}`);

2. List certificates

GET /api/cert/mine returns all certificates for the current user.

curl

curl -b cookies.txt https://signex.kz/api/cert/mine

TypeScript (fetch)

const res = await fetch("https://signex.kz/api/cert/mine", {
  credentials: "include",
});
const { items } = await res.json();
// items: CertSummary[]

Example response

{
  "items": [
    {
      "id": "8f7b25d8-4e1a-4c3d-9b12-aef301234567",
      "iin": "123456******",
      "fullName": "AKHMETOVA AIGUL ERKINOVNA",
      "thumbprint": "a1b2c3d4e5f6...",
      "algorithm": "GOST3410-2022",
      "isPrimary": true,
      "validity": {
        "notBeforeUtc": "2024-03-14T10:32:11Z",
        "notAfterUtc":  "2027-03-14T10:32:11Z"
      },
      "status": "valid",
      "template": "Individual",
      "linkedAt": "2025-01-10T08:45:00Z"
    }
  ],
  "total": 1
}

3. Certificate details

GET /api/cert/{id} returns the full certificate record including OID extensions.

curl -b cookies.txt \
  https://signex.kz/api/cert/8f7b25d8-4e1a-4c3d-9b12-aef301234567

Rate limits

Next steps

• → OpenAPI spec will be available at /api/openapi.json
• → Questions and bug reports — contact page
• → Business integration and Pro API access — contact sales