Skip to content

Cybersign Sponsored Onboarding & Signing API (1.1.0)

API endpoints for Cybersign's sponsored user onboarding flow, including authentication, data enrichment, phone verification, KYC status check, document signing preparation (upload/download URLs), certificate management, and document signing.

Download OpenAPI description
openapi.json
openapi.yaml
Languages
Servers
Mock server

https://docs.cybersign.gt/_mock/openapi/

Production Server

https://api.cybersign.com/v1/

Authentication

Operations related to user signup initiation and login.

Operations

Onboarding

Operations related to the user onboarding process after initial login, including data submission, phone verification, and status checks.

Operations

Submit and Enrich Personal Data

Request

Submits user-provided personal data (DPI, phone, address) for a specific onboarding process. Cybersign enriches this data using government/external sources and returns the combined data for user review. Triggered when the company shows the initial info form to the end user.

Security
user_bearer_auth
Path
onboarding_process_ulidstring(ulid)required

The unique identifier (ULID) for the user's onboarding process, obtained after login confirmation.

Example: 01ARZ3NDEKTSV4RRFFQ69G5FAV
Bodyapplication/jsonrequired
dpistringrequired

Documento Personal de Identificación (e.g., Guatemalan National ID number). Define specific format constraints if known.

Example: "1234567890101"
telephonestringrequired

The user's primary phone number, including country code (E.164 format recommended).

Example: "+50212345678"
addressstringrequired

The user's primary residential address.

Example: "1 Calle 1-23 Zona 4, Guatemala City"
curl -i -X POST \
  https://docs.cybersign.gt/_mock/openapi/onboarding/01ARZ3NDEKTSV4RRFFQ69G5FAV/data-enrichment \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "dpi": "1234567890101",
    "telephone": "+50212345678",
    "address": "1 Calle 1-23 Zona 4, Guatemala City"
  }'

Responses

Personal data successfully submitted and enriched. Returns the combined data for user review.

Bodyapplication/json
full_namestringrequired

The user's full name as retrieved from verified sources.

Example: "Juan José Pérez López"
date_of_birthstring(date)required

The user's date of birth as retrieved from verified sources.

Example: "1990-05-15"
national_id_numberstringrequired

The user's national ID number (e.g., DPI) as retrieved/verified.

Example: "1234567890101"
tax_idstring or null

The user's tax identification number (e.g., NIT), if available/retrieved. Null if not found or applicable.

Example: "1234567-8"
telephonestringrequired

The user's primary phone number, including country code (E.164 format recommended).

Example: "+50212345678"
addressstringrequired

The user's primary residential address.

Example: "1 Calle 1-23 Zona 4, Guatemala City"
Response
application/json
{
  "full_name": "Juan José Pérez López",
  "date_of_birth": "1990-05-15",
  "national_id_number": "1234567890101",
  "tax_id": "1234567-8",
  "telephone": "+50212345678",
  "address": "1 Calle 1-23 Zona 4, Guatemala City"
}

Request Phone Verification OTP

Request

Requests an OTP to be sent via SMS to the phone number associated with the specified onboarding process (previously submitted via data-enrichment). Trigger this after the user confirms the enriched data presented by the Company.

Security
user_bearer_auth
Path
onboarding_process_ulidstring(ulid)required

The unique identifier (ULID) for the user's onboarding process.

Example: 01ARZ3NDEKTSV4RRFFQ69G5FAV
curl -i -X POST \
  https://docs.cybersign.gt/_mock/openapi/onboarding/01ARZ3NDEKTSV4RRFFQ69G5FAV/phone/send-otp \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

Accepted. The request to send an SMS OTP has been accepted and is being processed.

Response
No content

Confirm Phone Number via OTP

Request

Submits the OTP received via SMS to verify the phone number associated with the onboarding process. On success, returns the URL for the next onboarding step (KYC/identity verification).

Security
user_bearer_auth
Path
onboarding_process_ulidstring(ulid)required

The unique identifier (ULID) for the user's onboarding process.

Example: 01ARZ3NDEKTSV4RRFFQ69G5FAV
Bodyapplication/jsonrequired
otpstringrequired

The One-Time Password received by the user via SMS.

Example: "654321"
client_idstringrequired

The OAuth client_id of the company initiating the request.

Example: "aBcDeFgHiJkLmNoPqRsT"
curl -i -X POST \
  https://docs.cybersign.gt/_mock/openapi/onboarding/01ARZ3NDEKTSV4RRFFQ69G5FAV/phone/confirm-otp \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "otp": "654321",
    "client_id": "aBcDeFgHiJkLmNoPqRsT"
  }'

Responses

Phone number successfully verified. Returns the URL for the next step (KYC).

Bodyapplication/json
kyc_urlstring(url)required

The URL the user should be redirected to for the KYC/identity verification step.

Example: "https://id.cybersign.gt/start/01ARZ3NDEKTSV4RRFFQ69G5FAV"
Response
application/json
{
  "kyc_url": "https://id.cybersign.gt/start/01ARZ3NDEKTSV4RRFFQ69G5FAV"
}

Get KYC Verification Status

Request

Retrieves the current status of the Know Your Customer (KYC) verification step for the specified onboarding process. Provides details on liveness, face match, and document checks based on the results from the identity verification provider.

Security
user_bearer_auth
Path
onboarding_process_ulidstring(ulid)required

The unique identifier (ULID) for the user's onboarding process.

Example: 01ARZ3NDEKTSV4RRFFQ69G5FAV
curl -i -X GET \
  https://docs.cybersign.gt/_mock/openapi/onboarding/01ARZ3NDEKTSV4RRFFQ69G5FAV/kyc-status \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

KYC status retrieved successfully.

Bodyapplication/json
user_idstringrequired

User id.

Example: "27c7e9af-b519-4bec-a9c1-c7fd51aad8b6"
statusstringrequired

The overall status of a verification check or the entire process.

Enum"Approved""Rejected""Processing""RequiresReview""NotPerformed""Error"
Example: "Approved"
messagestring

Message explaining the rejection type.

Enum"Retry available""Do not retry"
Example: "Do not retry"
Response
application/json
{
  "user_id": "27c7e9af-b519-4bec-a9c1-c7fd51aad8b6",
  "status": "Approved",
  "message": "Do not retry"
}

Documents

Operations related to preparing documents for signing (upload/download) and performing the signature.

Operations

Certificates

Operations related to managing digital certificates.

Operations