Sigstore · Example Payload

Sigstore Get Signing Cert Example

Certificate AuthorityCode SigningContainersCryptographyOpen SourcePKISecuritySoftware Supply ChainTransparency Log

Sigstore Get Signing Cert Example is an example object payload from Sigstore, with 3 top-level fields. It illustrates the shape of data this provider's APIs accept or return.

Top-level fields

examplerequestresponse

Example Payload

Raw ↑ 
{
  "example": "Request a short-lived signing certificate from Fulcio",
  "request": {
    "method": "POST",
    "path": "/api/v2/signingCert",
    "url": "https://fulcio.sigstore.dev/api/v2/signingCert",
    "headers": {
      "Authorization": "Bearer <OIDC-ID-TOKEN>",
      "Content-Type": "application/json"
    },
    "body": {
      "credentials": {
        "oidcIdentityToken": "<OIDC-ID-TOKEN>"
      },
      "publicKeyRequest": {
        "publicKey": {
          "algorithm": "ECDSA",
          "content": "LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0K...<base64-encoded-public-key>"
        },
        "proofOfPossession": "MEYCIQCx...<base64-encoded-signature-of-email>"
      }
    }
  },
  "response": {
    "status": 200,
    "body": {
      "signedCertificateEmbeddedSct": {
        "chain": {
          "certificates": [
            "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0t...<leaf-cert>",
            "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0t...<intermediate-cert>",
            "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0t...<root-cert>"
          ]
        }
      }
    }
  }
}