What is the SAS API?

Secure App Service (SAS) is a web-based application that lets software developers to request Symantec for digitally signing their source code or other documents. Code signing verifies the identity of a software developer, indicates whether the developer is trusted, and alerts users if the software was modified after signing.

SAS includes a Simple Object Access Protocol (SOAP) web service interface (API) that helps service providers and publishers perform their code signing and workgroup management activities. SAS refers to a service provider account as Service Manager and a publisher account as Workgroup.

This API service supports the SOAP 1.1 and 1.2 (Document Literal) protocols.

To get started with the SAS API

  1. Workgroup admins can add API users from the SAS portal. Once the API user is added, we send the API account username, password creation link, and client authentication certificate pickup link to the email address of that API user. Alternatively, you can also ask your Service Manager to contact Symantec to add the API role to your SAS user and send your invitation email. See Getting your credentials and client certificate for two factor authentication.
  2. Pick up and install your client certificate for making API requests with two factor authentication. See Picking up and installing your client certificate for two factor authentication.
  3. Set up your development environment. If developing in Java or C#, generate classes from the WSDL document. See Generating Java or C# classes from the WSDL document.
  4. Work with Symantec or your service manager to decide what signing services you need. See Deciding what signing services you need.