Skip to content

Integration implementation

Getting started

System registration and service access

MPower authenticates third-party systems by the certificate serial number. Third-party systems must be registered in MPass before calling the API methods.

MPower API methods are accessible only from registered IP addresses.

To request access, send an email to suport.mpower@egov.md with the following information: the IP address or the VPN associated with a private IP address, and the certificate serial number.

Obtaining access data

To integrate with the service, you need certificates issued by the Information Technology and Cyber Security Service (STISC). For details on obtaining/extending the public key certificate, please visit https://stisc.gov.md/ro/semnatura-electronica.

Service environments

Integration is performed via REST API. The API methods can be accessed in the test environment and in the production environment:

Environment MPower service URL
Test https://mpower.staging.egov.md:8443/clients-api/swagger/index.html
Production https://mpower.gov.md:8443/clients-api/swagger/index.html

Important

It is mandatory to perform integrations and related testing in the test environment.

Integration testing

Test cases

Here are some basic test cases that could be added to the test suite that integrates with MSign.

Case #1

Test Case ID TC_FUNCT_01
Description Verify the successful integration of the e-Service and MSign
Applicable for List of browsers as specified in requirements
Requirements REQ_FUNCT_XX
Initial Conditions Open the e-Service under test in a browser window. Go through the e-Service web pages, enter the data or upload the document to be signed and navigate to the page with Sign button, in order to perform the signing.
Step Task Expected Result Actual Result
1 Click the Sign button. The MSign sign page is displayed to the user. Pass / Fail
2 Select the first signing instrument and enter the data related to the selected instrument. Submit data. The browser re-displays the e-Services page, requested signatures being successfully provided. Pass / Fail
3 Repeat previous step (Step2) for each available signing instrument. The browser re-displays the e-Services page, requested signatures being successfully provided. Pass / Fail

Case #2

Test Case ID TC_FUNCT_02
Description Verify failed signing by cancelling the signature process
Applicable for List of browsers as specified in requirements
Requirements REQ_FUNCT_XX
Initial Conditions Open the e-Service under test in a browser window. Go through the e-Service web pages, enter the data or upload the document to be signed and navigate to the page with Sign button, in order to perform the signing.
Step Task Expected Result Actual Result
1 Click the Sign button. The MSign sign page is displayed to the user. Pass / Fail
2 Select a signing instrument that asks for a PIN or confirmation while signing (such as Mobile Signature) and cancel the signing MSign displays that signature failed with a meaningful reason. Pass / Fail
3 Review the MSign message and click OK to continue The browser re-displays the e-Services page that clearly shows that the signature failed.
Note that calling GetSignResponse for this request will return a response with SignStatus = Failure		 Pass / Fail

Case #3

Test Case ID TC_FUNCT_03
Description Check sign request re-sending
Applicable for List of browsers as specified in requirements
Requirements REQ_FUNCT_XX
Initial Conditions Open the e-Service under test in a browser window. Go through the e-Service web pages, enter the data or upload the document to be signed and navigate to the page with Sign button, in order to perform the signing.
Step Task Expected Result Actual Result
1 Click the Sign button. The MSign sign page is displayed to the user. Pass / Fail
2 Go back to the e-Service page and click Sign button again. The MSign sign page is displayed to the user. Pass / Fail

Case #4

Test Case ID TC_FUNCT_04
Description Check correct error handling
Applicable for List of browsers as specified in requirements
Requirements REQ_FUNCT_XX
Initial Conditions Open the e-Service under test in a browser window. Go through the e-Service web pages, enter the data or upload the document to be signed and navigate to the page with Sign button, in order to perform the signing.
Step Task Expected Result Actual Result
1 Use some invalid data (such as invalid ExpectedSigner.ID, invalid MSISDN) and click the Sign button. The e-Service displays some error message and does not redirect to MSign. Pass / Fail

Case #5

Test Case ID TC_FUNCT_05
Description Check valid signature verification functionality
Applicable for List of browsers as specified in requirements
Requirements REQ_FUNCT_XX
Initial Conditions Sign some data or document in the integrated e-Service (i.e. follow TC_FUNCT_01) and navigate to the page with Verify button, in order to perform the verification.
Step Task Expected Result Actual Result
1 Click on Verify button. The e-Service displays a clearly visible successful signature verification result. Pass / Fail

Case #6

Test Case ID TC_FUNCT_06
Description Check valid signature verification functionality
Applicable for List of browsers as specified in requirements
Requirements REQ_FUNCT_XX
Initial Conditions Sign some data or document in the integrated e-Service (i.e. follow TC_FUNCT_01) and navigate to the page with Verify button, in order to perform the verification. Modify the signed data, document or the actual signature (if possible) directly in the database or in the resulting binary files.
Step Task Expected Result Actual Result
1 Click on Verify button. The e-Service displays a clearly visible failed signature verification result. Pass / Fail

Integrations review and audit

There are no special requirements related to integration review.