Skip to content

Digital signatures (p7m)

On the Invoicetronic API you can store both digitally signed and unsigned invoices. Optionally, the API can apply a digital signature to an uploaded invoice, sparing you the process of signing it locally before the upload (which can be complex and costly).

By default, the API will automatically sign unsigned invoices for Public Authority offices, as a signature is mandatory for them. Documents for private businesses are untouched unless you explicitly request the API to sign them. You can opt out of this behaviour at any time, as you can activate or deactivate the signature feature on each individual upload.

Benefits of signing

  • Certified integrity and authenticity — ensures the document has not been tampered with and originates from you
  • Stronger evidential value — in the event of a legal dispute, a qualified digital signature has full evidential value under the Italian Civil Code and the eIDAS Regulation
  • Perceived professionalism — in some sectors (e.g. large private contracts, dealings with multinational companies) it may be required or appreciated
  • Compliance with international standards — useful if you have international clients accustomed to digitally signed documents

When signing makes sense

  • You are a law firm, notary office, or consultancy with clients who require documents with strong evidential value
  • You issue invoices to large companies or international groups that require it in their internal processes
  • You want to align your processes with those used for public authorities, where signing is mandatory

How to apply signatures via API

Digital signatures are controlled by the signature query parameter, available on all invoice upload POST endpoints (/send, /send/file, /send/xml, /send/json).

Value Behavior
signature=Apply Applies a digital signature to the invoice
signature=None Does not apply any signature, even for FPA12 documents
(omitted) Default behavior (see below)

curl example

curl -u "YOUR API KEY": \
  -F "file=@path/to/file/filename.xml" \
  https://api.invoicetronic.com/v1/send/file?signature=Apply

Once the signature is applied, the file name is updated accordingly (filename.xml becomes filename.xml.p7m). If the uploaded document is already signed, no operation is performed in order to preserve the original signature.

API response

The response body reflects the changes made to the document:

{
  ...
  "file_name": "filename.xml.p7m",
  "format": "FPR12",
  "payload": "MII...",
  ...
  "encoding": "Base64",
  "id": 225,
  "created": "2025-01-23T16:55:51.491271Z",
}

The .p7m extension has been added to file_name. Since the content is now digitally signed, payload is Base64-encoded, and the encoding property reflects this.

Default behavior

By default, signatures are automatically applied to unsigned documents meant for Italian public authorities (FPA12 invoice type), as they would be otherwise rejected (1).

  1. You can opt out (?signature=None) and let public authority invoices go out unsigned, although a better course of action would be to sign them yourself before uploading.

Signatures in Sandbox

In the Sandbox, signatures are fully functional and free of charge. A self-signed test certificate (CN: InvoiceApiSandbox) will be used.

Signatures in the live environment

To apply digital signatures in the live environment, you need to purchase a signature package. Without an active package, no signatures will be applied, not even automatically for documents meant for public authorities. For information on signature packages, see the pricing page.