Elections API Help Center
Click here to see this page in full context
 
  1. Home  >  
  2. Elections API Help Center >
  3. Developer Guide >
  4. Requesting Digital Signatures
 
 

Requesting Digital Signatures

 
ON THIS PAGE          HideON THIS PAGE          Show
  1. Overview
  2. Optional Request Parameter and Response Header
  3. Public Keys

 

 

Overview

To validate the authenticity of the returned data, you can use the optional includesignature parameter in the Elections, Election Reports or AP VoteCast request to receive a digital signature in the HTTP response headers. Elections API supports these validation methods:

  • SHA-256 can be validated using online tools; for example, the HMAC SHA-256 online tool.

  • EdDSA requires a custom coding solution. The crypto standard is Ed25519.

Optional Request Parameter and Response Header

  • When you specify includesignature=sha256 in the request, the API returns an HTTP response header with a Base64 string digital hash; for example:

    AP_SIGNATURE_SHA256:4jibk0xxXclAi5heTUCArWuosn5Ye+GYE0dWfgdm7wg=

  • If includesignature=eddsa is specified in the request, the Base64 string digital hash in the HTTP response header might look something like this:

    AP_SIGNATURE_EDDSA:7HsEepnryfyUjaLUzacjT0n7D05/imTu9dITBJ/Rh5hcu9BlsSIcVdWY/c+QTJQbcLMYx1l8BZbhUfCd8dXBAw==

Public Keys

  • To validate the SHA-256 signature, use this AP public key: 13c816496f281e01198ca3afe052326be11e8d34dd8200fcd537f45a2e414a08

  • To validate the EdDSA signature, use this AP public key: BQP15zpzZ7zATz20V+C/NZhWY9GSlrbIGMC2inm7gK8=

  

 

 

 

 

If you still require additional assistance, please contact AP Customer Support.

For current system status or system maintenance information, please visit the AP Customer Zone website.

 

 

 
 

 

 

 

THE ASSOCIATED PRESS

© copyright 2025  Associated Press. All rights reserved.