Code Signing

Signpath

Learn how to use Signpath with Composio

Overview

SLUG: SIGNPATH

Description

SignPath is a code signing service that integrates with your build system to automate the signing of your software artifacts, ensuring their authenticity and integrity.

Authentication Details

generic_api_key
stringRequired

Connecting to Signpath

Create an auth config

Use the dashboard to create an auth config for the Signpath toolkit. This allows you to connect multiple Signpath accounts to Composio for agents to use.

1

Select App

Navigate to Signpath.

2

Configure Auth Config Settings

Select among the supported auth schemes of and configure them here.

3

Create and Get auth config ID

Click “Create Signpath Auth Config”. After creation, copy the displayed ID starting with ac_. This is your auth config ID. This is not a sensitive ID — you can save it in environment variables or a database. This ID will be used to create connections to the toolkit for a given user.

Connect Your Account

Using API Key

1from composio import Composio
2
3# Replace these with your actual values
4signpath_auth_config_id = "ac_YOUR_SIGNPATH_CONFIG_ID" # Auth config ID created above
5user_id = "0000-0000-0000"  # UUID from database/app
6
7composio = Composio()
8
9def authenticate_toolkit(user_id: str, auth_config_id: str):
10    # Replace this with a method to retrieve an API key from the user.
11    # Or supply your own.
12    user_api_key = input("[!] Enter API key")
13
14    connection_request = composio.connected_accounts.initiate(
15        user_id=user_id,
16        auth_config_id=auth_config_id,
17        config={"auth_scheme": "API_KEY", "val": {"generic_api_key": user_api_key}}
18    )
19
20    # API Key authentication is immediate - no redirect needed
21    print(f"Successfully connected Signpath for user {user_id}")
22    print(f"Connection status: {connection_request.status}")
23    
24    return connection_request.id
25
26
27connection_id = authenticate_toolkit(user_id, signpath_auth_config_id)
28
29# You can verify the connection using:
30connected_account = composio.connected_accounts.get(connection_id)
31print(f"Connected account: {connected_account}")

Tools

Executing tools

To prototype you can execute some tools to see the responses and working on the Signpath toolkit’s playground

Python
1from composio import Composio
2from openai import OpenAI
3import json
4
5openai = OpenAI()
6composio = Composio()
7
8# User ID must be a valid UUID format
9user_id = "0000-0000-0000"  # Replace with actual user UUID from your database
10
11tools = composio.tools.get(user_id=user_id, toolkits=["SIGNPATH"])
12
13print("[!] Tools:")
14print(json.dumps(tools))
15
16def invoke_llm(task = "What can you do?"):
17    completion = openai.chat.completions.create(
18        model="gpt-4o",
19        messages=[
20            {
21                "role": "user",
22                "content": task,  # Your task here!
23            },
24        ],
25        tools=tools,
26    )
27
28    # Handle Result from tool call
29    result = composio.provider.handle_tool_calls(user_id=user_id, response=completion)
30    print(f"[!] Completion: {completion}")
31    print(f"[!] Tool call result: {result}")
32
33invoke_llm()

Tool List

Tool Name: List Certificates

Description

Tool to retrieve the list of certificates for an organization.

Action Parameters

organization_id
stringRequired

Action Response

data
objectRequired
error
string
successful
booleanRequired

Tool Name: List Projects

Description

Tool to list all projects for an organization. Use after confirming the organization ID to retrieve and paginate project records.

Action Parameters

organization_id
stringRequired
skip
integer
take
integer

Action Response

data
objectRequired
error
string
successful
booleanRequired

Tool Name: Retrieve Signing Policy Details

Description

Tool to retrieve details about signing policies for the current organization. Use when needing to list available signing policies prior to selecting one.

Action Parameters

Action Response

data
objectRequired
error
string
successful
booleanRequired

Tool Name: Retrieve System Info

Description

Tool to retrieve SignPath system information including product, API version, environment details, and UI base URL. Use after authentication to fetch the current system metadata.

Action Parameters

Action Response

data
objectRequired
error
string
successful
booleanRequired