> ## Documentation Index
> Fetch the complete documentation index at: https://docs.futurex.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Step 5: Submit a signing request

> Submit a base64 payload as a signing request and, if required, approve it.

Base64-encode the payload you want to sign and submit it with `POST /api/v2/x509/signing-requests`, referencing the service and the policy from Step 4. The payload goes in `uploadData` as base64.

<Steps>
  <Step title="Encode the payload">
    ```bash lines wrap title="Prepare the payload" theme={null}
    PAYLOAD_B64=$(printf 'hello, cryptohub code signing' | base64)
    ```
  </Step>

  <Step title="Submit the signing request">
    ```bash expandable lines wrap title="POST /api/v2/x509/signing-requests" theme={null}
    curl -sk "${AUTH[@]}" -b "$CJ" -X POST \
      "$B/api/v2/x509/signing-requests" \
      -H 'Content-Type: application/json' \
      -d @- <<JSON
    {
      "name": "rest-api-demo-1",
      "serviceUuid": "$SERVICE",
      "policyUuid": "$POLICY",
      "uploadData": "$PAYLOAD_B64"
    }
    JSON
    ```

    ```json lines wrap title="Response" theme={null}
    {
      "success": true,
      "errorCode": "Success",
      "response": {
        "uuid": "060000ee-....-............"
      }
    }
    ```

    ```bash lines wrap theme={null}
    REQUEST=060000ee-....-............   # response.uuid
    ```
  </Step>
</Steps>

## Approvals

Because the policy in this guide was deployed with `numApprovals: 0`, the request is **signed immediately**: its `state` becomes `Signed` without any further action. If the policy requires approvals (`numApprovals` greater than `0`), the request stays in the `Approval` / `Pending` state until enough approvers act on it:

```bash lines wrap title="POST /api/v2/x509/signing-requests/{uuid}/approve" theme={null}
curl -sk "${AUTH[@]}" -b "$CJ" -X POST \
  "$B/api/v2/x509/signing-requests/$REQUEST/approve" \
  -H 'Content-Type: application/json' \
  -d '{"note":"approved via REST API"}'
```

```json lines wrap title="Approve response" theme={null}
{
  "success": true,
  "errorCode": "Success",
  "response": {
    "signature": "MIIG...base64-CMS..."
  }
}
```

The companion endpoint `POST /api/v2/x509/signing-requests/{uuid}/deny` rejects a request. The `state` enum on a signing request is one of `None`, `Approval`, `Signed`, `Failed`, or `Denied`; the `approvalState` enum is `None`, `Pending`, `Approved`, or `Denied`.
