Skip to main content

Overview

The Alta Multes API uses mutual TLS authentication with client and server certificates. Both the client and server must present valid certificates to establish a secure connection.
The same certificate can be used for both pre-production (testing) and production environments.

Certificate Requirements

Obtaining a Certificate

Before accessing the API, you must:
1

Download the adhesion form

Download the adhesion form from the ORGT repository.
2

Complete the form

Fill out all required fields in the adhesion form with your organization’s details.
3

Get mayoral signature

The form must be signed by the Mayor (Alcalde/ssa) of the municipality.
4

Submit via EACAT

Send the signed form to ORGT through the EACAT platform.
5

Provide certificate public key

Include the public key of your certificate in the adhesion process. ORGT must install this public key on their servers before you can access the API.
The ORGT servers must have your certificate’s public key installed before you can make API calls. Plan for processing time in your implementation timeline.

Accessing API Endpoints

Base URLs

The API is available at two environments:
EnvironmentBase URL
Productionhttps://pda.orgt.diba.cat/RestMultesPDA/svcMultesPDA.svc/rest/
Pre-productionhttps://pdaprv16.orgt.diba.cat/RestMultesPDA/svcMultesPDA.svc/rest/

Making Authenticated Requests

Every request must include your client certificate. The endpoint is appended to the base URL:
Example: ObtenirRang Endpoint
https://pdaprv16.orgt.diba.cat/RestMultesPDA/svcMultesPDA.svc/rest/ObtenirRang?pImei=123&pEstat1=1&pEstat2=1

Certificate Setup Examples

curl --cert /path/to/client-cert.pem \
     --key /path/to/client-key.pem \
     --cacert /path/to/ca-cert.pem \
     "https://pdaprv16.orgt.diba.cat/RestMultesPDA/svcMultesPDA.svc/rest/ObtenirRang?pImei=123&pEstat1=1&pEstat2=1"

Accessing API Documentation

Your certificate is also required to access the API specification resources:
You can cancel the certificate request when accessing the WSDL to view field names and descriptions, which are the same for both SOAP and REST versions.

Troubleshooting

Common Authentication Issues

ErrorCauseSolution
SSL handshake failedCertificate not installed on ORGT serversContact ORGT to verify your public key is installed
Certificate verification failedWrong CA certificateEnsure you’re using the correct CA certificate provided by ORGT
Connection refusedCertificate/key mismatchVerify your certificate and private key match
403 ForbiddenCertificate not authorizedConfirm your certificate was submitted in the adhesion process

Security Best Practices

Protect your private key:
  • Never commit private keys to version control
  • Store keys in secure, encrypted storage
  • Restrict file permissions (e.g., chmod 600 on Unix systems)
  • Rotate certificates before expiration
Test your certificate setup in the pre-production environment before attempting to connect to production.

Build docs developers (and LLMs) love

Get started for freeTalk to us