Step 2: Calculate the Signature with a Private Key
To create the signature, you must use the private key of the certificate that was registered for your organization on the IRB Exchange. This should be loaded by your client app from a secure certificate storage application. Use this private key to sign/encrypt the hashed canonical request. Please reference the cryptography-related information for the programming language of your choice, then encode the results of the encryption using base-64 encoding.
You use the signature as one of the parameters in the construction of the Authorization
header in Step 3.