The STM API requires cryptographic credentials to be supplied for digital signing of content. These can come from anywhere but the interface expects these to be supplied as DER encoded byte arrays.
To retrieve such credentials using the ATOAKM SDK see Using AKM & getting credentials.