API v1 (deprecated)
This page is for users/developers who wish to use Signify programmatically. This page documents API version 1, which will be deprecated on 31 July 2024.
Last updated
This page is for users/developers who wish to use Signify programmatically. This page documents API version 1, which will be deprecated on 31 July 2024.
Last updated
API version 1 endpoints will be deprecated on 31 July 2024.
This page is meant for developers, vendors, and IT administrators to understand how to generate the bearer token to access our API to create documents for signing.
Bearer authentication (also called token authentication) is an HTTP authentication scheme that involves security tokens called bearer tokens. Signify uses bearer authentication.
To generate the token, click on "API Integration" in the navigation bar. From there, click on Generate API key and copy the token. Use this key to start using Signify's API.
Keep the bearer token safe: You should not share the bearer token with anyone. Use services like 1Password to store it.
Signify's API uses API Key for authentication. User can view and manage API Keys in Signify API Dashboard.
Production secret keys will have production_v1_version prefix.
Authentication to the API is performed via bearer auth.
Sample CURL request:
All API requests must be made over HTTPS. Calls made over plain HTTP will fail and requests without authentication will also fail.
Signify API uses conventional API Error to indicate the success or failure of an API request.
| Status Codes | Description |
|---|---|
200 - OK | Everything worked as expected. |
400 - Bad Request | The request was unacceptable, often due to missing a required parameter. |
401 - Unauthorized | No valid API key provided. |
402 - Request Failed | The parameters were valid but the request failed. |
404 - Not Found | The requested resource doesn't exist. |
429 - Too Many Requests | Too many requests hit the API too quickly. We recommend an exponential backoff of your requests. |
500, 502, 503, 504 - Server Errors | Something went wrong on Signify's end. |
For all of Signify's APIs, Signify allows up to 100 requests per 10 seconds (subject to change).
| Environment | Endpoint |
|---|---|
Production | https://app.signify.gov.sg/public/ |
Staging | https://staging.signify.gov.sg/public/ |
POST /v1/documents
Content type
The request must be of type multipart/form-data.
Signing modes
We support two modes of signing invitation: (1) signing by email and (2) signing by link.
In signing by email, the API caller supplies the email addresses of the signatories, and an email invite is sent out by Signify to the signatories to sign the document.
In signing by link, no email addresses are supplied by the API caller. Signing links are returned to the API caller, who can then redirect their users to the signing link.
The signing mode is specified in the documentMode property of the request body.
The mandatory fields in request body are:
documentName - the document name
recipients - an array of {email: string, totalSignatures: number, customMessage?: string}
file - the file binary
The optional fields in the request body are:
documentMode - For signing by email, you may specify this to be email. If not specified, this will default to email.
| Property | Type | Required? | Restrictions |
|---|---|---|---|
documentName |
| Yes | Must have at least 4 characters and at most 100 characters. Only the following character set is allowed: |
recipients | An array of | Yes | Email addresses must be unique. totalSignatures must be between 1 and 20 per email. customMessage is an optional attribute of 1 to 1000 characters. The message will be sent out as part of the email invitation to the recipient. |
file |
| Yes | Up to 10MB |
documentMode |
| No, optional |
Sample CURL request:
Returns:
Explanation of fields returned:
| Field returned | What it means | Example |
|---|---|---|
| The unique identifier of the document | 5 |
The mandatory fields in request body are:
documentName - the document name
totalSignaturesByLink - a length 1 array of {totalSignatures: number}
file - the file binary
documentMode - this must be specified as link
| Property | Type | Required? | Restrictions |
|---|---|---|---|
documentName |
| Yes | Must have at least 4 characters and at most 100 characters. Only the following character set is allowed: |
| A length 1 array of | Yes | Array must be of length exactly 1 totalSignatures must be between 1 and 20. |
file |
| Yes | Up to 10MB |
documentMode |
| Yes |
Sample CURL request:
Returns:
Explanation of fields returned:
| Field returned | What it means | Example |
|---|---|---|
| The unique identifier of the document | 3 |
| The signing links for this document, in an array.
For each link, |
GET /v1/documents/:id
Sample CURL request:
Returns:
For signing by email:
For signing by link:
Explanation of fields returned:
| Field returned | What it means | Example |
|---|---|---|
| The unique identifier of the document | 6 |
| The name of the document, as specified during document creation | Document 1 |
| The url where the document file can be retrieved. | https://app.signify.gov.sg/api/v1/bucket/01hfkatk5tc2mgxq1wefhyn52d |
| The expiry time of the document, after which it can no longer be accessed | 2023-12-19T15:59:59.999Z |
| The creation time of the document | 2023-11-19T08:23:20.488Z |
| The status of the document. Either | signed |
| Details of the signing invitations sent out.
| |
| Type of signing for this document. Either | link |
DELETE /v1/documents/:id
Sample CURL request:
Returns:
The document file URL is only guaranteed to be valid for 30 minutes. You should refetch the URL again after that time.
