Abundera Sign API

Exchange a refresh token for a new access token and refresh token pair.

{
  "access_token": "eyJhbGciOi...",
  "refresh_token": "rt_abc123...",
  "expires_in": 900,
  "token_type": "Bearer"
}

Create a new signing envelope. Generates unique signing tokens per signer and sends invitation emails automatically.

{
  "template": "nda-standard",
  "signers": [
    {
      "email": "jane@example.com",
      "name": "Jane Doe",
      "role": "recipient",
      "phone": "+15551234567"
    },
    {
      "email": "bob@example.com",
      "name": "Bob Smith",
      "role": "company"
    }
  ],
  "fields": {
    "company_name": "Acme Corp",
    "effective_date": "2026-03-15"
  },
  "cc": [
    { "email": "legal@example.com", "name": "Legal Team" }
  ],
  "callback_url": "https://api.example.com/webhooks/sign",
  "message": "Please review and sign this NDA at your earliest convenience.",
  "sign_order": true,
  "expiry_days": 14,
  "retention_years": 7,
  "reminder_days": 3,
  "max_reminders": 5,
  "access_code": "8472",
  "geo_lock": ["US", "CA"],
  "block_vpn": true,
  "watermark": "CONFIDENTIAL",
  "footer": { "left": "Acme Corp", "right": "Confidential", "rule": true },
  "locked_fields": ["company_name"],
  "require_photo": "optional",
  "require_geolocation": "optional",
  "require_audio_statement": "required",
  "require_video_statement": "optional",
  "require_id_verification": "required",
  "require_kba": "optional",
  "ai_summary": true,
  "allow_delegate": false,
  "attach_pdf": true,
  "lang": "es",
  "embedded": false,
  "require_attachments": [
    { "name": "Government ID", "description": "Upload a photo of your ID", "required": true }
  ]
}

{
  "id": "e3f8a1b2-...",
  "status": "sent",
  "template_id": "nda-standard",
  "expires_at": "2026-04-04T12:00:00Z",
  "signers": [
    {
      "id": "s1a2b3c4-...",
      "email": "signer@example.com",
      "name": "Jane Doe",
      "role": "recipient",
      "status": "sent",
      "signing_url": "https://sign.abundera.ai/sign/?token=..."
    }
  ],
  "callback_secret": "a1b2c3..."
}

Note: signing_url is only returned per signer when embedded, test_mode, or in_person is true (email delivery is skipped in these modes).

List envelopes for the authenticated user. Without org_id, returns personal envelopes only. With org_id, returns all org envelopes (requires membership).

{
  "envelopes": [ ... ],
  "pagination": {
    "page": 1,
    "limit": 20,
    "total": 42,
    "pages": 3
  }
}

Get full envelope details including signers, audit event count, and comment count.

{
  "id": "e3f8a1b2-...",
  "template_id": "nda-standard",
  "template_name": "Standard NDA",
  "status": "sent",
  "sender_email": "you@company.com",
  "sender_name": "Your Name",
  "created_at": "2026-03-05T12:00:00Z",
  "expires_at": "2026-04-04T12:00:00Z",
  "has_access_code": false,
  "sign_order": false,
  "signers": [
    {
      "id": "s1a2b3c4-...",
      "email": "signer@example.com",
      "name": "Jane Doe",
      "role": "recipient",
      "status": "pending",
      "has_phone": true,
      "phone_verified": false,
      "reminder_count": 0
    }
  ],
  "audit_event_count": 3,
  "comment_count": 0
}

Check envelope status. Supports JWT (sender), signing token (signer), or public access for demo envelopes.

Void/cancel an in-flight envelope. Notifies all unsigned signers via email. Cannot void completed envelopes.

{
  "id": "e3f8a1b2-...",
  "status": "voided",
  "notified_signers": 2
}

400 Cannot void completed envelope   404 Not found

Send the same template to multiple recipients in one call. Each recipient gets their own envelope. Max 100 recipients. Only markdown templates are supported.

{
  "created": 8,
  "failed": 0,
  "envelopes": [
    { "id": "...", "recipient": "alice@example.com", "status": "sent" }
  ]
}

Create a demo envelope for testing. No authentication required. Returns signing URLs for immediate use. Max 90-day expiry.

{
  "envelope_id": "uuid",
  "signers": [
    { "id": "...", "signing_url": "https://sign.abundera.ai/sign/?token=..." }
  ],
  "expires_at": "2026-03-12T00:00:00Z"
}

Submit a signature for a document. Updates the signer record, checks if all signers have completed, and triggers completion flow (PDF generation, emails, webhook) when the last signer signs.

{
  "status": "signed",
  "all_signed": true,
  "download_url": "https://sign.abundera.ai/api/v1/download?envelope=...&token=...",
  "envelope_id": "e3f8a1b2-...",
  "signer_id": "s1a2b3c4-..."
}

400 Token/consent missing   404 Invalid token   409 Already signed/declined   410 Voided or expired

Decline to sign a document with a reason. Notifies the sender via email with the decline reason.

{
  "status": "declined",
  "envelope_id": "e3f8a1b2-...",
  "signer_id": "s1a2b3c4-..."
}

Send a reminder email to unsigned signers. Generates fresh signing tokens. Can target a specific signer or all unsigned.

{
  "envelope_id": "e3f8a1b2-...",
  "reminded": [{ "id": "...", "email": "...", "name": "..." }],
  "count": 1
}

Resend the signing invitation with a fresh token. Optionally update the signer's email address (reassignment).

{
  "signer_id": "s1a2b3c4-...",
  "email": "new-signer@example.com",
  "status": "sent"
}

Delegate signing responsibility to another person. The original signer is marked as delegated and a new signing invitation is sent to the delegate. Delegation can be chained up to 2 levels deep. The sender can disable delegation by setting allow_delegate: false in envelope metadata.

{
  "status": "delegated",
  "delegate_email": "delegate@example.com",
  "delegate_name": "Jane Delegate",
  "envelope_id": "e3f8a1b2-..."
}

400 Self-delegation, duplicate signer, max chain limit (2), validation error   403 Delegation disabled for this envelope   409 Already signed/declined/delegated   410 Voided, completed, or expired

Archive or unarchive an envelope. Only envelopes with completed or voided status can be archived. Archived envelopes are excluded from list results by default (use ?include_archived=true to include them).

{
  "id": "e3f8a1b2-...",
  "status": "archived",
  "archived_at": "2026-03-10T12:00:00Z"
}

{
  "id": "e3f8a1b2-...",
  "status": "unarchived"
}

400 Invalid action, wrong envelope status, already archived/not archived   404 Envelope not found or not owned

Download the completed signed PDF. Authenticated via JWT (sender) or download token (from completion email).

200 Returns application/pdf binary

Publicly verify a signed document's authenticity. Checks audit chain integrity, manifest hash, RFC 3161 timestamp, and GitHub anchor.

{
  "verified": true,
  "envelope": {
    "id": "e3f8a1b2-...",
    "status": "completed",
    "completed_at": "2026-03-05T12:00:00Z"
  },
  "signers": [
    {
      "name": "J****e D****e",
      "email": "j****e@example.com",
      "signed_at": "...",
      "viewing_duration_ms": 45200,
      "scroll_depth_pct": 100,
      "viewport": "1440x900",
      "ceremony_event_count": 12,
      "has_photo": true,
      "photo_permission": "granted",
      "geolocation": { "latitude": 36.1699, "longitude": -115.1398, "accuracy": 12 },
      "geolocation_permission": "granted"
    }
  ],
  "integrity": {
    "audit_chain_valid": true,
    "manifest_hash": "a1b2c3...",
    "document_hash": "d4e5f6...",
    "github_anchor": { "commit_sha": "...", "url": "..." },
    "rfc3161_timestamp": { "tsa_url": "...", "requested_at": "..." }
  }
}

Generate an automatically generated plain-English description of the document to help signers understand what they are signing. Results cached for 7 days (document content is immutable per envelope). This is a comprehension aid, not legal advice.

{
  "summary": "This is a standard NDA that...",
  "generated_at": "2026-03-05T12:00:00Z",
  "model": "claude-haiku-4-5-20251001",
  "cached": false
}

Retrieve rendered document HTML and field definitions for the signing page. Enforces access code and OTP gates if configured. Returns the signer's role, fields to fill, and document content.

{
  "html": "<h1>NDA Agreement</h1>...",
  "fields": [
    { "name": "company_name", "type": "text", "required": true }
  ],
  "signer_role": "counterparty",
  "template_name": "Mutual NDA",
  "features": { "ai_summary": true, "require_photo": "optional", "require_geolocation": null }
}

List available document templates. Returns global templates by default. Pass org_id to also include org-private templates (requires membership). Supports ?category=, ?tag=, and ?search= filters.

Create a new document template with markdown content and field definitions.

Retrieve a single template by ID, including full markdown content, fields, and metadata.

Update an existing template's name, description, fields, markdown, or metadata. All fields are optional — only provided fields are updated.

Delete a template. Fails with 409 if the template has active (non-voided) envelopes.

List all comments on an envelope, ordered by creation date.

Add a comment to an envelope. Max 2000 characters.

Get the full hash-chained audit trail for an envelope with integrity verification.

{
  "envelope_id": "e3f8a1b2-...",
  "chain_valid": true,
  "chain_errors": [],
  "event_count": 5,
  "events": [
    {
      "action": "created",
      "actor": "sender@example.com",
      "is_bot": false,
      "entry_hash": "a1b2c3...",
      "previous_hash": "",
      "created_at": "2026-03-05T12:00:00Z"
    }
  ]
}

Generate a court-ready "Declaration of Custodian of Records" PDF for a completed envelope. This legal declaration summarizes all technical measures used to authenticate the signing and can be filed as a court exhibit.

Returns application/pdf — a multi-page legal declaration document.

• Platform Description: Security measures, compliance (ESIGN Act, UETA)
• Document Details: Template, envelope ID, timestamps, geo-restrictions
• Signer Authentication: IP, country, VPN status, viewing duration, scroll depth, viewport, ceremony events, ESIGN consent, identity photo status, browser GPS coordinates
• Audit Chain Integrity: SHA-256 hash chain verification result
• Cryptographic Evidence: Manifest hash, PDF hash, GitHub anchor, RFC 3161 timestamp
• Public Verification: Link to verification page
• Records Custodian Statement: Business records declaration under penalty of perjury

Request a Court-Ready Declaration via email OTP verification. This is a two-step process: Step 1 submits the request and sends a verification code to the requester's email. Step 2 verifies the code. Signers on the envelope are auto-approved; third-party requesters (attorneys, courts) are queued for admin review. Supports file attachments (court orders, government ID) via multipart form data.

{
  "request_id": "a1b2c3d4-...",
  "email_sent": true,
  "email_masked": "j***@example.com",
  "expires_in_seconds": 600
}

{
  "verified": true,
  "status": "approved",
  "message": "Your declaration is ready. A one-time download link has been sent to your email."
}

{
  "verified": true,
  "status": "pending_review",
  "message": "Your identity has been verified. Your request is being reviewed."
}

Admin-only endpoint to approve or deny a third-party declaration request. On approval, a one-time burn-on-use download token (72-hour TTL) is generated and emailed to the requester. On denial, the requester is notified with an optional reason.

{
  "status": "approved",
  "request_id": "a1b2c3d4-...",
  "email": "requester@example.com",
  "message": "Request approved. One-time download link sent to requester."
}

{
  "status": "denied",
  "request_id": "a1b2c3d4-...",
  "message": "Request denied. Requester has been notified."
}

403 Admin access required   404 Request not found   409 Already approved or denied

One-time burn-on-use download for Court-Ready Declaration PDFs. The token is destroyed after the first successful download. Links expire after 72 hours. The PDF is generated fresh at download time with the latest evidence data and includes a PAdES digital signature.

Returns application/pdf with Content-Disposition: attachment. The download token is permanently destroyed after successful generation.

410 Token expired, already used, or envelope no longer available

Create a new organization. The authenticated user becomes the owner. Limited to 10 organizations per user.

{
  "id": "org_a1b2c3d4",
  "name": "Acme Corp",
  "owner_user_id": "user_xyz",
  "owner_email": "alice@acme.com"
}

List all organizations the authenticated user belongs to.

{
  "orgs": [
    {
      "id": "org_a1b2c3d4",
      "name": "Acme Corp",
      "role": "owner",
      "owner_email": "alice@acme.com",
      "created_at": "2026-03-06T12:00:00Z"
    }
  ]
}

Get organization details. Requires membership (any role).

{
  "org": {
    "id": "org_a1b2c3d4",
    "name": "Acme Corp",
    "owner_user_id": "user_xyz",
    "owner_email": "alice@acme.com",
    "created_at": "2026-03-06T12:00:00Z"
  },
  "role": "owner"
}

Update organization name. Requires admin+ role.

Delete an organization. Requires owner role. Cannot delete if there are active (sent/partial) envelopes. Existing envelopes and templates are unlinked from the org (not deleted).

List all members of an organization. Requires membership (any role).

{
  "members": [
    {
      "id": "mem_xyz",
      "user_id": "user_xyz",
      "email": "alice@acme.com",
      "name": "Alice",
      "role": "owner",
      "joined_at": "2026-03-06T12:00:00Z"
    }
  ]
}

Change a member's role. Requires admin+ role. Only the owner can assign the admin role. Cannot change the owner's role.

Remove a member from the organization. Requires admin+ role. Cannot remove the owner.

Send an email invitation to join the organization. Requires admin+ role. Only the owner can invite with the admin role. Invitation expires after 7 days. An email with an accept link is sent automatically.

List pending invitations for an organization. Requires admin+ role.

{
  "invitations": [
    {
      "id": "inv_abc123",
      "email": "bob@acme.com",
      "role": "member",
      "invited_by": "alice@acme.com",
      "status": "pending",
      "created_at": "2026-03-06T12:00:00Z",
      "expires_at": "2026-03-13T12:00:00Z"
    }
  ]
}

Revoke a pending invitation. Requires admin+ role.

Accept an organization invitation using the token from the invitation email. The authenticated user's email must match the invited email. On success, the user becomes a member with the invited role.

{
  "message": "Invitation accepted",
  "org_id": "org_a1b2c3d4",
  "role": "member"
}

Retrieve white-label branding configuration for the authenticated user. Returns { "configured": false } if no branding has been set up.

{
  "company_name": "Acme Corp",
  "logo_url": "https://acme.com/logo.svg",
  "primary_color": "#60a5fa",
  "accent_color": "#a78bfa",
  "custom_domain": "sign.acme.com",
  "email_from_name": "Acme Signing",
  "footer_text": "Powered by Acme Corp",
  "created_at": "2026-03-01T10:00:00Z",
  "updated_at": "2026-03-05T14:30:00Z"
}

Create or update white-label branding settings. Only include the fields you want to change — omitted fields are not modified.

{
  "company_name": "Acme Corp",
  "logo_url": "https://acme.com/logo.svg",
  "primary_color": "#60a5fa",
  "accent_color": "#a78bfa",
  "custom_domain": "sign.acme.com",
  "email_from_name": "Acme Signing",
  "footer_text": "Powered by Acme Corp",
  "created_at": "2026-03-01T10:00:00Z",
  "updated_at": "2026-03-05T14:30:00Z"
}

400 Validation error (invalid hex color, empty update, etc.)   403 Business plan required

Upload a logo image for white-label branding. Biz+ Accepts multipart/form-data with an image file. The uploaded image URL is automatically saved to your branding configuration.

{
  "logo_url": "https://sign.abundera.ai/branding/logos/abc123.png"
}

400 No file uploaded or invalid format   403 Business plan required

List reusable clause library entries. Biz+ Supports search and category filtering. Clauses can be inserted into templates during envelope creation.

{
  "clauses": [
    {
      "id": "cl_a1b2c3d4-...",
      "title": "Standard Indemnification",
      "content": "Each party shall indemnify and hold harmless...",
      "category": "indemnification",
      "tags": ["legal", "liability"],
      "created_at": "2026-03-10T08:00:00Z",
      "updated_at": "2026-03-10T08:00:00Z"
    }
  ]
}

Create a reusable clause for your clause library. Biz+ Clauses can be referenced and inserted into templates.

{
  "id": "cl_a1b2c3d4-...",
  "title": "Standard Indemnification",
  "content": "Each party shall indemnify and hold harmless...",
  "category": "indemnification",
  "tags": ["legal", "liability"],
  "created_at": "2026-03-10T08:00:00Z"
}

400 Missing title or content   403 Business plan required

Retrieve a single clause by ID. Returns the full clause content and metadata.

{
  "id": "cl_a1b2c3d4-...",
  "title": "Standard Indemnification",
  "content": "Each party shall indemnify and hold harmless...",
  "category": "indemnification",
  "tags": ["legal", "liability"],
  "created_at": "2026-03-10T08:00:00Z",
  "updated_at": "2026-03-10T08:00:00Z"
}

404 Clause not found

Update an existing clause. Only include the fields you want to change — omitted fields are not modified.

{
  "id": "cl_a1b2c3d4-...",
  "title": "Updated Indemnification",
  "content": "The receiving party shall indemnify...",
  "category": "indemnification",
  "tags": ["legal", "updated"],
  "updated_at": "2026-03-11T10:00:00Z"
}

400 Empty update   404 Clause not found

Permanently delete a clause from the library. This does not affect envelopes that already used this clause.

No content.

404 Clause not found

Signer flags a clause for negotiation. The sender is notified and can accept, reject, or counter-propose changes. The envelope remains in sent status until the negotiation is resolved.

{
  "negotiation_id": "neg_x1y2z3-...",
  "clause_id": "cl_a1b2c3d4-...",
  "status": "flagged",
  "created_at": "2026-03-11T10:00:00Z"
}

400 Missing clause_id   404 Clause not found   409 Already flagged

Get all negotiation flags for the current signer's envelope. Returns the status of each flagged clause.

{
  "negotiations": [
    {
      "negotiation_id": "neg_x1y2z3-...",
      "clause_id": "cl_a1b2c3d4-...",
      "status": "flagged",
      "reason": "The indemnification scope is too broad.",
      "response_text": null,
      "created_at": "2026-03-11T10:00:00Z"
    }
  ]
}

Sender responds to a negotiation flag. Can accept the objection, reject it, or provide a counter-proposal.

{
  "negotiation_id": "neg_x1y2z3-...",
  "status": "accepted",
  "action": "accept",
  "updated_at": "2026-03-11T12:00:00Z"
}

400 Invalid action   403 Not the envelope sender   404 Negotiation not found

Signer withdraws a previously flagged clause negotiation. Only possible while the flag is still in flagged status (not yet responded to by the sender).

No content.

404 Flag not found   409 Already responded to — cannot withdraw

List all clause negotiations for an envelope. Returns flags from all signers with their current status. Only the envelope sender can access this endpoint.

{
  "negotiations": [
    {
      "negotiation_id": "neg_x1y2z3-...",
      "clause_id": "cl_a1b2c3d4-...",
      "signer_email": "signer@example.com",
      "signer_name": "Jane Doe",
      "status": "flagged",
      "reason": "The indemnification scope is too broad.",
      "response_text": null,
      "created_at": "2026-03-11T10:00:00Z"
    }
  ]
}

400 Missing envelope_id   403 Not the envelope sender   404 Envelope not found

Sender responds to a specific negotiation flag with an action and optional text. The signer is notified of the response via email.

{
  "negotiation_id": "neg_x1y2z3-...",
  "status": "countered",
  "action": "counter",
  "text": "We can limit indemnification to direct damages only.",
  "updated_at": "2026-03-11T14:00:00Z"
}

400 Invalid action or missing negotiation_id   403 Not the envelope sender   404 Negotiation not found   409 Already responded

Create a reusable signing link for a template. Pro+ Anyone with the link URL can claim it — an envelope and signer are created on claim. Useful for public-facing forms, onboarding flows, or self-service signing.

{
  "id": "l1a2b3c4-...",
  "url": "https://sign.abundera.ai/sign/?link=<token>",
  "template": "nda-standard",
  "max_uses": null,
  "use_count": 0,
  "expires_at": "2026-06-08T12:00:00Z",
  "status": "active"
}

400 Missing template, invalid max_uses   403 Professional+ plan required   404 Template not found

List signing links created by the authenticated user, with pagination. Pro+ Supports org-scoped queries via X-Org-Id header or ?org_id= parameter.

{
  "links": [
    {
      "id": "l1a2b3c4-...",
      "template_id": "nda-standard",
      "status": "active",
      "max_uses": 100,
      "use_count": 12,
      "expires_at": "2026-06-08T12:00:00Z",
      "created_at": "2026-03-10T12:00:00Z"
    }
  ],
  "total": 1,
  "page": 1,
  "limit": 20
}

Get signing link details so the frontend can display the claim form. Returns the template name and link status without requiring authentication.

{
  "template_name": "Non-Disclosure Agreement",
  "sender_name": "John Smith",
  "status": "active"
}

400 Missing token   404 Invalid link   410 Expired or max uses reached

Claim a signing link — creates an envelope and signer, then sends a signing invitation email. The signing link's use count is incremented. No authentication required; the link token provides access.

{
  "envelope_id": "e3f8a1b2-...",
  "signing_url": "https://sign.abundera.ai/sign/?token=<token>",
  "template": "nda-standard",
  "template_name": "Non-Disclosure Agreement",
  "expires_at": "2026-04-09T12:00:00Z"
}

400 Missing fields, invalid email   404 Invalid link token   410 Expired or max uses reached

Create a document package that groups 2 to 10 related envelopes together. Packages let you track multi-document transactions as a single unit. All referenced envelopes must belong to the authenticated user.

{
  "id": "pkg_a1b2c3d4-...",
  "name": "Series A Closing Documents",
  "envelope_ids": ["e1a2b3c4-...", "e5f6g7h8-..."],
  "envelope_count": 2,
  "created_at": "2026-03-11T10:00:00Z"
}

400 Missing name, fewer than 2 or more than 10 envelopes   404 Envelope not found or not owned by user

List all document packages for the authenticated user. Pass ?id= to retrieve a single package with full envelope details.

{
  "packages": [
    {
      "id": "pkg_a1b2c3d4-...",
      "name": "Series A Closing Documents",
      "envelope_count": 3,
      "created_at": "2026-03-11T10:00:00Z"
    }
  ]
}

{
  "id": "pkg_a1b2c3d4-...",
  "name": "Series A Closing Documents",
  "envelopes": [
    {
      "id": "e1a2b3c4-...",
      "template_name": "Stock Purchase Agreement",
      "status": "completed"
    }
  ],
  "created_at": "2026-03-11T10:00:00Z"
}

404 Package not found

Send a 6-digit OTP code to the signer's phone via SMS. Rate limited: max 3 sends per signer, 60-second cooldown between sends.

{
  "sent": true,
  "phone_masked": "***-***-1234",
  "expires_in_seconds": 600
}

Verify a 6-digit OTP code. Max 3 attempts per code — after that, request a new one.

{
  "verified": true
}

// or on wrong code:
{
  "verified": false,
  "attempts_remaining": 2
}

Get auto-fill suggestions for the signer based on their previously saved profile. Returns saved name and field values if the signer has opted in to profile storage. Helps returning signers complete forms faster.

{
  "name": "Jane Doe",
  "fields": {
    "company_name": "Acme Corp",
    "title": "VP Engineering"
  },
  "saved_at": "2026-03-10T08:00:00Z"
}

{
  "name": null,
  "fields": {}
}

Save signer profile data for future auto-fill. Requires explicit consent from the signer. Stored values are scoped to the signer's email and encrypted at rest.

{
  "saved": true,
  "field_count": 3
}

400 Missing fields or consent not true

Permanently delete all saved signer profile data (GDPR right to erasure). Removes all stored field values and name associated with the signer's email.

No content.

Restrict document signing to specific countries. When geo_lock is set on an envelope, signers outside the allowed countries will see a blocked message and cannot access the document.

// In POST /api/v1/envelopes request body:
{
  "geo_lock": ["US", "CA", "GB"]
}

Country codes use ISO 3166-1 alpha-2 format (e.g., US, CA, GB, DE). The signer's country is recorded in the audit trail regardless of geo-lock settings.

{
  "error": "Signing is restricted to specific countries",
  "gate": "geo_blocked",
  "country": "RU"
}

Block signing from VPN, proxy, and datacenter IP addresses. Uses ASN-based detection to identify hosting providers and known VPN services.

// In POST /api/v1/envelopes request body:
{
  "block_vpn": true
}

VPN detection status is recorded in the audit trail and displayed on the Certificate of Completion for all envelopes, regardless of whether blocking is enabled.

{
  "error": "Signing from VPN/proxy connections is not allowed",
  "gate": "vpn_blocked"
}

Verify signer identity using government-issued photo ID via Veriff. Biz+ Enable by setting require_id_verification: true in envelope metadata. Max 3 sessions per signer. Results are stored for the signing session and recorded in the audit trail.

Create a Veriff ID verification session. The signer is redirected to Veriff's hosted flow to scan their government ID. Session expires in 30 minutes.

{
  "session_url": "https://magic.veriff.me/v/...",
  "session_id": "abc123...",
  "expires_in_seconds": 1800
}

400 IDV not required for this envelope   409 Already verified or signed   429 Max sessions reached (3)   502 Veriff API error

Check the result of an ID verification session. Fetches the decision from Veriff and stores the result. Call this after the signer completes the Veriff flow.

{
  "verified": true,
  "document_type": "DRIVERS_LICENSE",
  "document_country": "US"
}

{
  "verified": false,
  "status": "declined",
  "reason": "Document expired"
}

410 Session expired -- start a new one   502 Veriff API error

Verify signer identity through knowledge-based authentication using personal information and credit-bureau questions. Biz+ Enable by setting require_kba: true in envelope metadata. Max 3 attempts per signer. Supports two providers: Persona (instant database verification) and LexisNexis (quiz-based). The active provider is configured via the KBA_PROVIDER environment variable.

Start a KBA session by submitting personal identifying information. With Persona, verification is instant (pass/fail). With LexisNexis, returns multiple-choice questions that must be answered within 2 minutes via the verify endpoint.

{
  "passed": true,
  "provider": "persona"
}

{
  "questions": [
    {
      "id": "q1",
      "text": "Which of the following addresses have you been associated with?",
      "choices": ["123 Main St", "456 Oak Ave", "789 Pine Rd", "None of the above"]
    }
  ],
  "expires_in": 120
}

400 Validation error, KBA not required   409 Already verified or signed   422 Unable to generate questions   429 Max attempts reached (3)

Submit answers to KBA questions (LexisNexis provider only). Must be submitted within 2 minutes of the start request. Each answer must reference a valid question_id from the start response.

{
  "passed": true,
  "correct_count": 4,
  "attempts_remaining": 2
}

400 Invalid question_id, KBA not required   410 Session expired (2-minute timeout)

Create a Stripe Checkout session for pay-to-sign envelopes. Biz+ The envelope must be completed and have payment_amount configured in its metadata. Accepts either a signing token or JWT for authentication. Returns a Stripe Checkout URL to redirect the payer.

{
  "checkout_url": "https://checkout.stripe.com/c/pay/...",
  "session_id": "cs_live_..."
}

400 Envelope not completed, no payment configured   401 No auth provided   403 Not the envelope owner or signer   409 Payment already completed

Audit trail events automatically detect and flag bot traffic, including email link prefetchers from Gmail, Outlook, and other providers. This prevents false "document viewed" events from polluting the audit trail.

Detection methods:

• User-Agent matching — known bot, crawler, and prefetcher patterns
• Google IP ranges — Gmail's link prefetcher uses real Chrome user agents but originates from Google IP ranges (172.253.*, 209.85.*, 66.249.*, etc.)

Bot events are:

• Flagged with "is_bot": true in the audit trail API response
• Labeled as [Email Prefetch] on the PDF Certificate of Completion
• Shown with a badge on the public verification page

Send a message from a signer to the envelope sender. Allows signers to ask questions about the document before signing without leaving the signing flow. The sender receives the message via email.

{
  "sent": true,
  "sender_email": "sender@company.com"
}

400 Missing or empty message   409 Envelope already completed or voided   429 Rate limited

AI-powered comparison between the contract being signed and a document the signer uploads (e.g., a previous version or their own template). Returns a plain-English summary of the key differences. Powered by Workers AI.

{
  "summary": "Key differences: 1) The uploaded version has a 2-year non-compete clause while the current contract specifies 1 year. 2) The liability cap is $500K in the current version vs. $1M in the uploaded version. 3) The governing law changed from California to Delaware."
}

400 Missing contract_text or uploaded_text   502 AI service unavailable

Download an unsigned PDF of the document with all currently filled field values rendered. Allows the signer to review the document offline or share it with legal counsel before signing. The PDF includes a "DRAFT — NOT YET SIGNED" watermark.

Returns the PDF binary with Content-Type: application/pdf and Content-Disposition: attachment; filename="document-draft.pdf".

404 Invalid token or envelope not found   409 Already signed   410 Envelope voided or expired

View the email delivery log for envelopes you own. Shows delivery status, timestamps, and provider details for every email sent as part of the signing workflow (invitations, reminders, completions, etc.).

{
  "emails": [
    {
      "id": "em_a1b2c3d4-...",
      "envelope_id": "e1a2b3c4-...",
      "to": "signer@example.com",
      "type": "signing_invitation",
      "status": "delivered",
      "provider": "zeptomail",
      "sent_at": "2026-03-11T10:00:00Z",
      "delivered_at": "2026-03-11T10:00:02Z"
    }
  ],
  "total": 15,
  "limit": 50,
  "offset": 0
}

Get the currently authenticated user's profile, sign-specific plan tier, and current month envelope usage. Accepts JWT via Authorization header or __Secure-abundera_session cookie.

{
  "authenticated": true,
  "id": "u1a2b3c4-...",
  "email": "you@company.com",
  "name": "Your Name",
  "role": "owner",
  "sign_tier": "professional",
  "envelope_limit": 200,
  "envelopes_used": 42,
  "year_month": "2026-03"
}

{
  "authenticated": false
}

Check platform health — verifies D1 database, KV store, and R2 storage connectivity.

{
  "status": "healthy",
  "checks": {
    "d1": "ok",
    "kv": "ok",
    "r2": "ok"
  },
  "timestamp": "2026-03-05T12:00:00Z"
}

503 returned when any check fails (status: "degraded")

Get your current plan tier, monthly envelope limits, and usage for the current billing period.

{
  "plan": "professional",
  "monthly_limit": 200,
  "used": 42,
  "remaining": 158,
  "year_month": "2026-03",
  "overage_rate": "$1.00"
}

Join the product waitlist. No authentication required. Protected by honeypot field — bots that fill hidden fields are silently rejected.

{
  "ok": true
}

Submit a contact form message. No authentication required. Protected by honeypot field — bots that fill hidden fields are silently rejected.

{
  "ok": true
}