Key Concepts

An API plan subscription allows organizations to send document signing requests to be handled by emSigner via REST API endpoints.

API plans are based on envelopes consumed and the pricing is based on each successful signing transaction in which all parties sign one or more documents that are part of the envelope.

Once you have subscribed for an API plan, you also have access to all the features available as part of the same envelope plan allowing your users to also view dashboards and originate documents from emSigner directly.

API Requests

API requests are made to emSigner via REST API endpoints. API endpoints have been defined for various purposes such as User Management, Workflow Management, Document Management etc. For a list of API’s, please visit API documentation section.

Each API request must be associated with a JWT token using which emSigner identifies the following information associated with the request

  • Calling application
  • User or Originator information (must be from the same organization as that of the subscription)
  • Recipient information

This allows emSigner to route requests to appropriate users queue.

Envelopes

An envelope is a document package. emSigner API allow push of upto 10 documents in a single request with total file size of 25mb.

Signature Support

emSigner supports multiple signature types including Simple Electronic Signatures (SES), Advanced Electronic Signatures (AES) and Qualified Electronic Signatures (QES). When sending a request via the API, calling applications can define the type of signature required by each participant for that request.

Users or Originators

Users or originators are internal users of your organization on whose behalf emSigner will originate the transaction.

For originating a transaction, the calling application must either authenticate the user via a login interface (with username or password) OR get an auth_token that can be generated by user and shared manually.

Participants or Recipients

Participants or recipients are either internal or external users that receive the document for the purpose of signing or review.

API’s are designed to automatically create internal or external users if they are not already created in the system.

Authentication

emSigner APIs make use of JWT tokens with expiry time to authenticate every request. For getting the first JWT token, the calling applicaton must pass a combination of

  • App Identifier + Secret Key – used to validate that the request is from an application that is registered for the subscription
  • App Identifier + User Credentials or User Auth Token – used to validate that the user has given permissions to the App to initiate document signing requests on their behalf

Data Encryption

The REST API endpoints are HTTPS and thus run on TLS channels to ensure that data is encrypted in transit. Once documents are received by emSigner, they are stored in an encrypted format.