Signstack API

Authentication

The Signstack API uses JWT Bearer tokens for authentication:

Create an API key in your dashboard (or use POST /v1/orgs/{orgId}/api-keys)
Exchange your API key for an access token at POST /v1/auth/token
Use the Bearer token in the Authorization header: Authorization: Bearer <your-token>

Organization-Scoped URLs

Most API endpoints are scoped to an organization. After obtaining an access token, use the orgId from the token response in the URL path:

GET /v1/orgs/{orgId}/workflows
POST /v1/orgs/{orgId}/templates

The orgId in the URL must match the organization ID associated with your access token. This ensures proper multi-tenant isolation and access control.

Authorization & Scopes

Each API key has associated scopes that determine which endpoints you can access. The JWT token contains these scopes. Required scopes for each endpoint are listed in the x-required-scopes field in the documentation below.

Server

https://api.signstack.ai

Client Libraries

Shell Curl

Signstack API

Authentication

Organization-Scoped URLs

Authorization & Scopes

AuthenticationRequired