SigningEmbedRequest

Mints an embed token for <ss-signing-embed> — a single participant signs a single step. Token scopes: workflow:read, signing:sign. Default TTL: 2 h. Max TTL: 2 h.

  • intent
    enum
    const:  
    signing_session
    required
    values
    • signing_session
  • stepKey
    Type: string
    required

    Key of the participant step being signed.

  • workflowId
    Type: string Pattern: ^wf_[0-9a-z]{26}$
    required

    Prefixed lowercase ULID, e.g. wf_01jv8m7qfj6xj9gkz7a4s2h8e.

  • allowedOrigins
    Type: array string[]

    CORS-allowed origins.

  • context
    Type: object

    Optional context attached to an embed token — typically the recipient's identity for participant-bound flows.

    • recipientEmail
      Type: stringFormat: email
      required
    • metadata
      Type: object

      Free-form caller-supplied metadata.

    • recipientName
      Type: string
  • expiresIn
    Type: integer

    Token lifetime in seconds. Defaults to 7200 (2 h); capped at 7200. Recommended 15–30 min in practice.