SignRequest API Essential Guide

Aug 15, 2024 • 6 minute read

What type of API does SignRequest provide?

The most common API types are REST, SOAP, and GraphQL. REST (Representational State Transfer) is currently the most popular API style. It uses standard HTTP methods and is lightweight and flexible. SOAP (Simple Object Access Protocol) is an older protocol that uses XML for message formatting. It's more rigid but provides built-in error handling. GraphQL is a newer query language for APIs that allows clients to request exactly the data they need.

Choose the API type that best fits your specific needs and use case. REST is a good default choice for many applications, especially if you're new to API design. Consider SOAP for enterprise systems that require strict data contracts and error handling. GraphQL can be beneficial for applications with complex, nested data structures or highly interactive frontends.

Does the SignRequest API have webhooks?

Webhooks in SignRequest

The official SignRequest API does have webhooks.
Webhooks allow for real-time notification of workflow events without having to poll SignRequest for status updates.

Event Types

SignRequest supports various event types that you can subscribe to, including:

Agreement events (e.g., AGREEMENT_CREATED, AGREEMENT_SHARED, AGREEMENT_MODIFIED, AGREEMENT_COMPLETED)
Library events (e.g., LIBRARY_DOCUMENT_CREATED, LIBRARY_DOCUMENT_MODIFIED)
Bulk signing events (e.g., MEGASIGN_CREATED, MEGASIGN_RECALLED)
Web form events (e.g., WIDGET_CREATED, WIDGET_MODIFIED)

Configuring Webhooks

To set up a webhook in SignRequest:

Configure a webhook URL
Register it as a webhook with SignRequest
Subscribe to specific events

The subscription requires:

An event name
A resource type and corresponding resource identifier
A webhook URL for receiving event notifications

Best Practices

When using SignRequest webhooks:

Allow your network to communicate via the latest designated IP range list
Subscribe only to specific, needed events to limit the number of HTTPS requests
Ensure your webhook is duplicate resistant
Respond to webhooks quickly (within 5 seconds)
Manage concurrency for multiple notifications
Create unique webhooks

Security

SignRequest implements several security measures for webhooks:

Only HTTPS URLs are valid
Uses OAuth authentication and authorization validation
Supports two-way SSL authentication
Keeps webhook configurations immutable
Sends and receives the client ID in webhook notification requests
Validates IP addresses

Managing Webhooks

You can manage webhooks using the following API endpoints:

POST /webhooks (Create a new webhook)
GET /webhooks (Retrieve webhooks for a user)
GET /webhooks/{webhookId} (Retrieve details of a webhook)
PUT /webhooks/{webhookId} (Modify an existing webhook)
PUT /webhooks/{webhookId}/state (Modify a webhook's status)
DELETE /webhooks/{webhookId} (Delete a webhook)

In summary, the SignRequest API does offer webhooks, allowing you to subscribe to various events related to agreements, library documents, bulk signing, and web forms. This enables real-time notifications and more efficient integration with the SignRequest platform.

Rate Limits and other limitations

Based on the search results provided, here are the key points about the API rate limits for the SignRequest API:

General API Rate Limits

The search results do not provide specific information about SignRequest's API rate limits. The information provided is mostly about SignRequest's pricing and features, not their API rate limits.

Box API Rate Limits

While not directly related to SignRequest, the search results include information about Box's API rate limits, which may be useful for comparison:

General API calls: 1000 API requests per minute, per user
Uploads: 240 file upload requests per minute, per user
Search: 6 searches per second, per user, with additional limits of 60 searches per minute per user and 12 searches per second per enterprise
Box Sign:
- Create and resend sign request: 100 requests per minute, per user
- Get sign request: 1000 requests per minute, per user

Rate Limit Error Handling

When an application hits a rate limit, the API will return an API response with a HTTP status code of 429 Too Many Requests. The response will include a "retry-after" header indicating the number of seconds to wait before retrying the API call.

Key Points to Consider

The specific rate limits for SignRequest's API are not provided in the search results.
It's common for APIs to implement rate limits to protect their services from excessive traffic and ensure fair usage.
When implementing an integration with SignRequest's API, it would be important to check their official documentation or contact their support for accurate rate limit information.
Implementing proper error handling and retry logic for rate limit errors is a best practice when working with APIs.

Best Practices

Always refer to the official API documentation for the most up-to-date and accurate rate limit information.
Implement exponential backoff strategies when retrying API calls after hitting rate limits.
Design your application to work within the API's rate limits to ensure smooth operation and avoid disruptions.
Monitor your API usage to stay within the limits and plan for scaling if necessary.
Consider caching responses when appropriate to reduce the number of API calls made.

Latest API Version

Based on the search results provided, here is the answer to your question:

The most recent version of the SignRequest API is v1.

Key points to consider:

The API documentation is available at https://signrequest.com/api/v1/docs/.
The Python client library for the SignRequest API is currently at version 2.1.0, released on January 10, 2020.
The API uses RESTful principles and requires authentication using an API key.
The API provides endpoints for various operations such as creating documents, managing sign requests, handling teams and members, and working with webhooks.

Code example for using the SignRequest API with Python:

import signrequest_client
from signrequest_client.rest import ApiException
from pprint import pprint

# Configure API key authorization
configuration = signrequest_client.Configuration()
configuration.api_key['Authorization'] = 'YOUR_API_KEY'
configuration.api_key_prefix['Authorization'] = 'Token'
signrequest_client.Configuration.set_default(configuration)

# Create an instance of the API class
api_instance = signrequest_client.DocumentsApi()

# Create a document
data = signrequest_client.Document(
    file_from_url='https://example.com/document.pdf'
)

try:
    # Create a Document
    api_response = api_instance.documents_create(data)
    pprint(api_response)
except ApiException as e:
    print("Exception when calling DocumentsApi->documents_create: %s\n" % e)

This code snippet demonstrates how to authenticate with the API and create a document using the Python client library.

Best practices:

Always use API key authentication for secure access to the SignRequest API.
Handle exceptions when making API calls to gracefully manage errors.
Refer to the full API documentation for detailed information on available endpoints and their usage.
Use the latest version of the Python client library to ensure compatibility and access to the most recent features.

How to get a SignRequest developer account and API Keys?

To get a developer account for SignRequest to create an API integration, you can follow these steps:

Sign up for a SignRequest account:
- Go to www.signrequest.com and create an account.
Create a team in SignRequest:
- After signing up, create a team within your SignRequest account.
Get the API token:
- Once you have a team, you can access the API token. Here's how:
  - Click on your profile in SignRequest
  - Go to the "Teams" section
  - Scroll to the bottom where you'll find "API Settings"
  - Click on "Create token"
  - Copy the generated token
Set up a Sandbox Team (optional, for testing):
- You can create a SignRequest Sandbox Team to test the API for free
- Sandbox teams allow you to test the entire SignRequest product without paying
- Note that all e-signed documents in the sandbox will be watermarked
Choose a plan:
- To use the API for electronic signatures, you need a SignRequest Business account
- You can either pay as you go (0.50 per sent document) or purchase a bundle of API credits

What can you do with the SignRequest API?

Based on the search results provided, here is a list of data models that can be interacted with using the SignRequest API, along with what is possible for each:

Agreements

Create agreements using transient documents, library documents, or URLs
Send documents to specified recipients for signing or approval
Track the status and completion of agreements
Retrieve data entered by users when they signed the agreement

Web Forms (formerly known as signing widgets)

Create Web Forms in different states (DRAFT, AUTHORING, ACTIVE)
Define participant information for the Web Form
Host documents that anyone with access can sign
Retrieve data entered by users when they signed the Web Form

Transient Documents

Upload documents as transient documents
Use transient documents to create agreements or Web Forms

Participants

Define participant information for agreements and Web Forms
Specify roles for participants (e.g., SIGNER, APPROVER)

File Information

Include file information when creating agreements or Web Forms

API Access Points

Discover the valid API access point for your account

Signature Types

Specify signature types (e.g., ESIGN) when creating agreements

Agreement States

Set and manage agreement states (e.g., IN_PROCESS)

While not explicitly mentioned in the search results, it's likely that the SignRequest API also allows interaction with:

Users and authentication
Teams and team management
Document templates
Workflow settings
Reminders and notifications

The API provides flexibility for developers to integrate electronic signature functionality into their applications, automate document workflows, and customize the signing experience.