> ## Documentation Index
> Fetch the complete documentation index at: https://docs.superdoc.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Sign

> Sign a PDF or DOCX document with a cryptographic signature.

Send a JSON request body with:
- `document` (required): object containing either `base64` or `url`
- `signer` (required): signer details — `email` and `name` are required; `ip` and `userAgent` are optional and, when provided, are recorded in the audit trail certificate. No other signer fields are accepted; use `metadata` for anything application-specific.
- `auditTrail` (required): array of signing events. Must include at least one `submit` event for e-signature compliance.
- `eventId` (optional): unique identifier for the signing event
- `metadata` (optional): free-form object for application-specific context (tenantId, contractId, etc.)
- `certificate` (optional): `{ enabled: boolean }` — controls whether an audit trail certificate page is appended (default: `true`)

The response returns the signed PDF as base64.



## OpenAPI

````yaml /openapi.json post /v1/sign
openapi: 3.0.3
info:
  title: SuperDoc API
  version: 0.9.0
  description: >-
    ## Quick Start


    1 - **Register**:
    https://api.superdoc.dev/v1/auth/register?email=you@email.com


    2 - **Verify**: Check email, then
    https://api.superdoc.dev/v1/auth/verify?email=you@email.com&code=123456


    3 - **Convert**

    ```bash

    curl -X POST https://api.superdoc.dev/v1/convert?from=docx \
      -H "Authorization: Bearer YOUR_API_KEY" \
      -F "file=@document.docx" \
      -o converted.pdf
    ```



    Or use our Playground:

    https://api.superdoc.dev/docs/#tag/documents/post/v1/convert


    That's it! Your DOCX is now a PDF.


    ---


    [Status](https://status.superdoc.dev) •
    [GitHub](https://github.com/superdoc-dev/superdoc)
  contact:
    name: Support
    email: api@superdoc.dev
    url: https://superdoc.dev/contact-us
  license:
    name: Commercial
    url: https://superdoc.dev
servers:
  - url: https://api.superdoc.dev
    description: Production
security: []
tags:
  - name: Documents
    description: Document conversion and transformation
  - name: Authentication
    description: Registration and API key management
  - name: System
    description: Health and service information
paths:
  /v1/sign:
    post:
      tags:
        - Signature
      summary: Sign
      description: >-
        Sign a PDF or DOCX document with a cryptographic signature.


        Send a JSON request body with:

        - `document` (required): object containing either `base64` or `url`

        - `signer` (required): signer details — `email` and `name` are required;
        `ip` and `userAgent` are optional and, when provided, are recorded in
        the audit trail certificate. No other signer fields are accepted; use
        `metadata` for anything application-specific.

        - `auditTrail` (required): array of signing events. Must include at
        least one `submit` event for e-signature compliance.

        - `eventId` (optional): unique identifier for the signing event

        - `metadata` (optional): free-form object for application-specific
        context (tenantId, contractId, etc.)

        - `certificate` (optional): `{ enabled: boolean }` — controls whether an
        audit trail certificate page is appended (default: `true`)


        The response returns the signed PDF as base64.
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SignRequest'
        required: true
      responses:
        '200':
          description: Default Response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SignResponse'
        '400':
          description: Standard error format used across all API endpoints
          content:
            application/json:
              schema:
                type: object
                title: Error Response
                description: Standard error format used across all API endpoints
                required:
                  - code
                  - error
                  - message
                properties:
                  code:
                    type: string
                    description: Machine-readable error code for programmatic handling
                    example: VALIDATION_ERROR
                  error:
                    type: string
                    description: HTTP error category
                    example: Bad Request
                  message:
                    type: string
                    description: Human-readable error description
                    example: The provided document format is not supported
                  requestId:
                    type: string
                    description: Unique request ID for support
                    example: req_abc123
                  details:
                    type: array
                    description: Additional error details for validation errors
                    items:
                      type: object
                      properties:
                        field:
                          type: string
                          description: Field that caused the error
                        issue:
                          type: string
                          description: Description of the issue
                example:
                  code: INVALID_FILE_FORMAT
                  error: Bad Request
                  message: File is not a valid DOCX
                  requestId: req_abc123
        '401':
          description: Standard error format used across all API endpoints
          content:
            application/json:
              schema:
                type: object
                title: Error Response
                description: Standard error format used across all API endpoints
                required:
                  - code
                  - error
                  - message
                properties:
                  code:
                    type: string
                    description: Machine-readable error code for programmatic handling
                    example: VALIDATION_ERROR
                  error:
                    type: string
                    description: HTTP error category
                    example: Bad Request
                  message:
                    type: string
                    description: Human-readable error description
                    example: The provided document format is not supported
                  requestId:
                    type: string
                    description: Unique request ID for support
                    example: req_abc123
                  details:
                    type: array
                    description: Additional error details for validation errors
                    items:
                      type: object
                      properties:
                        field:
                          type: string
                          description: Field that caused the error
                        issue:
                          type: string
                          description: Description of the issue
                example:
                  code: INVALID_FILE_FORMAT
                  error: Bad Request
                  message: File is not a valid DOCX
                  requestId: req_abc123
        '422':
          description: Standard error format used across all API endpoints
          content:
            application/json:
              schema:
                type: object
                title: Error Response
                description: Standard error format used across all API endpoints
                required:
                  - code
                  - error
                  - message
                properties:
                  code:
                    type: string
                    description: Machine-readable error code for programmatic handling
                    example: VALIDATION_ERROR
                  error:
                    type: string
                    description: HTTP error category
                    example: Bad Request
                  message:
                    type: string
                    description: Human-readable error description
                    example: The provided document format is not supported
                  requestId:
                    type: string
                    description: Unique request ID for support
                    example: req_abc123
                  details:
                    type: array
                    description: Additional error details for validation errors
                    items:
                      type: object
                      properties:
                        field:
                          type: string
                          description: Field that caused the error
                        issue:
                          type: string
                          description: Description of the issue
                example:
                  code: INVALID_FILE_FORMAT
                  error: Bad Request
                  message: File is not a valid DOCX
                  requestId: req_abc123
        '500':
          description: Standard error format used across all API endpoints
          content:
            application/json:
              schema:
                type: object
                title: Error Response
                description: Standard error format used across all API endpoints
                required:
                  - code
                  - error
                  - message
                properties:
                  code:
                    type: string
                    description: Machine-readable error code for programmatic handling
                    example: VALIDATION_ERROR
                  error:
                    type: string
                    description: HTTP error category
                    example: Bad Request
                  message:
                    type: string
                    description: Human-readable error description
                    example: The provided document format is not supported
                  requestId:
                    type: string
                    description: Unique request ID for support
                    example: req_abc123
                  details:
                    type: array
                    description: Additional error details for validation errors
                    items:
                      type: object
                      properties:
                        field:
                          type: string
                          description: Field that caused the error
                        issue:
                          type: string
                          description: Description of the issue
                example:
                  code: INVALID_FILE_FORMAT
                  error: Bad Request
                  message: File is not a valid DOCX
                  requestId: req_abc123
      security:
        - apiKey: []
components:
  schemas:
    SignRequest:
      type: object
      title: Sign Request
      required:
        - document
        - signer
        - auditTrail
      additionalProperties: false
      properties:
        eventId:
          type: string
          description: Unique identifier for this signing event
        document:
          type: object
          description: PDF or DOCX input. Provide exactly one of `base64` or `url`.
          oneOf:
            - type: object
              title: base64
              required:
                - base64
              properties:
                base64:
                  type: string
                  format: byte
                  minLength: 100
                  description: Base64-encoded PDF or DOCX file
            - type: object
              title: url
              required:
                - url
              properties:
                url:
                  type: string
                  format: uri
                  description: URL to fetch the document from
        signer:
          type: object
          description: >-
            Details of the person applying the signature. `email` and `name` are
            required; `ip` and `userAgent` are optional and recorded in the
            audit trail / certificate page when provided. No other fields are
            accepted — use `metadata` for application-specific context.
          required:
            - email
            - name
          additionalProperties: false
          properties:
            email:
              type: string
              format: email
              maxLength: 255
              description: Signer's email address
              example: jane@example.com
            name:
              type: string
              minLength: 2
              maxLength: 255
              description: Signer's full name as it should appear on the signature
              example: Jane Smith
            ip:
              type: string
              format: ipv4
              description: >-
                IPv4 address the signer submitted from. Included in the audit
                trail certificate for compliance.
              example: 203.0.113.42
            userAgent:
              type: string
              description: >-
                Browser user agent string the signer submitted from. Included in
                the audit trail certificate for compliance.
              example: >-
                Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7)
                AppleWebKit/537.36
        auditTrail:
          type: array
          description: >-
            Complete event trail of user interactions. Must include at least one
            `submit` event for e-signature compliance.
          minItems: 1
          items:
            type: object
            required:
              - type
              - timestamp
            properties:
              type:
                type: string
                enum:
                  - ready
                  - scroll
                  - field_change
                  - submit
                description: Event kind
              timestamp:
                type: string
                format: date-time
                description: ISO-8601 timestamp for the event
              data:
                type: object
                additionalProperties: true
                description: >-
                  Event-specific payload emitted by the e-sign SDK. Shape
                  depends on `type`:

                  - `scroll` - `{ percent: number }`

                  - `field_change` - `{ fieldId: string, value: string | boolean
                  | number | null, previousValue?: string | boolean | number |
                  null }`

                  - `ready`, `submit` - typically omitted
        metadata:
          type: object
          additionalProperties: true
          description: >-
            Optional application-specific metadata. Free-form object for any
            context you want to attach to the signing event (e.g. tenantId,
            contractId, custom audit fields).
        certificate:
          type: object
          description: >-
            Configuration for the audit trail certificate page that is appended
            to the signed PDF.
          additionalProperties: false
          properties:
            enabled:
              type: boolean
              default: true
              description: >-
                Whether to append an audit trail certificate page to the signed
                document
    SignResponse:
      type: object
      required:
        - document
      properties:
        document:
          type: object
          required:
            - base64
            - contentType
          properties:
            base64:
              type: string
              description: Signed PDF as base64
            contentType:
              type: string
              description: Content type (application/pdf)
  securitySchemes:
    apiKey:
      type: http
      scheme: bearer
      bearerFormat: API Key
      description: API key authentication. Keys start with `sd_`

````