Embed document signing directly into your application. Create envelopes, track status, and receive real-time webhooks -- all through a clean REST API.
The SignAndGo API lets you programmatically create envelopes, upload documents, add recipients, track signing progress, and download completed PDFs. It is designed for developers building integrations with property management systems, CRMs, accounting software, and custom business applications.
Standard REST endpoints with JSON responses. No proprietary SDKs required.
HTTPS only. Bearer token auth. HMAC-signed webhooks. Data in Sydney.
Webhooks notify your system instantly when signing events occur.
All API requests require a valid API key passed as a Bearer token in the Authorization header.
curl -X GET "https://signandgo-backend-308289583348.australia-southeast1.run.app/api/v1/envelopes" \
-H "Authorization: Bearer sag_your_api_key_here" \
-H "Content-Type: application/json"Log into your SignAndGo dashboard.
Navigate to Settings, then Developer API.
Click "Create API Key" and give it a descriptive name.
Select the required scopes: read, write, sign, admin.
Copy and securely store the generated key. It starts with sag_ and is only shown once.
| Scope | Permissions |
|---|---|
| read | View envelopes, download signed documents |
| write | Create envelopes, upload documents, add recipients |
| sign | Trigger signing flows, send invitations |
| admin | Manage webhooks, API key administration |
The primary integration point is creating envelopes -- uploading a document, specifying recipients, and optionally placing signature fields.
curl -X POST "https://signandgo-backend-308289583348.australia-southeast1.run.app/api/v1/envelopes/external" \
-H "Authorization: Bearer sag_your_api_key_here" \
-F "file=@contract.pdf" \
-F 'recipients=[{"name":"Jane Smith","email":"jane@example.com","role":"signer"}]' \
-F "subject=Please sign this contract" \
-F "message=Hi Jane, please review and sign the attached contract."{
"envelope_id": "env_abc123",
"status": "sent",
"recipients": [
{
"name": "Jane Smith",
"email": "jane@example.com",
"signing_url": "https://www.signandgo.com.au/sign/tok_xyz789",
"status": "sent"
}
],
"created_at": "2026-03-03T10:00:00Z"
}If you do not place fields explicitly, SignAndGo enables free-form signing mode, where signers can click on the document to place their signature, initials, and date.
Receive real-time notifications when signing events occur.
POST /api/v1/webhooks
{
"url": "https://your-app.com/webhooks/signandgo",
"events": ["signed", "completed", "declined"]
}envelope.sent -- Document sent to recipientenvelope.viewed -- Recipient opened documentenvelope.signed -- Recipient signedenvelope.completed -- All signedenvelope.declined -- Recipient declinedEvery webhook payload includes an X-SignAndGo-Signature header containing an HMAC-SHA256 hash of the request body. Verify this against your webhook secret to ensure the payload is authentic.
import hmac, hashlib
def verify_signature(payload, signature, secret):
expected = hmac.new(
secret.encode(), payload, hashlib.sha256
).hexdigest()
return hmac.compare_digest(expected, signature)Automatically generate and send tenancy agreements when a new lease is created. Receive a webhook when the tenant signs and update the lease status in your system.
Send contracts from your CRM when a deal reaches "Won" stage. Track signing progress without leaving your CRM. Auto-attach the signed PDF to the deal record.
Embed signing into your customer onboarding flow. Generate service agreements dynamically, send for signing, and activate the account when the webhook confirms completion.
Inspection tools like InspectAndGo use the API to send inspection reports for signing, then receive the signed document back via webhook for archival.
Navigate to Settings then Developer API in your SignAndGo dashboard. Click 'Create API Key', select the required scopes (read, write, sign, admin), and copy the generated key. API keys start with 'sag_' and should be kept secret.
The API uses Bearer token authentication. Include your API key in the Authorization header: 'Authorization: Bearer sag_your_key_here'. All requests must be made over HTTPS.
Yes. Use POST /api/v1/envelopes/external with a multipart form including the PDF document, recipient details, and optional field placements. The API returns an envelope ID and signing URLs for each recipient.
Register a webhook URL via the API or dashboard. SignAndGo will POST event payloads to your URL when documents are viewed, signed, declined, or completed. Payloads are HMAC-SHA256 signed with the X-SignAndGo-Signature header for verification.