Authentication
Authenticate SignYu API requests with a Bearer API key. One key per account, gated on an API access subscription.
The SignYu API authenticates requests using an API key sent as a Bearer token.
Getting an API key
API keys are managed from your dashboard under Developers. API access requires an active subscription (or an admin grant). Subscribe at API subscription. Without access, requests return a 403 api_access_not_enabled error.
You can have one API key per account. To rotate your key, delete the existing one and create a new one.
When you create a key, the full value is shown only once. Copy or download it and store it somewhere safe. We only store a hash of the key and cannot show it again. If you lose it, delete it and create a new one.
Making authenticated requests
Send your key in the Authorization header:
curl https://signyu.com/api/v1/documents \
-H "Authorization: Bearer sk_live_your_api_key"
An API key looks like sk_live_ followed by a random string.
Errors
| Status | Error | Meaning |
|---|---|---|
| 401 | unauthorized | The key is missing or invalid. |
| 403 | api_access_not_enabled | Your account does not have API access. Subscribe at /app/subscribe-api. |
Keep your key safe
Treat your API key like a password. Do not commit it to source control or expose it in client side code. Use it only from your server. If a key is compromised, delete it from the dashboard immediately, which instantly revokes access.
Rate limits
API requests are rate limited. If you exceed the limit, requests are rejected at the edge with a 429 response. Design your integration to retry with backoff. If you need a higher limit, get in touch from the contact page.