Signatures API

Send, track, and verify legally-binding electronic signatures.

Endpoints

Method	Path	Description
`POST`	`/signatures/request`	Send signature request
`GET`	`/signatures`	List all signature requests
`GET`	`/signatures/:id`	Get signature details
`POST`	`/signatures/:id/sign`	Submit a signature
`POST`	`/signatures/:id/verify`	Verify signature authenticity
`DELETE`	`/signatures/:id`	Cancel/void a request
`GET`	`/signatures/:id/audit-trail`	Get audit trail
`GET`	`/signatures/:id/certificate`	Download audit certificate PDF

Send Signature Request

POST /api/v1/signatures/request

{
  "contract_id": "contract-uuid",
  "signer_name": "Jane Smith",
  "signer_email": "jane@acme.com",
  "signer_role": "Signer",
  "expires_in_days": 7
}

Response:

{
  "id": "sig-uuid",
  "contract_id": "contract-uuid",
  "signer_name": "Jane Smith",
  "signer_email": "jane@acme.com",
  "status": "pending",
  "token": "unique-signing-token",
  "signing_url": "https://app.legistry.ai/sign/unique-signing-token",
  "created_at": "2026-03-08T12:00:00Z",
  "expires_at": "2026-03-15T12:00:00Z"
}

The signer receives an email with the signing_url to complete their signature.

Submit Signature

Public endpoint — no auth required (uses signing token).

POST /api/v1/signatures/:id/sign

{
  "token": "unique-signing-token",
  "signature_data": "data:image/png;base64,...",
  "full_name": "Jane Smith",
  "ip_address": "auto-detected",
  "consent": true
}

The system automatically captures: IP address, geolocation, timestamp, user agent, and browser fingerprint for the audit trail.

Verify Signature

Check if a signature is genuine and unmodified.

POST /api/v1/signatures/:id/verify

Response:

{
  "valid": true,
  "signer": "Jane Smith",
  "signed_at": "2026-03-10T14:30:00Z",
  "ip_address": "203.0.113.42",
  "geolocation": "New York, US",
  "document_hash": "sha256:abc123...",
  "tamper_detected": false
}

Audit Trail

Get the complete signing history for compliance.

GET /api/v1/signatures/:id/audit-trail

{
  "events": [
    {
      "action": "request_created",
      "timestamp": "2026-03-08T12:00:00Z",
      "actor": "owner@company.com",
      "ip": "192.168.1.1"
    },
    {
      "action": "email_sent",
      "timestamp": "2026-03-08T12:00:05Z",
      "recipient": "jane@acme.com"
    },
    {
      "action": "document_viewed",
      "timestamp": "2026-03-10T14:25:00Z",
      "actor": "jane@acme.com",
      "ip": "203.0.113.42"
    },
    {
      "action": "signature_submitted",
      "timestamp": "2026-03-10T14:30:00Z",
      "actor": "jane@acme.com",
      "ip": "203.0.113.42",
      "geolocation": "New York, US"
    }
  ]
}

Download Audit Certificate

Get a PDF audit certificate for legal compliance.

GET /api/v1/signatures/:id/certificate

Returns a downloadable PDF with:

Document hash
All signer details
Complete event timeline
IP + geolocation records
Tamper verification status

Signature Statuses

Status	Description
`pending`	Awaiting signer action
`viewed`	Signer opened the document
`signed`	Signature completed
`declined`	Signer declined to sign
`expired`	Request expired before signing
`voided`	Cancelled by the sender

Contracts AI Chat (RAG)