IUSign's REST API exposes every platform capability — document upload, envelope creation, signer management, status tracking, audit export, webhook configuration, and tenant branding.
Generate an API key from Settings → Developer → API Keys (sk_live_ or sk_test_ prefix).
Use the key as a Bearer token: Authorization: Bearer sk_live_xxx.
Upload a document via POST /api/v1/documents/upload (multipart/form-data).
Create an envelope via POST /api/v1/envelopes with recipients, fields, and signing order.
Send the envelope via POST /api/v1/envelopes/{id}/send.
Configure a webhook via POST /api/v1/webhooks to receive real-time status updates.
Monitor usage via GET /api/v1/usage — request counts, latency, error rates.
39 endpoints across 11 categories: Auth, Documents, Envelopes, Signing, Audit, Webhooks, API Keys, Templates, Tenants, Public Links, Admin.
Authentication: JWT (HS256, 24h expiry) for user auth. API keys (SHA256 hashed, Redis cached) for programmatic access.
Rate limiting: 50 req/day (free), 500 req/hr (solo), 2000 req/hr (growth).
Idempotency: X-Idempotency-Key header — 24-hour cache, graceful Redis fallback.
Webhooks: HMAC-SHA256 signature in X-IUSign-Signature header. Constant-time comparison. 5 retries.
The iusign Python package wraps every API endpoint in a fluent client. Install via pip install -e sdks/python/ (local).
Export the IUSign_API_Collection.postman_collection.json file and import it into Postman. It includes 35+ requests organized into 5 folders. Environment variables for base_url and api_key are auto-configured.
Every webhook POST includes X-IUSign-Signature: sha256=hmac. Verify by computing hmac_sha256(secret, request_body) and comparing in constant time. Never use == for signature comparison — it's vulnerable to timing attacks.
Create your free account and send your first document in under 3 minutes.
Get Started Free