Server Side
From the server side perspective, you need to create several fundamental objects:- Get a platform API key and Secret (representing your platform).
- Generate a platform token.
- Create a client for each business that use your platform.
- Generate client tokens.
- Create client users for each end-user of the businesses on your platform.
Get a platform API key and Secret
To begin using Sendforsign and gain the capability to generate documents through our infrastructure, you need to create your SFS account. Creating a new account will automatically generate a unique API key and Secret for you.
API key
Generate a platform token
To create a new token for accessing the SFS API, first you need to callPOST /api/token
with the request body
containing the apiKey
and Secret
values you obtained in the previous step.
The /api/token
endpoint does not require any authentication headers, which is in line with the OAuth 2.0 standard.
cURL
Never store your client secret in plain text. Always treat it in a way you treat
any other passwords and API keys in your system, and use a special encrypted storage for this type of sensitive data.
201 Created
response contains the access_token
and its validity time (in seconds):
JSON
Handle platform token expiry
A partner token is valid only for 1800 seconds (which is 30 minutes). If you will make a request with an expired token, SFS responds back with a 401 Unauthorized error:JSON
Create a client for each business that use your platform
For each client you have in your platform, you need to create a corresponding client within the SFS platform. Here, you don’t need to duplicate all the information you already have about your customers – submit only what’s required by SFS. For more information about entities, refer to SFS account structure. To create a client, make a POST request to the/api/client
endpoint.
The request’s payload represents details of the client to be created. In the header, specify the platform Bearer token
:
cURL
201 OK
response contains the clientKey
:
JSON
Generate client tokens
A Client token is a specific token issued for an individual platform client. These tokens allowing actions to be directly linked to specific client within your platform. To generate a client token, callPOST /api/token
, and specify the Key of this client in clientKey
(from the previous step)
request field, and specify the platform Bearer token
in the header:
cURL
201 Created
response contains the access_token
and its validity time (in seconds):
JSON
Handle client token expiry
A partner token is valid only for 1800 seconds (which is 30 minutes). If you will make a request with an expired token, SFS responds back with a 401 Unauthorized error:JSON