API Reference - GetSigned

Base URL

https://api.getsigned.ca

All endpoints are under /v1/.

Authentication

All API endpoints (except POST /oauth/token) require a bearer token:

Authorization: Bearer <access_token>

See Authentication for how to mint a token.

Request format

All POST and PATCH request bodies are application/json
All responses are application/json (except GET /v1/envelopes/{id}/document which returns the PDF binary)

Idempotency

POST requests accept an Idempotency-Key header. Replaying the same request within 24 hours returns the original response without creating a duplicate.

Idempotency-Key: unique-key-per-request

Rate limiting

Every response includes rate limit headers:

Header	Description
`X-RateLimit-Limit`	Requests allowed per window
`X-RateLimit-Remaining`	Requests remaining in current window
`X-RateLimit-Reset`	Unix timestamp when the window resets

When you exceed the limit, you receive 429 Too Many Requests.

Error format

All errors follow this shape:

{
  "type": "validation_error",
  "title": "One or more fields failed validation",
  "status": 400,
  "errors": {
    "tenantId": ["The tenantId field is required."]
  }
}

Status	Meaning
`400`	Validation error — check `errors`
`401`	Missing or expired token
`403`	Token valid but unauthorized for this resource
`404`	Resource not found
`409`	Conflict (e.g. envelope already sent)
`422`	Business rule violation (e.g. voiding a completed envelope)
`429`	Rate limited
`500`	Internal server error — contact support

​Base URL

​Authentication

​Request format

​Idempotency

​Rate limiting

​Error format