SignaTrust API

Documents cryptographically
signed and verified.
Independently, forever.

Build signing into your product on the same blockchain-anchored foundation our core product uses. Same API your customers' auditors accept as evidence.

Read the API Docs View Pricing

5 minutes from signup to first signed contract in production.

curl
POST /api/v1/envelopes
# Step 1: Upload a PDF, get a document_id back
curl -X POST https://app.signatrust.io/api/v1/documents/upload \
  -H "x-api-key: sk_live_..." \
  -F "file=@nda.pdf" \
  -F "name=NDA for Contractor"
# → { "id": "doc_4f1c", ... }

# Step 2: Create + send the envelope
curl -X POST https://app.signatrust.io/api/v1/envelopes \
  -H "x-api-key: sk_live_..." \
  -H "Content-Type: application/json" \
  -d '{
    "name": "NDA for Contractor",
    "securityLevel": "VERIFIED",
    "documentIds": ["doc_4f1c"],
    "signers": [
      { "name": "Bob", "email": "bob@example.com" }
    ]
  }'
# → 201 Created
#   envelope_id: env_8f2a
#   blockchain.tx: pending
#   access_token sent to Bob via email

Why SignaTrust API

10× cheaper per envelope

$0.099–$0.49 per envelope vs $0.50–$1.00 at legacy enterprise APIs. Same volume tiers, fraction of the bill.

Composite hash anchor

SHA-256 binds document, signers, and audit trail into one hash on Solana. One byte changes — verification breaks.

MCP server for AI

Claude and ChatGPT can send and verify envelopes in natural language. No other e-signature API ships this.

OpenAPI 3.1 spec

Public spec at /api-docs. Generate clients in any language with the standard tooling you already have.

How the proof works

Your document, signer metadata, and the full audit trail are bound into a single SHA-256 hash. That hash is written to the Solana blockchain when the envelope completes.

Document
Signer Metadata
Audit Trail
SHA-256 Composite Hash
Solana Blockchain Anchor

Anyone — including an auditor who has never heard of SignaTrust — can verify a signed document by recomputing the hash and checking the Solana transaction. Verification works without calling our API. It works if we cease to exist.

Try it: verify an envelope Read the whitepaper

Pricing built for shipping

All paid tiers include the OpenAPI spec, MCP server, and Standard rate limits.

API Starter

$49/mo

100 envelopes included

  • v1 REST API + webhooks
  • OpenAPI 3.1 spec
  • MCP server access
  • Standard rate limits
MOST POPULAR

API Growth

$149/mo

1,000 envelopes included

  • Everything in Starter
  • Priority support
  • Advanced webhook events
  • Higher rate limits

API Scale

$499/mo

5,000 envelopes included

  • Everything in Growth
  • White-label option
  • Custom rate limits
  • Dedicated support

Per-envelope cost at API Scale volume

$0.099 / envelope

Legacy enterprise e-signature APIs: $0.50–$1.00 / envelope

A generational shift in what an e-signature API does

Most e-signature APIs are infrastructure built for the 2010s — vendor-controlled audit trails, per-seat economics, no AI, no agent surface. Here's what changes when you move to next-generation.

CapabilitySignaTrust API
Next-generation
Legacy enterprise APIs
Annual contract, per-seat
Pay-as-you-go APIs
Per-call billing
Entry tier monthly$49 / 100 envelopesCustom SOW$10–$50 base + per-call
Per-envelope cost at scale$0.099$0.50 – $1.00$0.10 – $0.40
Blockchain anchor (composite hash on-chain)✅ Solana❌ vendor database only❌ vendor database only
MCP server for AI agents (Claude / ChatGPT)✅ GA⚠ early beta
OpenAPI 3.1 spec public
Webhook HMAC signing✅ per-hook secret
Independent verification (works if vendor disappears)✅ on-chain
Three-tier identity (Standard / Verified / Certified-passkey)❌ single tier❌ single tier
AI contract analysis at the API✅ Gemini
Pricing modelFlat tier + envelope overagesAnnual contract + per-seatPer-call only

Comparison reflects the structural model of each category, not any specific vendor. Pricing represents typical publicly listed API plans as of April 2026.

Higher volume, white-label, or custom limits?

Above 5,000 envelopes/mo, custom rate limits, custom data residency, org-scoped caps for your end customers — every limit is set per organization. Talk to our team and we'll configure exactly what you need.

Talk to our team

From zero to first envelope in 5 minutes

  1. 1
    Sign up for an API Starter account
  2. 2
    Create an API key in the Developer Console
  3. 3
    Upload a PDF — get a document_id
  4. 4
    Create an envelope with that document_id and a signer's email
  5. 5
    Your signer gets an email with a one-click signing link
Start the quickstart

Give your AI assistant the power to sign for you

SignaTrust ships an official Model Context Protocol server. Claude, ChatGPT, and other LLM clients can list envelopes, send contracts, analyze drafts with AI, void envelopes, and verify blockchain anchors — all through natural-language conversation.

claude mcp add signatrust -- npx -y @signatrustdev/mcp-server

No other e-signature API ships this.

MCP Server documentation
For platform builders

Embed signing into your product

Two ways to ship with SignaTrust: build from API primitives (the everything-from-scratch path above), or embed our signing surface inside your existing productso your users never feel like they left. Pick the lane that matches what you're building.

Lane 1

Build with the API primitives

You want full control over UX. Render your own signing screens. Use SignaTrust as the cryptographic + blockchain backend. Best for: standalone signing apps, vertical SaaS where signing is the core surface.

  • Full v1 REST API + webhooks
  • Render PDF + capture signature client-side
  • You own the entire UX
Most partners pick this
Lane 2

Embed our hosted signing surface

You want to add signing to a product you already have. Drop in our hosted signing page (your branding, your domain), wire one webhook. Best for: PropTech, fintech, healthcare platforms, marketplaces — your users sign without leaving your app.

  • White-label signing room (your logo, colors, domain)
  • Custom from: address on signer notifications
  • Embed via iframe or redirect with custom CSP
  • Co-branded completion certificate
  • Webhooks land in your app — chain into your flow
$0.099
per envelope at API Scale tier — flat, never per-seat
An afternoon
to ship Lane 2 (hosted surface + one webhook)
No FDE fees
technical review with our team is free for serious deployments
Talk to our partner team

Security controls built for integrators

Not just "your docs are safe" — the specific primitives you need to ship a secure integration.

Scoped API keys

Mint keys with minimum scopes — envelopes:read, envelopes:write, documents:write, ai:analyze, templates:read. Rotate without downtime.

Webhook signing

Every webhook event is HMAC-signed. Verify with one stdlib call. No replay attacks.

Rate limits + correlation IDs

Per-tier rate limits with per-key tracking. Every request returns x-correlation-id for distributed tracing across your logs + ours.

Hash-chained audit log

Query the audit log via API. Every event includes the previous-hash — tampering breaks the chain deterministically.

A webhook event + verification — copy-paste ready

Most integrations spend more time on webhook handling than the create-envelope call. Here's what lands in your app and how to verify it.

// POST https://your-app.com/webhooks/signatrust
{
  "id": "evt_a3c1f5...",
  "type": "envelope.completed",
  "created": "2026-04-30T22:14:03Z",
  "data": {
    "envelopeId": "env_8f2a",
    "blockchain": {
      "network": "solana-mainnet",
      "txId": "5xT2c...",
      "compositeHash": "9f3a..."
    }
  }
}

// HMAC verification using the published helper
import { verifyWebhookSignature } from "@signatrustdev/signatrust-sdk";

const signature = req.headers["x-signatrust-signature"];   // e.g. "t=1714509243,v1=a3c1..."
const isValid = verifyWebhookSignature(req.rawBody, signature, WEBHOOK_SECRET);
if (!isValid) return res.status(401).end();

SDK and language support

import { SignaTrustClient } from "@signatrustdev/signatrust-sdk";

const client = new SignaTrustClient({
  apiKey: process.env.SIGNATRUST_API_KEY!,
  baseUrl: "https://app.signatrust.io",
});

// 1. Upload the document
const doc = await client.createDocument({
  file: fs.createReadStream("./nda.pdf"),
  name: "NDA for Contractor",
});

// 2. Create the envelope referencing the document
const envelope = await client.createEnvelope({
  name: "Master Service Agreement",
  securityLevel: "CERTIFIED",
  documentIds: [doc.id],
  signers: [{ name: "Alice", email: "alice@acme.com" }],
});

// envelope.id, envelope.signers[0].accessToken, envelope.blockchain.txId — all typed
One-time install setup: the SDK is published to GitHub Packages, so first-time install needs an authenticated .npmrc entry — full instructions in the SDK README. Same setup applies to the MCP server package.

Available today

Node.js / TypeScriptcurlOpenAPI 3.1 spec

Generate from OpenAPI spec

PythonGoRubyPHPRustJavaSwiftKotlin

Official SDKs coming

Python (Q2 2026)Go (Q3 2026)

SOC 2 Type II

In progress

HIPAA BAA

Available — Business tier

GDPR compliant

By design

Hash-chained audit log

Tamper-evident

Ready to ship?

API Starter is self-serve. Larger deployments get a technical review with our team.

Talk to our team Book a technical review

Questions first? See the docs, or email developers@signatrust.io.