### GET /v2/sign_requests/by_key/{sign_request_key} Source: https://app.stiply.nl/api-documentation/v2 Returns the properties of the sign request with the specified key. ```APIDOC ## GET /v2/sign_requests/by_key/{sign_request_key} ### Description Returns the properties of the sign request with the specified key. ### Method GET ### Endpoint https://api.stiply.nl/v2/sign_requests/by_key/{sign_request_key} ### Parameters #### Path Parameters - **sign_request_key** (string) - Required - Key of the signrequest. ### Response #### Success Response (200) - Returns the sign request properties. ``` -------------------------------- ### GET /v2/sign_requests/{sign_request}/actions/download_proof_document Source: https://app.stiply.nl/api-documentation/v2 Downloads the proof document of a completed sign request. ```APIDOC ## GET /v2/sign_requests/{sign_request}/actions/download_proof_document ### Description Downloads the proof document of a completed sign request. ### Method GET ### Endpoint /v2/sign_requests/{sign_request}/actions/download_proof_document ### Parameters #### Path Parameters - **sign_request** (integer) - Required - Id of the signrequest. ### Response #### Success Response (200) - The proof document of a completed sign request ``` -------------------------------- ### GET /v2/sign_requests/by_key/{external_key} Source: https://app.stiply.nl/api-documentation/v2 Returns the properties of the sign request with the specified external key. ```APIDOC ## GET /v2/sign_requests/by_key/{external_key} ### Description Returns the properties of the sign request with the specified external key. ### Method GET ### Endpoint https://api.stiply.nl/v2/sign_requests/by_key/{external_key} ### Parameters #### Path Parameters - **external_key** (string) - Required - External key. ### Response #### Success Response (200) - **data** (object) - The sign request details. - **message_timestamp** (string) - Timestamp of the response. ``` -------------------------------- ### GET /v2/sign_requests/{sign_request}/actions/download_files Source: https://app.stiply.nl/api-documentation/v2 Returns a zip file containing all documents associated with a sign request. If completed, a proof document is included. ```APIDOC ## GET /v2/sign_requests/{sign_request}/actions/download_files ### Description Returns a zip file which contains all the sign request's documents. When the sign request is completed, a proof document is included in the zip file. ### Method GET ### Endpoint /v2/sign_requests/{sign_request}/actions/download_files ### Parameters #### Path Parameters - **sign_request** (integer) - Required - Id of the signrequest. ### Response #### Success Response (200) - The files in this signrequest in ZIP format ``` -------------------------------- ### GET /v2/sign_requests/{sign_request} Source: https://app.stiply.nl/api-documentation/v2 Retrieves the properties of a specific sign request by its ID. ```APIDOC ## GET /v2/sign_requests/{sign_request} ### Description Returns the properties of the sign request with the specified ID. ### Method GET ### Endpoint https://api.stiply.nl/v2/sign_requests/{sign_request} ### Parameters #### Path Parameters - **sign_request** (integer) - Required - Id of the signrequest. ### Response #### Success Response (200) - **data** (object) - The sign request details. - **message_timestamp** (string) - Timestamp of the response. ``` -------------------------------- ### GET /v2/sign_requests/{sign_request}/signer_attachments/{signer_attachment}/actions/download_file Source: https://app.stiply.nl/api-documentation/v2 Downloads a document that was uploaded by a signer. ```APIDOC ## GET /v2/sign_requests/{sign_request}/signer_attachments/{signer_attachment}/actions/download_file ### Description Downloads a document uploaded by a signer. ### Method GET ### Endpoint /v2/sign_requests/{sign_request}/signer_attachments/{signer_attachment}/actions/download_file ### Parameters #### Path Parameters - **sign_request** (integer) - Required - Id of the signrequest. - **signer_attachment** (integer) - Required - Id of the signer attachment. ### Response #### Success Response (200) Specific document uploaded by a signer. ``` -------------------------------- ### GET /v2/sign_requests/{sign_request}/progress Source: https://app.stiply.nl/api-documentation/v2 Retrieves the progress history of a specific sign request. ```APIDOC ## GET /v2/sign_requests/{sign_request}/progress ### Description Returns a list with progresses of the provided sign request. ### Method GET ### Endpoint /v2/sign_requests/{sign_request}/progress ### Parameters #### Path Parameters - **sign_request** (integer) - Required - Id of the signrequest. ### Response #### Success Response (200) - **data** (array) - List of progress entries #### Response Example { "data": [ { "action": "string", "ip": "string", "location": "string", "system": "string", "value": "string", "status": "string", "created_at": "2019-08-24T14:15:22Z" } ] } ``` -------------------------------- ### GET /oauth/authorize Source: https://app.stiply.nl/api-documentation/v2 Redirects the user to the Stiply authorization page to grant consent to your application. ```APIDOC ## GET https://app.stiply.nl/oauth/authorize ### Description Initiates the OAuth2 authorization flow by redirecting the user to the Stiply login and consent page. ### Method GET ### Endpoint https://app.stiply.nl/oauth/authorize ### Parameters #### Query Parameters - **response_type** (string) - Required - Must be set to 'code'. - **client_id** (string) - Required - The client ID of the registered application. - **redirect_uri** (string) - Required - The exact redirect URL registered for the client. - **scope** (string) - Optional - Comma-separated list of scopes to request. ``` -------------------------------- ### Sign Request Payload Source: https://app.stiply.nl/api-documentation/v2 Example JSON payload for creating a new sign request with a title, file URL, and signer details. ```json { "title": "Contract X", "file_urls": [ "https://dropbox.com/document-1.pdf" ], "signers": [ { "email": "user@example.com", "fields": [ { "name": "signature_0", "type": "signature" } ] } ] } ``` -------------------------------- ### GET /v2/sign_requests/{sign_request}/documents Source: https://app.stiply.nl/api-documentation/v2 Returns a list of documents associated with a specific sign request. ```APIDOC ## GET /v2/sign_requests/{sign_request}/documents ### Description Returns a list with documents of the provided sign request. ### Method GET ### Endpoint /v2/sign_requests/{sign_request}/documents ### Parameters #### Path Parameters - **sign_request** (integer) - Required - Id of the signrequest. ### Response #### Success Response (200) - **data** (array) - List of documents #### Response Example { "data": [ { "id": 1, "filename": "string", "name": "string", "file_size": 0, "mime_type": "string", "download_url": "http://example.com", "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z" } ] } ``` -------------------------------- ### GET /v2/sign_requests Source: https://app.stiply.nl/api-documentation/v2 Retrieves a list of sign requests that the user is authorized to view in their default account. Supports pagination and filtering by status. ```APIDOC ## Get a list with sign requests ### Description Returns a list of sign requests the user is allowed to view in the user's default account. ### Method GET ### Endpoint /v2/sign_requests ### Parameters #### Query Parameters - **page** (integer) - Optional - Page number to get. Default is 1. - **page_size** (integer) - Optional - Number of items to list per page. Default is 100, maximum is 100. - **orderby** (string) - Optional - Order by statement to order the results on. (e.g. title asc,created_at desc) - **status** (string) - Optional - When provided, only sign requests with the provided status are fetched. ### Responses #### Success Response (200) - **sign_requests** (array) - List of sign requests. ### Request Example ``` https://api.stiply.nl/v2/sign_requests?page=1&page_size=20&status=completed ``` ``` -------------------------------- ### GET /v2/sign_requests/{sign_request}/documents/{document}/actions/download_file Source: https://app.stiply.nl/api-documentation/v2 Downloads a specific document from a sign request in PDF format. ```APIDOC ## GET /v2/sign_requests/{sign_request}/documents/{document}/actions/download_file ### Description Downloads the specified document in PDF format. ### Method GET ### Endpoint /v2/sign_requests/{sign_request}/documents/{document}/actions/download_file ### Parameters #### Path Parameters - **sign_request** (integer) - Required - Id of the signrequest. - **document** (integer) - Required - Id of the document. ### Response #### Success Response (200) The document in PDF format. ``` -------------------------------- ### GET /v2/sign_requests/{sign_request}/signer_attachments Source: https://app.stiply.nl/api-documentation/v2 Retrieves a list of all signer attachments for a given sign request. ```APIDOC ## GET /v2/sign_requests/{sign_request}/signer_attachments ### Description Retrieves a list of all signer attachments for a given sign request. ### Method GET ### Endpoint /v2/sign_requests/{sign_request}/signer_attachments ### Parameters #### Path Parameters - **sign_request** (integer) - Required - Id of the signrequest. ### Response #### Success Response (200) - **data** (array) - An array of signer attachment objects. - **id** (integer) - The ID of the attachment. - **signer_id** (integer) - The ID of the signer. - **description** (string) - A description of the attachment. - **optional** (boolean) - Indicates if the attachment is optional. - **has_document** (boolean) - Indicates if the attachment has an associated document. - **identity_information** (object) - Information about the signer's identity. - **date_of_birth** (string) - The date of birth. - **personal_number** (string) - The personal number. - **mrz_code** (string) - The Machine Readable Zone code. - **first_name** (string) - The first name. - **last_name** (string) - The last name. - **gender** (string) - The gender. - **document_number** (string) - The document number. - **middle_name** (string) - The middle name. - **nationality** (string) - The nationality. - **place_of_birth** (string) - The place of birth. - **expiration_date** (string) - The expiration date. - **date_of_issue** (string) - The date of issue. - **country** (string) - The country. ### Response Example { "data": [ { "id": 1, "signer_id": 0, "description": "string", "optional": true, "has_document": true, "identity_information": { "date_of_birth": "string", "personal_number": "string", "mrz_code": "string", "first_name": "string", "last_name": "string", "gender": "string", "document_number": "string", "middle_name": "string", "nationality": "string", "place_of_birth": "string", "expiration_date": "string", "date_of_issue": "string", "country": "string" } } ] } ``` -------------------------------- ### GET /v2/sign_requests/{sign_request}/signer_attachments/{signer_attachment} Source: https://app.stiply.nl/api-documentation/v2 Retrieves details for a specific signer attachment. ```APIDOC ## GET /v2/sign_requests/{sign_request}/signer_attachments/{signer_attachment} ### Description Get a specific signer attachment of a sign request. ### Method GET ### Endpoint /v2/sign_requests/{sign_request}/signer_attachments/{signer_attachment} ### Parameters #### Path Parameters - **sign_request** (integer) - Required - Id of the signrequest. - **signer_attachment** (integer) - Required - Id of the signer attachment. ### Response #### Success Response (200) Details of the signer attachment. ``` -------------------------------- ### GET /v2/sign_requests/{sign_request}/signers Source: https://app.stiply.nl/api-documentation/v2 Returns a list of signers associated with the specified sign request. ```APIDOC ## GET /v2/sign_requests/{sign_request}/signers ### Description Returns a list with signers of the provided sign request. ### Method GET ### Endpoint /v2/sign_requests/{sign_request}/signers ### Parameters #### Path Parameters - **sign_request** (integer) - Required - Id of the signrequest. ### Response #### Response Example { "data": [ { "id": 1, "key": "string", "email": "user@example.com", "name": "string", "language": "string", "role": "signer", "auth_method": "sms", "phone": 0, "sign_url": "string", "redirect_url": "string", "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z" } ] } ``` -------------------------------- ### GET /v2/sign_requests/{sign_request}/signers/{signer}/actions/download_signer_attachments Source: https://app.stiply.nl/api-documentation/v2 Downloads all documents uploaded by a specific signer for a sign request in ZIP format. ```APIDOC ## GET /v2/sign_requests/{sign_request}/signers/{signer}/actions/download_signer_attachments ### Description Downloads all documents uploaded by a specific signer for a sign request in ZIP format. ### Method GET ### Endpoint /v2/sign_requests/{sign_request}/signers/{signer}/actions/download_signer_attachments ### Parameters #### Path Parameters - **sign_request** (integer) - Required - Id of the signrequest. - **signer** (integer) - Required - Id of the signer. ### Response #### Success Response (200) - The signer attachment files of the signer in ZIP format. ``` -------------------------------- ### GET /v2/sign_requests/{sign_request}/signers/{signer} Source: https://app.stiply.nl/api-documentation/v2 Retrieves details for a specific signer within a sign request. ```APIDOC ## GET /v2/sign_requests/{sign_request}/signers/{signer} ### Description Get a specific signer from a sign request. ### Method GET ### Endpoint /v2/sign_requests/{sign_request}/signers/{signer} ### Parameters #### Path Parameters - **sign_request** (integer) - Required - Id of the signrequest. - **signer** (integer) - Required - Id of the signer. ``` -------------------------------- ### Get Sign Requests with Status Filter Source: https://app.stiply.nl/api-documentation/v2 Use the GetSignRequests endpoint with a status filter to retrieve sign requests. This is useful for batch polling and stopping polling for completed, expired, or canceled requests. ```http https://api.stiply.nl/v2/sign_requests?status=completed&$orderby=all_signed_at%20desc ``` -------------------------------- ### Register OAuth2 Client Source: https://app.stiply.nl/api-documentation/v2 Instructions on how to register a new OAuth2 client application to use Stiply API authentication flows. ```APIDOC ## Register OAuth2 Client ### Description Register your application to obtain OAuth2 credentials (Client ID and Secret) necessary for API authentication. ### Process 1. Navigate to the API Settings page in your browser. 2. Click the `Create New Client` link. 3. Provide the following information: - **Name** (string): The name of your application. This name will be visible to end users during consent. - **Confidential** (boolean): Indicates if the client is confidential. Set to `yes` for backends that can securely store a secret. Do not set to `yes` for smartphone or single-page applications. - **Redirect URL** (string): The URL where users are redirected after consenting to your application. - **Scopes** (array of strings): The permissions your client requires. Choose from `SignRequest.ReadWrite` or `SignRequest.ReadWrite.Limited`. 4. Click the `Create` button. 5. Your new client will appear in the OAuth clients list, displaying your `Client ID` and `Secret`. ``` -------------------------------- ### Acquire Access Token with Client Credentials Source: https://app.stiply.nl/api-documentation/v2 This flow is for server-to-server authentication where no user interaction is involved. It requires the client ID and secret to obtain an access token. ```curl curl 'https://api.stiply.nl/oauth/token' \ -F 'grant_type=client_credentials' \ -F 'client_id=' \ -F 'client_secret=' ``` ```json { "token_type": "Bearer", "expires_in": 1800, "access_token": "{access_token}" } ``` -------------------------------- ### Multipart Form Data Signer Configuration Source: https://app.stiply.nl/api-documentation/v2 Syntax for defining signers and fields when using multipart/form-data, utilizing zero-based array brackets. ```text signers[0][email]=user@example.com signers[0][fields][0][name]=signature_0 signers[0][fields][0][type]=signature signers[1][email]=user2@example.com signers[1][fields][0][name]=signature_1 signers[1][fields][0][type]=signature ``` -------------------------------- ### Authentication Methods Source: https://app.stiply.nl/api-documentation/v2 Overview of supported security schemes for accessing the Stiply API. ```APIDOC ## Security Definitions ### Personal Access Tokens (PAT) - **Scheme**: HTTP Bearer - **Usage**: Send the token in the `Authorization` HTTP header. ### OAuth2 - **Flows**: `authorizationCode`, `clientCredentials` - **Authorization URL**: `https://app.stiply.nl/oauth/authorize` - **Token URL**: `https://api.stiply.nl/oauth/token` - **Scopes**: - `SignRequest.ReadWrite`: Read, create and update sign requests. - `SignRequest.ReadWrite.Limited`: Create new sign requests and only read/update requests created by this client. ``` -------------------------------- ### Webhook Verification Source: https://app.stiply.nl/api-documentation/v2 Instructions on how to verify the authenticity of incoming webhook requests using the X-Stiply-Signature header. ```APIDOC ## Webhook Verification ### Description All webhook events are signed using a signing secret. The signature is provided in the `X-Stiply-Signature` header as `t=[timestamp],s=[signature]`. ### Verification Steps 1. Extract timestamp (t) and signature (s) from the header. 2. Create the payload string: `timestamp + '.' + request_body`. 3. Compute HMAC SHA-256 using the signing secret as the key. 4. Compare the computed signature with the header signature. ### Request Example ```php $payload = $request->body(); parse_str($signingHttpHeader, $signingHeaderParts); $timestamp = $signingHeaderParts['t']; $signature = $signingHeaderParts['s']; $signingPayload = $timestamp.'.'.$payload; $expectedSignature = hash_hmac('sha256', $signingPayload, $signing_secret); $isValid = $signature === $expectedSignature; ``` ``` -------------------------------- ### POST /v2/sign_requests Source: https://app.stiply.nl/api-documentation/v2 Create and send a new sign request with documents to specified signers. ```APIDOC ## POST /v2/sign_requests ### Description Create and send a new sign request with the provided documents to the provided signers. Supports both JSON (file_urls) and multipart/form-data (file uploads). ### Method POST ### Endpoint https://api.stiply.nl/v2/sign_requests ### Parameters #### Request Body - **title** (string) - Required - The title of the sign request (<= 250 chars). - **subject** (string) - Optional - The subject of the e-mail to the signers. - **message** (string) - Optional - The message to be included in the e-mail to the signers. - **signing_sequence_type** (string) - Optional - Choose if all signers can sign in parallel or sequential. - **term** (string) - Optional - 2 digit code representing the sign term (e.g., 1d, 2w, 3m). - **external_key** (string) - Optional - A unique key for internal use. - **call_back_url** (string) - Optional - URL to be called by Stiply when the last signer has signed. - **comment** (string) - Optional - A comment for internal use. - **background_color_fields** (string) - Optional - Background color for fields (e.g., #ffffff). - **account_id** (integer) - Optional - The id of the account to create the sign request in. - **file_urls** (Array of strings) - Required - List of accessible download URLs for documents. - **signers** (Array of objects) - Required - List of signers. - **attachments** (Array of objects) - Optional - List of attachments. ### Response #### Success Response (200) - **data** (array) - List of created sign request objects. #### Response Example { "data": [ { "id": 1, "key": "string", "external_key": "string", "title": "string", "signing_type": "single", "signing_sequence_type": "sequential", "status": "draft", "sent_at": "2019-08-24T14:15:22Z", "expires_at": "2019-08-24T14:15:22Z", "canceled_at": "2019-08-24T14:15:22Z", "rejected_at": "2019-08-24T14:15:22Z", "all_signed_at": "2019-08-24T14:15:22Z", "call_back_url": "http://example.com", "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z", "user": { "id": 1, "email": "user@example.com", "name": "string" } } ] } ``` -------------------------------- ### POST /webhooks/signer.signrequest.opened Source: https://app.stiply.nl/api-documentation/v2 Webhook event triggered when a sign request is opened by the signer. ```APIDOC ## POST /webhooks/signer.signrequest.opened ### Description This endpoint receives webhook notifications when a sign request is opened by a signer. ### Method POST ### Endpoint /webhooks/signer.signrequest.opened ### Request Body - **header** (any) - Required - Webhook header - **data** (object) - Required - Webhook event data (SignerEventResource) ### Request Example ```json { "header": null, "data": { "id": 1, "key": "string", "email": "user@example.com", "name": "string", "language": "string", "role": "signer", "auth_method": "sms", "phone": 0, "reject_reason": "string", "sign_url": "string", "redirect_url": "string", "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z", "sign_request": { "id": 1, "key": "string", "external_key": "string", "title": "string", "signing_type": "single", "signing_sequence_type": "sequential", "status": "draft", "sent_at": "2019-08-24T14:15:22Z", "expires_at": "2019-08-24T14:15:22Z", "canceled_at": "2019-08-24T14:15:22Z", "rejected_at": "2019-08-24T14:15:22Z", "all_signed_at": "2019-08-24T14:15:22Z", "call_back_url": "http://example.com", "reject_reason": "string", "message": "string", "comment": "string", "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z", "user": { "id": 1, "email": "user@example.com", "name": "string" } }, "attachment_message": "string", "attachments": [ { "id": 1, "document_id": 1, "description": "string", "optional": true, "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z" } ], "signer_progresses": [ { "action": "string", "ip": "string", "location": "string", "system": "string", "value": "string", "created_at": "2019-08-24T14:15:22Z" } ] } } ``` ### Response #### Success Response (200) Indicates that the data was received successfully. #### Error Response (500) Indicates a server error. The endpoint will be retried later. ``` -------------------------------- ### Webhook Event Handling Source: https://app.stiply.nl/api-documentation/v2 Details on how the Stiply API sends webhook events and the expected structure of the payload. ```APIDOC ## POST Webhook Event ### Description Stiply sends events to your registered webhook endpoint via HTTP POST. The endpoint must return a 200 status code upon successful processing. ### Request Body - **header** (object) - Contains metadata about the event. - **message_id** (uuid) - Unique identifier for the message. - **event_type** (string) - The type of event (e.g., `signrequest.completed`). - **timestamp** (string) - ISO 8601 timestamp. - **data** (object) - The event-specific payload. ### Request Example { "header": { "message_id": "uuid", "event_type": "signrequest.completed", "timestamp": "2023-09-19T14:15:22Z" }, "data": {} } ``` -------------------------------- ### Construct Authorization URL Source: https://app.stiply.nl/api-documentation/v2 The URL used to initiate the OAuth2 consent flow for end users. ```text https://app.stiply.nl/oauth/authorize?response_type=code&client_id=&redirect_uri= ``` -------------------------------- ### POST /oauth/token Source: https://app.stiply.nl/api-documentation/v2 Exchanges an authorization code for an access token and a refresh token. ```APIDOC ## POST https://api.stiply.nl/oauth/token ### Description Exchanges the authorization code received from the callback for an access token and a refresh token. ### Method POST ### Endpoint https://api.stiply.nl/oauth/token ### Parameters #### Request Body - **grant_type** (string) - Required - Must be 'authorization_code'. - **code** (string) - Required - The authorization code received in the redirect URL. - **client_id** (string) - Required - The client ID of the registered application. - **client_secret** (string) - Required - The client secret of the registered application. - **redirect_uri** (string) - Required - The exact redirect URL registered for the client. ### Request Example curl 'https://api.stiply.nl/oauth/token' \ -F 'grant_type=authorization_code' \ -F 'code=' \ -F 'client_id=' \ -F 'client_secret=' \ -F 'redirect_uri=' ### Response #### Success Response (200) - **token_type** (string) - The type of token (e.g., 'Bearer'). - **expires_in** (integer) - Expiration time in seconds. - **access_token** (string) - The access token for API requests. - **refresh_token** (string) - The refresh token for acquiring new access tokens. #### Response Example { "token_type": "Bearer", "expires_in": 1800, "access_token": "{access_token}", "refresh_token": "{refresh_token}" } ``` -------------------------------- ### Acquire New Access Token with Refresh Token Source: https://app.stiply.nl/api-documentation/v2 Use this endpoint to obtain a new access token when your current one expires, by providing a valid refresh token. ```APIDOC ## POST /oauth/token ### Description Acquire a new access token using a refresh token. ### Method POST ### Endpoint `https://api.stiply.nl/oauth/token` ### Parameters #### Request Body - **grant_type** (string) - Required - Must be `refresh_token`. - **refresh_token** (string) - Required - The refresh token received previously. - **client_id** (string) - Required - The client ID of the registered client. - **client_secret** (string) - Required - The secret of the registered client. ### Request Example ```json { "grant_type": "refresh_token", "refresh_token": "", "client_id": "", "client_secret": "" } ``` ### Response #### Success Response (200) - **token_type** (string) - The type of the token, typically 'Bearer'. - **expires_in** (integer) - The time in seconds until the access token expires. - **access_token** (string) - The newly acquired access token. - **refresh_token** (string) - The new refresh token. #### Response Example ```json { "token_type": "Bearer", "expires_in": 1800, "access_token": "{access_token}", "refresh_token": "{refresh_token}" } ``` ``` -------------------------------- ### Verify Webhook Signature in PHP Source: https://app.stiply.nl/api-documentation/v2 Use this logic to validate the X-Stiply-Signature header against the request body using the endpoint's signing secret. ```php $payload = $request->body(); parse_str($signingHttpHeader, $signingHeaderParts); $timestamp = $signingHeaderParts['t']; $signature = $signingHeaderParts['s']; $signingPayload = $timestamp.'.'.$payload; $expectedSignature = hash_hmac('sha256', $signingPayload, $signing_secret); $isValid = $signature === $expectedSignature; ``` -------------------------------- ### Acquire New Access Token with Refresh Token Source: https://app.stiply.nl/api-documentation/v2 Use this method to obtain a new access token when the current one expires, using a previously issued refresh token. Requires client ID and secret. ```curl curl 'https://api.stiply.nl/oauth/token' \ -F 'grant_type=refresh_token' \ -F 'refresh_token=' \ -F 'client_id=' \ -F 'client_secret=' ``` ```json { "token_type": "Bearer", "expires_in": 1800, "access_token": "{access_token}", "refresh_token": "{refresh_token}" } ``` -------------------------------- ### Webhook Event Body Structure Source: https://app.stiply.nl/api-documentation/v2 The standard JSON structure for all webhook events, containing a header with metadata and a data section. ```json { "header": { "message_id": "uuid", "event_type": "signrequest.completed", "timestamp": "2023-09-19T14:15:22Z" }, "data": { ... } } ``` -------------------------------- ### Signer Completed Webhook Source: https://app.stiply.nl/api-documentation/v2 Event triggered when a signer has completed signing the documents. ```APIDOC ## POST /signer.completed ### Description Event that occurs when a signer has completed signing the documents. ### Request Body - **header** (any) - Required - Webhook header - **data** (object) - Required - SignerEventResource webhook event data ### Responses #### Success Response (200) - Return a 200 status to indicate that the data was received successfully. #### Error Response (500) - When a 400 or 500 status is returned, the endpoint will be retried later on. ### Request Example { "header": null, "data": { "id": 1, "key": "string", "email": "user@example.com", "name": "string", "language": "string", "role": "signer", "auth_method": "sms", "phone": 0, "reject_reason": "string", "sign_url": "string", "redirect_url": "string", "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z", "sign_request": { "id": 1, "key": "string", "external_key": "string", "title": "string", "signing_type": "single", "signing_sequence_type": "sequential", "status": "draft", "sent_at": "2019-08-24T14:15:22Z", "expires_at": "2019-08-24T14:15:22Z", "canceled_at": "2019-08-24T14:15:22Z", "rejected_at": "2019-08-24T14:15:22Z", "all_signed_at": "2019-08-24T14:15:22Z", "call_back_url": "http://example.com", "reject_reason": "string", "message": "string", "comment": "string", "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z", "user": { "id": 1, "email": "user@example.com", "name": "string" } }, "attachment_message": "string", "attachments": [], "signer_progresses": [] } } ``` -------------------------------- ### Exchange Authorization Code for Token Source: https://app.stiply.nl/api-documentation/v2 A POST request to the token endpoint to exchange an authorization code for access and refresh tokens. ```bash curl 'https://api.stiply.nl/oauth/token' \ -F 'grant_type=authorization_code' \ -F 'code=' \ -F 'client_id=' \ -F 'client_secret=' \ -F 'redirect_uri=' ``` -------------------------------- ### POST /webhooks/signer.signrequest.rejected Source: https://app.stiply.nl/api-documentation/v2 Webhook event triggered when a sign request is rejected by the signer. ```APIDOC ## POST /webhooks/signer.signrequest.rejected ### Description This endpoint receives webhook notifications when a sign request is rejected by a signer. ### Method POST ### Endpoint /webhooks/signer.signrequest.rejected ### Request Body - **header** (any) - Required - Webhook header - **data** (object) - Required - Webhook event data (SignerEventResource) ### Request Example ```json { "header": null, "data": { "id": 1, "key": "string", "email": "user@example.com", "name": "string", "language": "string", "role": "signer", "auth_method": "sms", "phone": 0, "reject_reason": "string", "sign_url": "string", "redirect_url": "string", "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z", "sign_request": { "id": 1, "key": "string", "external_key": "string", "title": "string", "signing_type": "single", "signing_sequence_type": "sequential", "status": "draft", "sent_at": "2019-08-24T14:15:22Z", "expires_at": "2019-08-24T14:15:22Z", "canceled_at": "2019-08-24T14:15:22Z", "rejected_at": "2019-08-24T14:15:22Z", "all_signed_at": "2019-08-24T14:15:22Z", "call_back_url": "http://example.com", "reject_reason": "string", "message": "string", "comment": "string", "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z", "user": { "id": 1, "email": "user@example.com", "name": "string" } }, "attachment_message": "string", "attachments": [ { "id": 1, "document_id": 1, "description": "string", "optional": true, "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z" } ], "signer_progresses": [ { "action": "string", "ip": "string", "location": "string", "system": "string", "value": "string", "created_at": "2019-08-24T14:15:22Z" } ] } } ``` ### Response #### Success Response (200) Indicates that the data was received successfully. #### Error Response (500) Indicates a server error. The endpoint will be retried later. ``` -------------------------------- ### Webhook signer.mail.opened Source: https://app.stiply.nl/api-documentation/v2 Event that occurs when the notification email is opened by a signer. ```APIDOC ## Webhook signer.mail.opened ### Description Event that occurs when the notification email is opened by a signer. ### Request Body - **header** (any) - Required - Webhook header - **data** (object) - Required - SignerEventResource webhook event data ### Response #### Success Response (200) - Return a 200 status to indicate that the data was received successfully. #### Error Response (500) - When a 400 or 500 status is returned, the endpoint will be retried later on. ``` -------------------------------- ### OAuth2 Client Credential Flow Source: https://app.stiply.nl/api-documentation/v2 This flow allows your application to acquire an access token without user interaction, performing actions on behalf of the registered client. ```APIDOC ## POST /oauth/token ### Description Acquire an access token using the client credentials flow. This is used for server-to-server authentication without user interaction. ### Method POST ### Endpoint `https://api.stiply.nl/oauth/token` ### Parameters #### Request Body - **grant_type** (string) - Required - Must be `client_credentials`. - **client_id** (string) - Required - The client ID of the registered client. - **client_secret** (string) - Required - The secret of the registered client. - **scope** (string) - Optional - Comma-separated list of scopes to request consent for. Defaults to `SignRequest.ReadWrite` if the client has it. Otherwise, must be provided. ### Request Example ```json { "grant_type": "client_credentials", "client_id": "", "client_secret": "", "scope": "SignRequest.ReadWrite" } ``` ### Response #### Success Response (200) - **token_type** (string) - The type of the token, typically 'Bearer'. - **expires_in** (integer) - The time in seconds until the access token expires (30 minutes). - **access_token** (string) - The acquired access token. #### Response Example ```json { "token_type": "Bearer", "expires_in": 1800, "access_token": "{access_token}" } ``` ``` -------------------------------- ### Sign Request Opened Webhook Payload Source: https://app.stiply.nl/api-documentation/v2 This is a sample payload for the signer.signrequest.opened webhook event. It represents the data received when a signer opens a sign request. ```json { "header": null, "data": { "id": 1, "key": "string", "email": "user@example.com", "name": "string", "language": "string", "role": "signer", "auth_method": "sms", "phone": 0, "reject_reason": "string", "sign_url": "string", "redirect_url": "string", "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z", "sign_request": { "id": 1, "key": "string", "external_key": "string", "title": "string", "signing_type": "single", "signing_sequence_type": "sequential", "status": "draft", "sent_at": "2019-08-24T14:15:22Z", "expires_at": "2019-08-24T14:15:22Z", "canceled_at": "2019-08-24T14:15:22Z", "rejected_at": "2019-08-24T14:15:22Z", "all_signed_at": "2019-08-24T14:15:22Z", "call_back_url": "http://example.com", "reject_reason": "string", "message": "string", "comment": "string", "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z", "user": { "id": 1, "email": "user@example.com", "name": "string" } }, "attachment_message": "string", "attachments": [ { "id": 1, "document_id": 1, "description": "string", "optional": true, "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z" } ], "signer_progresses": [ { "action": "string", "ip": "string", "location": "string", "system": "string", "value": "string", "created_at": "2019-08-24T14:15:22Z" } ] } } ``` -------------------------------- ### Sign Request Response Structure Source: https://app.stiply.nl/api-documentation/v2 The JSON structure returned upon a successful 200 response for a sign request. ```json { "data": [ { "id": 1, "key": "string", "external_key": "string", "title": "string", "signing_type": "single", "signing_sequence_type": "sequential", "status": "draft", "sent_at": "2019-08-24T14:15:22Z", "expires_at": "2019-08-24T14:15:22Z", "canceled_at": "2019-08-24T14:15:22Z", "rejected_at": "2019-08-24T14:15:22Z", "all_signed_at": "2019-08-24T14:15:22Z", "call_back_url": "http://example.com", "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z", "user": { "id": 1, "email": "user@example.com", "name": "string" } } ] } ``` -------------------------------- ### Webhook Events (Canceled, Completed, Expired) Source: https://app.stiply.nl/api-documentation/v2 Documentation for sign request webhook events including canceled, completed, and expired states. ```APIDOC ## Webhook Events ### Description These webhooks notify your application when a sign request changes status to canceled, completed, or expired. ### Request Body - **header** (any) - Required - Webhook header - **data** (object) - Required - SignRequestEventResource containing request details ### Responses #### Success Response (200) - Return 200 to indicate successful receipt. #### Error Response (500) - Return 400 or 500 to trigger a retry. ### Request Example { "header": null, "data": { "id": 1, "key": "string", "status": "draft", "user": { "id": 1, "email": "user@example.com", "name": "string" } } } ```