Getting Started

Introduction to Adamo Sign

Copy page

Welcome to Adamo Sign Documentation

Adamo Sign is an enterprise document management and electronic signature platform designed for organizations that need centralized document control with strong security and legal compliance. Our API lets you embed signature workflows, manage signers, track document status in real time, and choose the level of legal assurance that fits each use case.

What Can You Build?

Use Case	Description
✍️ Simple Signature (E-Contract)	Lightweight signing for internal approvals and routine operational processes
🛡️ Robust Signature (E-Contract)	Identity-verified signing for legal contracts and third-party agreements
⛓️ Blockchain Signature (Smart-Contract)	Tamper-proof signatures with blockchain storage for maximum integrity and legal trust
📁 Document Management	Centralized storage, custom folders, retrieval and download
👥 Contact Management	Reusable directory of frequent signers
🔔 Webhooks & Tracking	Real-time notifications and status updates (Completed / Pending / Rejected)

---

Quick Start Guide

Step 1: Get Your Credentials

Contact our IT team to receive your QA environment credentials (username and password).

Step 2: Authenticate

The Adamo Sign API uses two authentication flows:

For users:

Code
 
──────────────────────────────────────────────────────────────────────────────
  1. LOGIN                                                    
     POST /auth/login
     Body: { "username": "...", "password": "..." }                               
     ↓ Returns: Refresh Token (valid ~1000 hours)             
──────────────────────────────────────────────────────────────────────────────
  2. GET SYSTEM ACCESS TOKEN                                  
     GET /auth/access-token                                   
     Headers: Authorization: Bearer (refresh-token)            
     ↓ Returns: Access Token (valid ~16.6 hours)                
──────────────────────────────────────────────────────────────────────────────
  3. GENERATE API KEYS                                        
     GET /auth/generate-api-keys                              
     Headers: Authorization: bearer (access-token)             
     ↓ Returns: clientid + apiKey + apiSecret       (⚠️ store securely!)    
──────────────────────────────────────────────────────────────────────────────
  4. CREATE authString (MANUAL STEP - NOT AUTOMATIC)         
     • Concatenate: clientId:apiSecret                         
     • Base64 encode using online tool or command line:       
       echo -n "clientId:apiSecret" | base64                  
     • Result is your authString                              
──────────────────────────────────────────────────────────────────────────────
  5. GET API ACCESS TOKEN                                               
     GET /auth/api-access-token                                         
     Headers: Authorization: Bearer {{authString}} +  X-API-KEY: (apiKey)
     ↓ Returns: X-APIGW-AUTH (valid ~5 minutes)                         
──────────────────────────────────────────────────────────────────────────────

Step 3: Make API Calls

Include these headers in all transactional requests:

Code
 
X-APIGW-AUTH: <jwt>
X-API-KEY: <your_api_key>
Accept: application/json

---

API Environments

Environment	Base URL	Purpose
Sandbox	https://api-sign-qa.adamoservices.co	Testing & Development

---

Signature Levels

Adamo Sign offers three signature tiers so you can match the level of legal assurance to the value and risk of each document:

Simple Signature — E-Contract

Ideal for internal approvals and routine operational processes. Fast to issue, minimal friction for the signer.

Robust Signature — E-Contract

For legal contracts and third-party agreements where identity verification is required. Adds biometric and identity-validation steps.

Blockchain Signature — Smart-Contract

For documents that demand maximum integrity, immutability and legal trust. Each signature event is anchored in blockchain storage.

---

Core API Resources

Endpoint tables will be added once we document each resource from the Postman collection.

🔐 Authentication

Manage sessions, tokens, and API keys for secure access.

Endpoint	Method	Description
/auth/login	POST	Obtain a Refresh Token
/auth/access-token	GET	Exchange Refresh Token for System Access Token
/auth/generate-api-keys	GET	Create API Key + Secret pair
/auth/current-api-keys-generated	GET	List active API keys
/auth/delete-api-key	POST	Revoke an API key
/auth/api-access-token	GET	Get Bearer Token for API calls

Token Lifecycle Summary:

Token Type	Validity	How to Refresh
Refresh Token	~1000 hours	Re-authenticate via /auth/login
System Access Token	~16 hours	Call /auth/access-token with Refresh Token
Bearer Token	5 minutes	Call /auth/api-access-token with API credentials

📄 Documents

Create and manage documents through their full lifecycle: draft a document with its signers and signature positions, publish it, version it, list and search the catalog, manage comments and trigger signer notifications.

Document lifecycle

Endpoint	Method	Description
/documents	GET	List documents (paginated, filterable by status, id, or text search)
/documents	POST	Create a new document in DRAFT with signers and signature positions
/documents	PATCH	Update an existing document (status, name, signers)
/documents	DELETE	Soft-delete a single document by id
/documents/many	DELETE	Soft-delete several documents in a single call
/documents/finish-registration	POST	Close a draft so signers can start signing
/documents/version	POST	Create a new version of an existing document
/documents/suggestions	GET	Lightweight document suggestions for autocomplete
/documents/nodes	GET	Structural nodes (pages, fields, signature positions) of a document
/reports/documents	GET	Aggregated metrics about your documents (counts by status, throughput)

Comments

Endpoint	Method	Description
/documents-comments	GET	List comments attached to a document
/documents-comments	POST	Create a comment on a document
/documents-comments	PATCH	Update an existing comment (author only)
/documents-comments	DELETE	Delete a comment (author or document owner)

Notifications & guest access

Endpoint	Method	Description
/notification/signee	POST	Send a one-off notification to a signer for a document
/notification/signature-reminder	POST	Send a signature reminder for all pending documents of a user
/guest-link/get-guest-hash	POST	Generate a guest-link hash for a non-registered signer

✍️ Signatures

Operate on the signer side of the flow: read the authenticated user's registered signature, sign or reject documents, verify a signature's validity, and exchange signer personal data through a request/approval cycle.

Sign & verify

Endpoint	Method	Description
/signatures/user-signature	GET	Read the authenticated user's registered electronic signature
/signatures/sign-document	POST	Sign a document using the user's signature and pincode
/signatures/reject-document-signature	POST	Reject the request to sign a document with a recorded reason
/signatures/verify	POST	Verify a signature hash and return the owner's document number
/signatures/admin/verify	POST	Administrative variant of signature verification

Signer data requests

Endpoint	Method	Description
/signature-data/request-data	POST	Request personal data of a signer identified by their document number
/signature-data/update-request	PATCH	Approve or reject a pending signer-data request
/signature-data/read	GET	Read the signer data shared after a request was approved

---

Next Steps

1. Explore the API Reference — Full endpoint documentation with request/response schemas (in progress)
2. Set up authentication — Follow the auth flow to obtain your tokens
3. Test in Sandbox — Issue test signatures before going live

---

Need Help?

Contact our team for:

• QA environment credentials
• Technical support
• Production access approval