Sign API

Enable instant biometric signing for lightweight legal agreements, terms of service, data attestations, and policy acknowledgments.

Overview

The Sign API provides instant biometric signing for lightweight legal use cases. Perfect for terms of service, privacy policies, data attestations, and other agreements that require legal binding but don't need document attachments.

 Use Sign API For

  • " Terms of service agreements
  • " Privacy policy acknowledgments
  • " Data honesty attestations
  • " Simple consent forms
  • " Compliance acknowledgments
  • " Lightweight agreements

=� Use Messaging API For

  • " Document signing with attachments
  • " Contracts and legal documents
  • " Multi-party signing workflows
  • " High-stakes legal agreements
  • " Document version control
Learn about Messaging API �

Endpoint

POST https://sign.api.uip.id/v1

Headers

Authorization: Bearer YOUR_API_KEY
Content-Type: application/json

Request Parameters

ParameterTypeRequiredDescription
webhook_urlstringYesURL to receive signing results
document_titlestringYesTitle/name of what the user is signing
document_contentstringYesFull text content that the user will sign
metadataobjectNoAdditional data to associate with the signature

Request Examples

Terms of Service Signing

{
  "webhook_url": "https://myapp.com/webhooks/uip/sign",
  "document_title": "Terms of Service v2.1",
  "document_content": "By using MyApp, you agree to the following terms and conditions...[full terms text]",
  "metadata": {
    "version": "2.1",
    "user_ip": "192.168.1.1",
    "timestamp": "2024-01-15T10:30:00Z"
  }
}

Data Honesty Attestation

{
  "webhook_url": "HealthCare Portal",
  "webhook_url": "https://healthcare.com/webhooks/uip/attestation",
  "document_title": "Medical Information Accuracy Attestation",
  "document_content": "I attest that all medical information I have provided is accurate and complete to the best of my knowledge. I understand that providing false information may affect my care and could have legal consequences.",
  "metadata": {
    "form_id": "medical_intake_2024_001",
    "patient_id": "PT_987654321"
  }
}

Privacy Policy Acknowledgment

{
  "webhook_url": "SecureBank",
  "webhook_url": "https://securebank.com/api/privacy-ack",
  "document_title": "Privacy Policy Update - January 2024",
  "document_content": "We have updated our Privacy Policy to better explain how we collect, use, and protect your personal information...[full privacy policy]",
  "metadata": {
    "policy_version": "2024.01",
    "update_type": "mandatory_acknowledgment",
    "previous_version": "2023.12"
  }
}

Response Format

The API returns session information and, for desktop flows, a QR code for the user to scan with their mobile UIP app to complete the signing process.

{
  "session_id": "sign_sess_1234567890abcdef",
  "qr_data": "uip://sign/sign_sess_1234567890abcdef",
  "mobile": false,
  "qr_image_url": "https://qr.uip.id/sign_sess_1234567890abcdef.png",
  "expires_in": 300,
  "document_hash": "sha256:a1b2c3d4e5f6..."
}

Response Fields

FieldTypeDescription
session_idstringUnique identifier for this signing session
qr_datastringUIP protocol URL for signing
mobilebooleanWhether request was detected as coming from mobile
qr_image_urlstringPre-generated QR code image URL (desktop only)
expires_inintegerSession expiration time in seconds (300 = 5 minutes)
document_hashstringSHA-256 hash of the document content for integrity verification

Webhook Response

After the user completes the signing process in their UIP app, you'll receive a webhook with the signature result and cryptographic proof.

Successful Signature

{
  "event": "signature_completed",
  "session_id": "sign_sess_1234567890abcdef",
  "status": "success",
  "signature_data": {
    "uip_id": "uip_user_9876543210",
    "document_title": "Terms of Service v2.1",
    "document_hash": "sha256:a1b2c3d4e5f6...",
    "signature": "uip_sig_abc123def456...",
    "signed_at": "2024-01-15T10:35:00Z",
    "signer_info": {
      "full_name": "Alice Johnson",
      "verified": true,
      "verification_level": "government_id"
    }
  },
  "metadata": {
    "version": "2.1",
    "user_ip": "192.168.1.1",
    "timestamp": "2024-01-15T10:30:00Z"
  },
  "timestamp": "2024-01-15T10:35:00Z"
}

Failed/Cancelled Signature

{
  "event": "signature_completed",
  "session_id": "sign_sess_1234567890abcdef",
  "status": "failed",
  "error": "user_cancelled",
  "error_description": "User cancelled the signing request",
  "timestamp": "2024-01-15T10:40:00Z"
}

= Signature Verification

Each signature includes cryptographic proof that can be independently verified:

  • " signature - Cryptographic signature by user's private key
  • " uip_id - Links to verified identity
  • " signed_at - Tamper-proof timestamp

Common Use Cases

=� Compliance & Policies

  • " Terms of service updates
  • " Privacy policy acknowledgments
  • " Code of conduct agreements
  • " Compliance training completion
  • " Safety protocol acknowledgments

🏥 Healthcare & Medical

  • • Medical information accuracy attestations
  • • Treatment consent forms
  • • HIPAA authorization signatures
  • • Prescription accuracy confirmations
  • • Health screening acknowledgments

� Business & Employment

  • " Employee handbook acknowledgments
  • " Data honesty attestations
  • " Training completion certificates
  • " Conflict of interest declarations
  • " Expense report verifications

= Security & Verification

  • • Identity verification confirmations
  • • Data processing consent
  • • Account recovery attestations
  • • Security policy agreements
  • • Access request approvals

Complete Implementation

// JavaScript implementation
async function requestSignature(documentTitle, documentContent, metadata = {}) {
  try {
    const response = await fetch('https://sign.api.uip.id/v1', {
      method: 'POST',
      headers: {
        'Authorization': 'Bearer ' + YOUR_API_KEY,
        'Content-Type': 'application/json'
      },
      body: JSON.stringify({
        webhook_url: 'https://myapp.com/webhooks/uip/sign',
        document_title: documentTitle,
        document_content: documentContent,
        metadata: metadata
      })
    });

    if (!response.ok) {
      throw new Error(`HTTP error! status: ${response.status}`);
    }

    const data = await response.json();
    
    if (data.mobile) {
      // Mobile flow: redirect to UIP app
      window.location.href = data.qr_data;
    } else {
      // Desktop flow: show QR code
      displaySigningQR(data.qr_image_url, data.expires_in, documentTitle);
    }
    
    return data.session_id;
  } catch (error) {
    console.error('UIP signature request failed:', error);
    throw error;
  }
}

function displaySigningQR(imageUrl, expiresIn, documentTitle) {
  const container = document.getElementById('qr-container');
  
  container.innerHTML = `
    

      
Sign: ${documentTitle}

      UIP Signing QR Code
      
Scan with your UIP app to sign

      
Expires in ${Math.floor(expiresIn / 60)} minutes

    

  `;
  
  // Start countdown timer
  startCountdown(expiresIn);
}

// Usage examples
requestSignature(
  'Terms of Service v2.1',
  'By using our service, you agree to...',
  { version: '2.1', user_ip: getUserIP() }
);

// For data attestation
requestSignature(
  'Data Accuracy Attestation',
  'I confirm that all information provided is accurate and complete.',
  { form_id: 'profile_update_001' }
);

Next Steps

Ready to implement UIP signing in your application?

Get API Keys Document Signing (Messaging API)