Create signing session
create_signing_sessionCreate a single-signer express signing session for PDF documents or action authentication, returning a signing URL and session IDs.
Instructions
⚠️ This performs a consequential, possibly irreversible action (legally-binding signature request and/or quota consumption). Confirm with the human before calling. Create a single-signer "express" signing (or action-authentication) session and return its IDs plus a ready-to-share signingUrl (url + embed token). Consumes signature quota.
Input Schema
| Name | Required | Description | Default |
|---|---|---|---|
| owner | No | The requester (distinct from the signer). When set and signer.email differs, SignDocs auto-emails the signer an invite and notifies the owner on completion. Omit to deliver links yourself via webhooks. | |
| action | No | What is being authenticated — used when purpose=ACTION_AUTHENTICATION. | |
| locale | No | UI/email language. Default pt-BR. | |
| signer | Yes | The person who will sign / authenticate. | |
| purpose | Yes | DOCUMENT_SIGNATURE to sign a PDF; ACTION_AUTHENTICATION to authenticate an action with no document. | |
| metadata | No | Free-form key/value tags (keys ≤256, values ≤1024 chars). | |
| cancelUrl | No | Redirect URL if the signer cancels. | |
| returnUrl | No | Redirect URL after completion (sessionId appended as query param). | |
| customSteps | No | Ordered step types — REQUIRED only when policyProfile=CUSTOM (e.g. ["CLICKWRAP","OTP"]). | |
| documentUrl | No | Direct, public HTTPS link to the PDF (≤10MB) — the server fetches it. Must return raw PDF bytes (S3/Dropbox ?dl=1/public .pdf). NOTE: a Google Drive "/view" link or a private file will NOT work. | |
| uploadToken | No | Token from request_document_upload, after the user uploaded the PDF on the drag-and-drop page. Best for local files or private Google Drive files (download then drag in). Provide one of documentBase64 / documentUrl / uploadToken. | |
| policyProfile | Yes | Identity-assurance profile: CLICK_ONLY, CLICK_PLUS_OTP, BIOMETRIC, BIOMETRIC_PLUS_OTP, or CUSTOM. Read the signdocs://policy-profiles resource for the authoritative list — an invalid value returns 400. | |
| documentBase64 | No | Base64-encoded PDF (≤10MB). Provide this OR documentUrl when purpose=DOCUMENT_SIGNATURE. | |
| idempotencyKey | No | Idempotency key for safe retries; a UUID is generated if omitted. | |
| documentFilename | No | Original filename, e.g. contrato.pdf. | |
| expiresInMinutes | No | Session lifetime, 5–1440 min (default 60). |