> ## Documentation Index
> Fetch the complete documentation index at: https://docs.thesignproof.com/llms.txt
> Use this file to discover all available pages before exploring further.

# API Reference

> Full reference for all SignProof API endpoints.

## Base URL

```
https://api.thesignproof.com
```

All endpoints are under `/v1/`.

## Authentication

All API endpoints (except `POST /oauth/token`) require a bearer token:

```
Authorization: Bearer <access_token>
```

See [Authentication](/authentication) for how to mint a token.

## Request format

* All `POST` and `PATCH` request bodies are `application/json`
* All responses are `application/json` (except `GET /v1/envelopes/{id}/document` which returns the PDF binary)

## Idempotency

`POST` requests accept an `Idempotency-Key` header. Replaying the same request within 24 hours
returns the original response without creating a duplicate.

```
Idempotency-Key: unique-key-per-request
```

## Rate limiting

Every response includes rate limit headers:

| Header                  | Description                           |
| ----------------------- | ------------------------------------- |
| `X-RateLimit-Limit`     | Requests allowed per window           |
| `X-RateLimit-Remaining` | Requests remaining in current window  |
| `X-RateLimit-Reset`     | Unix timestamp when the window resets |

When you exceed the limit, you receive `429 Too Many Requests`.

## Error format

All errors follow this shape:

```json theme={null}
{
  "type": "validation_error",
  "title": "One or more fields failed validation",
  "status": 400,
  "errors": {
    "tenantId": ["The tenantId field is required."]
  }
}
```

| Status | Meaning                                                     |
| ------ | ----------------------------------------------------------- |
| `400`  | Validation error — check `errors`                           |
| `401`  | Missing or expired token                                    |
| `403`  | Token valid but unauthorized for this resource              |
| `404`  | Resource not found                                          |
| `409`  | Conflict (e.g. envelope already sent)                       |
| `422`  | Business rule violation (e.g. voiding a completed envelope) |
| `429`  | Rate limited                                                |
| `500`  | Internal server error — contact support                     |
