# Table of Contents - [Documenso Documentation | Documenso Docs](#documenso-documentation-documenso-docs) - [Certifications & Regulatory Compliance | Documenso Docs](#certifications-regulatory-compliance-documenso-docs) - [Field Types | Documenso Docs](#field-types-documenso-docs) - [Compliance | Documenso Docs](#compliance-documenso-docs) - [Signature Levels | Documenso Docs](#signature-levels-documenso-docs) - [Document Lifecycle | Documenso Docs](#document-lifecycle-documenso-docs) - [E-Sign Compliance | Documenso Docs](#e-sign-compliance-documenso-docs) - [Standards & Regulations | Documenso Docs](#standards-regulations-documenso-docs) - [Concepts | Documenso Docs](#concepts-documenso-docs) - [Recipient Roles | Documenso Docs](#recipient-roles-documenso-docs) - [GDPR | Documenso Docs](#gdpr-documenso-docs) - [Signing Workflow | Documenso Docs](#signing-workflow-documenso-docs) - [Signing Certificates | Documenso Docs](#signing-certificates-documenso-docs) - [Developer Guide | Documenso Docs](#developer-guide-documenso-docs) - [Community Edition | Documenso Docs](#community-edition-documenso-docs) - [Fair Use Policy | Documenso Docs](#fair-use-policy-documenso-docs) - [Policies | Documenso Docs](#policies-documenso-docs) - [Enterprise Edition | Documenso Docs](#enterprise-edition-documenso-docs) - [Local Development | Documenso Docs](#local-development-documenso-docs) - [Privacy Policy | Documenso Docs](#privacy-policy-documenso-docs) - [Licenses | Documenso Docs](#licenses-documenso-docs) - [Security | Documenso Docs](#security-documenso-docs) - [Terms of Service | Documenso Docs](#terms-of-service-documenso-docs) - [Support | Documenso Docs](#support-documenso-docs) - [Demo Environment | Documenso Docs](#demo-environment-documenso-docs) - [Self-Hosting | Documenso Docs](#self-hosting-documenso-docs) - [Contributing Translations | Documenso Docs](#contributing-translations-documenso-docs) - [Contributing to Documenso | Documenso Docs](#contributing-to-documenso-documenso-docs) - [Developer Mode | Documenso Docs](#developer-mode-documenso-docs) - [Examples | Documenso Docs](#examples-documenso-docs) - [Getting Started | Documenso Docs](#getting-started-documenso-docs) - [API Reference | Documenso Docs](#api-reference-documenso-docs) - [API Versioning | Documenso Docs](#api-versioning-documenso-docs) - [User Guide | Documenso Docs](#user-guide-documenso-docs) - [Rate Limits | Documenso Docs](#rate-limits-documenso-docs) - [Getting Started | Documenso Docs](#getting-started-documenso-docs) - [CSS Variables | Documenso Docs](#css-variables-documenso-docs) - [Maintenance | Documenso Docs](#maintenance-documenso-docs) - [Authentication | Documenso Docs](#authentication-documenso-docs) - [Deployment | Documenso Docs](#deployment-documenso-docs) - [Run in Gitpod | Documenso Docs](#run-in-gitpod-documenso-docs) - [Teams API | Documenso Docs](#teams-api-documenso-docs) - [Developer Quickstart | Documenso Docs](#developer-quickstart-documenso-docs) - [Webhooks | Documenso Docs](#webhooks-documenso-docs) - [Manual Deployment | Documenso Docs](#manual-deployment-documenso-docs) - [Manual Setup | Documenso Docs](#manual-setup-documenso-docs) - [Quick Start | Documenso Docs](#quick-start-documenso-docs) - [Requirements | Documenso Docs](#requirements-documenso-docs) - [Configuration | Documenso Docs](#configuration-documenso-docs) - [Signing Certificate | Documenso Docs](#signing-certificate-documenso-docs) - [Translations | Documenso Docs](#translations-documenso-docs) - [Telemetry | Documenso Docs](#telemetry-documenso-docs) - [Tips & Common Pitfalls | Documenso Docs](#tips-common-pitfalls-documenso-docs) - [Webhook Verification | Documenso Docs](#webhook-verification-documenso-docs) - [Direct Links | Documenso Docs](#direct-links-documenso-docs) - [Webhook Setup | Documenso Docs](#webhook-setup-documenso-docs) - [Documents API | Documenso Docs](#documents-api-documenso-docs) - [Fields API | Documenso Docs](#fields-api-documenso-docs) - [Background Jobs | Documenso Docs](#background-jobs-documenso-docs) - [First API Call | Documenso Docs](#first-api-call-documenso-docs) - [Add Recipients | Documenso Docs](#add-recipients-documenso-docs) - [Email Configuration | Documenso Docs](#email-configuration-documenso-docs) - [Embedding | Documenso Docs](#embedding-documenso-docs) - [Environment Variables | Documenso Docs](#environment-variables-documenso-docs) - [Railway | Documenso Docs](#railway-documenso-docs) - [Upgrades | Documenso Docs](#upgrades-documenso-docs) - [Docker | Documenso Docs](#docker-documenso-docs) - [Database Configuration | Documenso Docs](#database-configuration-documenso-docs) - [Add Fields | Documenso Docs](#add-fields-documenso-docs) - [Backups | Documenso Docs](#backups-documenso-docs) - [Storage Configuration | Documenso Docs](#storage-configuration-documenso-docs) - [Recipients API | Documenso Docs](#recipients-api-documenso-docs) - [Templates API | Documenso Docs](#templates-api-documenso-docs) - [Docker Compose | Documenso Docs](#docker-compose-documenso-docs) - [Webhook Events | Documenso Docs](#webhook-events-documenso-docs) - [Troubleshooting | Documenso Docs](#troubleshooting-documenso-docs) - [Kubernetes | Documenso Docs](#kubernetes-documenso-docs) - [Common Workflows | Documenso Docs](#common-workflows-documenso-docs) --- # Documenso Documentation | Documenso Docs The open-source document signing platform. Send documents for signatures, integrate with your apps, or self-host with full control. [User Guide\ ----------\ \ Send documents, create templates, and manage your team using the web application.\ \ Get started →](https://docs.documenso.com/docs/users) [Developer Guide\ ---------------\ \ Integrate document signing into your applications with the REST API, webhooks, and embedding.\ \ View API docs →](https://docs.documenso.com/docs/developers) [Self-Hosting Guide\ ------------------\ \ Deploy your own Documenso instance with Docker, Kubernetes, or Railway.\ \ Deploy now →](https://docs.documenso.com/docs/self-hosting) ### Quick Start #### Send your first document 1. [Create an account](https://docs.documenso.com/docs/users/getting-started/create-account) 2. [Upload and send a document](https://docs.documenso.com/docs/users/getting-started/send-first-document) #### Integrate with the API 1. [Get your API key](https://docs.documenso.com/docs/developers/getting-started/authentication) 2. [Make your first API call](https://docs.documenso.com/docs/developers/getting-started/first-api-call) #### Deploy self-hosted 1. [Check requirements](https://docs.documenso.com/docs/self-hosting/getting-started/requirements) 2. [Run with Docker](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start) ### Core Concepts [Document Lifecycle\ \ Draft to completed](https://docs.documenso.com/docs/concepts/document-lifecycle) [Recipient Roles\ \ Signers and approvers](https://docs.documenso.com/docs/concepts/recipient-roles) [Field Types\ \ Signatures and inputs](https://docs.documenso.com/docs/concepts/field-types) [Signing Certificates\ \ Digital verification](https://docs.documenso.com/docs/concepts/signing-certificates) [### Compliance & Legal\ \ ESIGN, UETA, eIDAS compliance, GDPR, and signature levels explained.](https://docs.documenso.com/docs/compliance) [### Policies & Licensing\ \ AGPL and Enterprise licenses, fair use, privacy policy, and support.](https://docs.documenso.com/docs/policies) ### Join the Community Documenso is open source. Contribute, ask questions, or share feedback. [GitHub](https://github.com/documenso/documenso) [Discord](https://documen.so/discord) [Try Documenso](https://documenso.com/) --- # Certifications & Regulatory Compliance | Documenso Docs [Compliance](https://docs.documenso.com/docs/compliance) Certifications & Regulatory Compliance ====================================== Documenso's compliance status for industry certifications and regulatory frameworks. Copy MarkdownOpen ### [Compliance Status Overview](https://docs.documenso.com/docs/compliance/certifications#compliance-status-overview) | Certification | Status | | --- | --- | | 21 CFR Part 11 | Compliant (Enterprise) | | SOC 2 | Compliant | | ISO 27001 | Planned | | HIPAA | Planned | [21 CFR Part 11](https://docs.documenso.com/docs/compliance/certifications#21-cfr-part-11) ------------------------------------------------------------------------------------------- Status: Compliant (Enterprise License) 21 CFR Part 11 is a regulation by the FDA that establishes the criteria for electronic records and electronic signatures to ensure their authenticity, integrity, and confidentiality in the pharmaceutical, medical device, and other FDA-regulated industries. Read more about [21 CFR Part 11 with Documenso](https://documen.so/21-CFR-Part-11) . ### [Main Requirements](https://docs.documenso.com/docs/compliance/certifications#main-requirements) * Strong Identity Checks for each Signature * Signature and Audit Trails * User Access Management * Quality Assurance Documentation [SOC 2](https://docs.documenso.com/docs/compliance/certifications#soc-2) ------------------------------------------------------------------------- Status: [Compliant](https://documen.so/trust) SOC 2 is a framework for managing and auditing the security, availability, processing integrity, confidentiality, and data privacy in cloud and IT service organizations, established by the American Institute of Certified Public Accountants (AICPA). [ISO 27001](https://docs.documenso.com/docs/compliance/certifications#iso-27001) --------------------------------------------------------------------------------- Status: [Planned](https://github.com/documenso/backlog/issues/26) ISO 27001 is an international standard for managing information security, specifying requirements for establishing, implementing, maintaining, and continually improving an information security management system (ISMS). [HIPAA](https://docs.documenso.com/docs/compliance/certifications#hipaa) ------------------------------------------------------------------------- Status: [Compliant](https://documen.so/trust) The HIPAA (Health Insurance Portability and Accountability Act) is a U.S. law designed to protect patient health information's privacy and security and improve the healthcare system's efficiency and effectiveness. * * * [See Also](https://docs.documenso.com/docs/compliance/certifications#see-also) ------------------------------------------------------------------------------- * [Standards](https://docs.documenso.com/docs/compliance/standards) - Technical signing standards (PDF/A, PAdES, X.509) * [Signature Levels](https://docs.documenso.com/docs/compliance/signature-levels) - eIDAS and other signature level compliance * [Enterprise Edition](https://docs.documenso.com/docs/policies/enterprise-edition) - Enterprise licensing for compliance features * [GDPR](https://docs.documenso.com/docs/compliance/gdpr) - Data protection compliance [GDPR\ \ Understand how Documenso handles GDPR compliance for data processing and storage.](https://docs.documenso.com/docs/compliance/gdpr) [Policies\ \ License, privacy, terms, and support information](https://docs.documenso.com/docs/policies) ### On this page [Compliance Status Overview](https://docs.documenso.com/docs/compliance/certifications#compliance-status-overview) [21 CFR Part 11](https://docs.documenso.com/docs/compliance/certifications#21-cfr-part-11) [Main Requirements](https://docs.documenso.com/docs/compliance/certifications#main-requirements) [SOC 2](https://docs.documenso.com/docs/compliance/certifications#soc-2) [ISO 27001](https://docs.documenso.com/docs/compliance/certifications#iso-27001) [HIPAA](https://docs.documenso.com/docs/compliance/certifications#hipaa) [See Also](https://docs.documenso.com/docs/compliance/certifications#see-also) --- # Field Types | Documenso Docs [Concepts](https://docs.documenso.com/docs/concepts) Field Types =========== Placeholder types for capturing signatures, text, dates, and selections during signing. Copy MarkdownOpen [Field Types Overview](https://docs.documenso.com/docs/concepts/field-types#field-types-overview) -------------------------------------------------------------------------------------------------- | Field Type | Description | Auto-filled | | --- | --- | --- | | Signature | Recipient's signature (drawn, typed, or uploaded) | No | | Initials | Recipient's initials | No | | Email | Recipient's email address | Yes | | Name | Recipient's full name | Yes | | Date | Date the field was completed | Yes | | Text | Free-form text input | No | | Number | Numeric input with optional validation | No | | Radio | Single selection from a list of options | No | | Checkbox | Multiple selections from a list of options | No | | Dropdown | Single selection from a dropdown menu | No | [Signature](https://docs.documenso.com/docs/concepts/field-types#signature) ---------------------------------------------------------------------------- ![Signature field in the document editor](https://docs.documenso.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fsignature-field-document-editor-view.2851a04a.webp&w=3840&q=75) The signature field captures the recipient's legally binding signature. Recipients can: * **Draw** their signature using a mouse or touchscreen * **Type** their name and select a font style * **Upload** an image of their signature ### [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options) | Option | Description | | --- | --- | | Required | Whether the field must be completed before signing | | Read-only | Lock the field with a pre-filled value | | Label | Display text shown above the field | ### [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases) * Contract execution * Agreement acceptance * Authorization approvals Each signer must have at least one Signature field assigned to them. [Initials](https://docs.documenso.com/docs/concepts/field-types#initials) -------------------------------------------------------------------------- The initials field captures abbreviated signatures, typically used to acknowledge individual pages or clauses. ### [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options-1) | Option | Description | | --- | --- | | Required | Whether the field must be completed | | Read-only | Lock the field with a pre-filled value | | Label | Display text shown above the field | | Text alignment | Left, center, or right alignment | ### [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases-1) * Page acknowledgment * Clause acceptance * Change or amendment approval [Email](https://docs.documenso.com/docs/concepts/field-types#email) -------------------------------------------------------------------- The email field displays the recipient's email address. This field is automatically populated with the email address used to send the signing request. ### [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options-2) | Option | Description | | --- | --- | | Required | Whether the field must be completed | | Read-only | Lock the field (recommended for auto-filled values) | | Label | Display text shown above the field | | Text alignment | Left, center, or right alignment | ### [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases-2) * Contact information sections * Identity verification * Record keeping [Name](https://docs.documenso.com/docs/concepts/field-types#name) ------------------------------------------------------------------ The name field captures the recipient's full name. When the recipient has a name on file, the field can be auto-populated. ### [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options-3) | Option | Description | | --- | --- | | Required | Whether the field must be completed | | Read-only | Lock the field with a pre-filled value | | Label | Display text shown above the field | | Text alignment | Left, center, or right alignment | ### [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases-3) * Signature blocks * Party identification * Contact details [Date](https://docs.documenso.com/docs/concepts/field-types#date) ------------------------------------------------------------------ The date field records when the recipient completed the field or signed the document. By default, it auto-fills with the current date. ### [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options-4) | Option | Description | | --- | --- | | Required | Whether the field must be completed | | Read-only | Lock the field with a pre-filled value | | Label | Display text shown above the field | | Text alignment | Left, center, or right alignment | ### [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases-4) * Signature date * Agreement effective date * Timestamp records [Text](https://docs.documenso.com/docs/concepts/field-types#text) ------------------------------------------------------------------ ![Text field in the document editor](https://docs.documenso.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ftext-field-document-editor-view.f13dd008.webp&w=3840&q=75) The text field accepts free-form text input from recipients. Use this for any information that doesn't fit other field types. ### [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options-5) | Option | Description | | --- | --- | | Required | Whether the field must be completed | | Read-only | Lock the field with a pre-filled value | | Label | Display text shown above the field | | Placeholder | Hint text shown when the field is empty | | Default value | Pre-filled text that recipients can modify | | Character limit | Maximum number of characters allowed | | Text alignment | Left, center, or right alignment | | Line height | Spacing between lines of text | | Letter spacing | Spacing between characters | ### [Rules](https://docs.documenso.com/docs/concepts/field-types#rules) * A field cannot be both required and read-only at the same time * A read-only field must have a default text value (it cannot be empty) * The field is inserted automatically into the document if there is a default text value * The text field character count cannot exceed the character limit * The signer cannot modify a read-only field ### [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases-5) * Address input * Company names * Job titles * Custom information [Number](https://docs.documenso.com/docs/concepts/field-types#number) ---------------------------------------------------------------------- The number field accepts numeric input with optional validation constraints. ### [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options-6) | Option | Description | | --- | --- | | Required | Whether the field must be completed | | Read-only | Lock the field with a pre-filled value | | Label | Display text shown above the field | | Placeholder | Hint text shown when the field is empty | | Default value | Pre-filled number that recipients can modify | | Minimum value | Lowest allowed number | | Maximum value | Highest allowed number | | Number format | Display format for the number | | Text alignment | Left, center, or right alignment | ### [Rules](https://docs.documenso.com/docs/concepts/field-types#rules-1) * The value must be a number * A field cannot be both required and read-only at the same time * A read-only field must have a default number value * If a default number and a maximum value are set, the default must be less than the maximum * If a default number and a minimum value are set, the default must be greater than the minimum * The value must match the number format if a number format is set ### [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases-6) * Quantities * Pricing * Phone numbers * Employee IDs [Radio](https://docs.documenso.com/docs/concepts/field-types#radio) -------------------------------------------------------------------- The radio field presents a list of options where the recipient can select exactly one. ### [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options-7) | Option | Description | | --- | --- | | Required | Whether a selection must be made | | Read-only | Lock the field with a pre-selected value | | Label | Display text shown above the field | | Options | List of selectable values | | Default selection | Pre-selected option | | Direction | Vertical or horizontal layout | ### [Rules](https://docs.documenso.com/docs/concepts/field-types#rules-2) * A field cannot be both required and read-only at the same time * A read-only field must have at least one option * The field auto-signs if there is a default value * The signer cannot select a value that's not in the options list * Only one option can be selected at a time ### [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases-7) * Yes/No questions * Single-choice selections * Status indicators * Plan or tier selection [Checkbox](https://docs.documenso.com/docs/concepts/field-types#checkbox) -------------------------------------------------------------------------- ![Checkbox field in the document editor](https://docs.documenso.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fcheckbox-field-document-editor-view.57e8f98d.webp&w=3840&q=75) The checkbox field presents a list of options where the recipient can select multiple items. ### [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options-8) | Option | Description | | --- | --- | | Required | Whether at least one selection must be made | | Read-only | Lock the field with pre-selected values | | Label | Display text shown above the field | | Options | List of selectable values | | Default selections | Pre-selected options | | Validation rule | Rules for minimum/maximum selections | | Direction | Vertical or horizontal layout | ### [Rules](https://docs.documenso.com/docs/concepts/field-types#rules-3) * A field cannot be both required and read-only at the same time * A read-only field must have at least one checked option * The field auto-signs if there are default values * The validation rule enforces selection counts: "At least", "At most", or "Exactly" a specified number of options * The signer cannot select a value that's not in the options list ### [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases-8) * Terms and conditions acceptance * Multiple acknowledgments * Feature selection * Preference lists [Dropdown](https://docs.documenso.com/docs/concepts/field-types#dropdown) -------------------------------------------------------------------------- ![Dropdown field in the document editor](https://docs.documenso.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdropdown-field-document-editor-view.25f2be62.webp&w=3840&q=75) The dropdown field presents a list of options in a collapsible menu. Recipients select one option from the list. ### [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options-9) | Option | Description | | --- | --- | | Required | Whether a selection must be made | | Read-only | Lock the field with a pre-selected value | | Label | Display text shown above the field | | Options | List of selectable values | | Default value | Pre-selected option | ### [Rules](https://docs.documenso.com/docs/concepts/field-types#rules-4) * A field cannot be both required and read-only at the same time * A read-only field must have a default value * The default value must be one of the options * The field auto-signs if there is a default value * The signer cannot select a value that's not in the options list ### [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases-9) * Country or state selection * Department selection * Category classification * Status selection [Common Configuration Options](https://docs.documenso.com/docs/concepts/field-types#common-configuration-options) ------------------------------------------------------------------------------------------------------------------ All field types share these base configuration options: | Option | Description | Default | | --- | --- | --- | | Required | Recipient must complete the field to finish signing | `false` | | Read-only | Field value cannot be changed by the recipient | `false` | | Label | Text displayed above or near the field | None | | Font size | Size of the text in the field (8-96px) | 12px | [Validation](https://docs.documenso.com/docs/concepts/field-types#validation) ------------------------------------------------------------------------------ Fields validate input based on their type and configuration: * **Required fields** must be completed before the recipient can finish signing * **Read-only fields** display pre-filled values that cannot be modified * **Number fields** validate against minimum and maximum values when configured * **Checkbox fields** can enforce a minimum or maximum number of selections If validation fails, the recipient sees an error message and must correct the input before proceeding. [Related](https://docs.documenso.com/docs/concepts/field-types#related) ------------------------------------------------------------------------ * [Add Fields to Documents](https://docs.documenso.com/docs/users/documents/add-fields) - Learn how to place fields on your documents * [Recipient Roles](https://docs.documenso.com/docs/concepts/recipient-roles) - Understand who can be assigned fields * [Fields API](https://docs.documenso.com/docs/developers/api/fields) - Programmatically add fields via the API [Recipient Roles\ \ Signers, approvers, viewers, assistants, and CC recipients.](https://docs.documenso.com/docs/concepts/recipient-roles) [Signing Workflow\ \ The complete process from preparing a document to collecting signatures and sealing the final PDF.](https://docs.documenso.com/docs/concepts/signing-workflow) ### On this page [Field Types Overview](https://docs.documenso.com/docs/concepts/field-types#field-types-overview) [Signature](https://docs.documenso.com/docs/concepts/field-types#signature) [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options) [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases) [Initials](https://docs.documenso.com/docs/concepts/field-types#initials) [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options-1) [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases-1) [Email](https://docs.documenso.com/docs/concepts/field-types#email) [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options-2) [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases-2) [Name](https://docs.documenso.com/docs/concepts/field-types#name) [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options-3) [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases-3) [Date](https://docs.documenso.com/docs/concepts/field-types#date) [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options-4) [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases-4) [Text](https://docs.documenso.com/docs/concepts/field-types#text) [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options-5) [Rules](https://docs.documenso.com/docs/concepts/field-types#rules) [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases-5) [Number](https://docs.documenso.com/docs/concepts/field-types#number) [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options-6) [Rules](https://docs.documenso.com/docs/concepts/field-types#rules-1) [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases-6) [Radio](https://docs.documenso.com/docs/concepts/field-types#radio) [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options-7) [Rules](https://docs.documenso.com/docs/concepts/field-types#rules-2) [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases-7) [Checkbox](https://docs.documenso.com/docs/concepts/field-types#checkbox) [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options-8) [Rules](https://docs.documenso.com/docs/concepts/field-types#rules-3) [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases-8) [Dropdown](https://docs.documenso.com/docs/concepts/field-types#dropdown) [Configuration Options](https://docs.documenso.com/docs/concepts/field-types#configuration-options-9) [Rules](https://docs.documenso.com/docs/concepts/field-types#rules-4) [Common Use Cases](https://docs.documenso.com/docs/concepts/field-types#common-use-cases-9) [Common Configuration Options](https://docs.documenso.com/docs/concepts/field-types#common-configuration-options) [Validation](https://docs.documenso.com/docs/concepts/field-types#validation) [Related](https://docs.documenso.com/docs/concepts/field-types#related) --- # Compliance | Documenso Docs Compliance ========== Legal and regulatory compliance information for electronic signatures. Copy MarkdownOpen [Overview](https://docs.documenso.com/docs/compliance#overview) ---------------------------------------------------------------- [### E-Sign Compliance\ \ ESIGN Act, UETA, eIDAS, and electronic signature laws by jurisdiction.](https://docs.documenso.com/docs/compliance/esign) [### GDPR\ \ Data protection requirements for processing personal data in the EU.](https://docs.documenso.com/docs/compliance/gdpr) [Additional Topics](https://docs.documenso.com/docs/compliance#additional-topics) ---------------------------------------------------------------------------------- [### Standards & Regulations\ \ SOC 2, 21 CFR Part 11, and other compliance frameworks.](https://docs.documenso.com/docs/compliance/standards) [### Signature Levels\ \ Simple, Advanced, and Qualified electronic signatures under eIDAS.](https://docs.documenso.com/docs/compliance/signature-levels) [### Certifications\ \ Compliance status for industry certifications and regulatory frameworks.](https://docs.documenso.com/docs/compliance/certifications) [Disclaimer](https://docs.documenso.com/docs/compliance#disclaimer) -------------------------------------------------------------------- This documentation is provided for informational purposes only. It does not constitute legal advice and should not be relied upon as such. Compliance requirements vary based on: * Your jurisdiction and applicable laws * The type of documents being signed * Industry-specific regulations * The parties involved in the transaction Consult with qualified legal counsel to determine the specific requirements for your use case. [Related](https://docs.documenso.com/docs/compliance#related) -------------------------------------------------------------- * [Privacy Policy](https://docs.documenso.com/docs/policies/privacy) - How Documenso handles personal data * [Security](https://docs.documenso.com/docs/policies/security) - Security practices and measures * [Terms of Service](https://docs.documenso.com/docs/policies/terms) - Terms governing use of Documenso [Signing Certificates\ \ Documenso digitally signs completed documents using X.509 certificates, providing cryptographic proof of authenticity and integrity.](https://docs.documenso.com/docs/concepts/signing-certificates) [E-Sign Compliance\ \ Understand ESIGN, UETA, eIDAS, and other electronic signature laws that govern digital documents.](https://docs.documenso.com/docs/compliance/esign) ### On this page [Overview](https://docs.documenso.com/docs/compliance#overview) [Additional Topics](https://docs.documenso.com/docs/compliance#additional-topics) [Disclaimer](https://docs.documenso.com/docs/compliance#disclaimer) [Related](https://docs.documenso.com/docs/compliance#related) --- # Signature Levels | Documenso Docs [Compliance](https://docs.documenso.com/docs/compliance) Signature Levels ================ Understand the three eIDAS signature levels — SES, AES, and QES — their requirements, legal effect, and when to use each. Copy MarkdownOpen Documenso seals all signed documents cryptographically, regardless of signature level, to prevent any alterations after signing. ### [Compliance Status Overview](https://docs.documenso.com/docs/compliance/signature-levels#compliance-status-overview) | Regulation | Status | | --- | --- | | ESIGN / UETA | Compliant | | eIDAS SES | Compliant | | eIDAS AES | Planned | | eIDAS QES | Planned | | ZertES | Planned | [U.S. ESIGN Act](https://docs.documenso.com/docs/compliance/signature-levels#us-esign-act) ------------------------------------------------------------------------------------------- Status: Compliant The Electronic Signatures in Global and National Commerce Act (ESIGN Act) is a U.S. federal law that ensures the legal validity and enforceability of electronic signatures and records in commerce. ### [Main Requirements](https://docs.documenso.com/docs/compliance/signature-levels#main-requirements) * **Intent to Sign** - Parties must demonstrate their intent to sign * **Consent** - All parties must consent to the use of electronic signatures and records * **Consumer Disclosures** - Financial institutions must provide clear statements informing consumers before obtaining consent * **Record Retention** - Electronic records must be maintained for later access by signers * **Security** - Parties must take reasonable steps to ensure the security and integrity of electronic signatures and records [UETA (Uniform Electronic Transactions Act)](https://docs.documenso.com/docs/compliance/signature-levels#ueta-uniform-electronic-transactions-act) --------------------------------------------------------------------------------------------------------------------------------------------------- Status: Compliant The Uniform Electronic Transactions Act provides a legal framework for the use of electronic signatures and records in electronic transactions, ensuring they have the same validity and enforceability as paper documents and handwritten signatures. UETA shares the same core requirements as the [ESIGN Act](https://docs.documenso.com/docs/compliance/signature-levels#us-esign-act) . [Simple Electronic Signatures (SES)](https://docs.documenso.com/docs/compliance/signature-levels#simple-electronic-signatures-ses) ----------------------------------------------------------------------------------------------------------------------------------- A Simple Electronic Signature is the most basic form of electronic signature. It includes any data in electronic form that is attached to or logically associated with other electronic data and used by the signatory to sign. ### [Characteristics](https://docs.documenso.com/docs/compliance/signature-levels#characteristics) | Aspect | Description | | --- | --- | | **Technical Requirements** | No specific technical requirements beyond demonstrating intent to sign | | **Identity Verification** | None required; relies on email delivery or other indirect identification | | **Legal Status** | Admissible as evidence; cannot be denied legal effect solely because it is electronic | | **Examples** | Typed name, scanned signature image, checkbox acceptance, click-to-sign | ### [When SES Is Appropriate](https://docs.documenso.com/docs/compliance/signature-levels#when-ses-is-appropriate) SES is suitable for many common business transactions: * Standard contracts and agreements * Internal approvals and sign-offs * Terms of service acceptance * Non-disclosure agreements * Purchase orders and invoices * Employment documents (in most jurisdictions) The legal validity of SES depends on the specific transaction and jurisdiction. Many everyday business documents do not require higher signature levels. * * * [Advanced Electronic Signatures (AES)](https://docs.documenso.com/docs/compliance/signature-levels#advanced-electronic-signatures-aes) --------------------------------------------------------------------------------------------------------------------------------------- An Advanced Electronic Signature meets additional technical and procedural requirements that provide stronger evidence of the signer's identity and the document's integrity. ### [Requirements](https://docs.documenso.com/docs/compliance/signature-levels#requirements) Under eIDAS, an AES must satisfy four criteria: 1. **Uniquely linked to the signatory** - The signature is associated with a specific individual 2. **Capable of identifying the signatory** - The signature data reveals who signed 3. **Created using signature creation data under the signatory's sole control** - Only the signer can create the signature (e.g., private key, secure device) 4. **Linked to the data in such a way that any subsequent change is detectable** - Tampering invalidates the signature ### [Characteristics](https://docs.documenso.com/docs/compliance/signature-levels#characteristics-1) | Aspect | Description | | --- | --- | | **Technical Requirements** | Cryptographic signature with signer identification | | **Identity Verification** | Required; must establish signer identity through verification process | | **Legal Status** | Higher evidentiary weight than SES; stronger presumption of validity | | **Implementation** | Typically requires identity verification service and personal certificates | ### [Compliance Status](https://docs.documenso.com/docs/compliance/signature-levels#compliance-status) Status: [Planned](https://github.com/documenso/backlog/issues/9) via third party until [Let's Sign](https://github.com/documenso/backlog/issues/21) is realized. Current AES progress: * Cryptographic signature sealing the document against tampering * Signing using dedicated hardware (Hardware Security Module) * Embedding signer identity in the cryptographic signature (planned) * Being a government-audited trusted qualified services provider (planned) ### [When AES Is Appropriate](https://docs.documenso.com/docs/compliance/signature-levels#when-aes-is-appropriate) AES is used when stronger proof of identity and intent is needed: * Financial services agreements * Real estate transactions (in some jurisdictions) * Healthcare consent forms * Government submissions * High-value contracts * Cross-border agreements within the EU * * * [Qualified Electronic Signatures (QES)](https://docs.documenso.com/docs/compliance/signature-levels#qualified-electronic-signatures-qes) ----------------------------------------------------------------------------------------------------------------------------------------- A Qualified Electronic Signature is the highest level of electronic signature under eIDAS. It is legally equivalent to a handwritten signature in all EU member states and carries a presumption of validity. ### [Requirements](https://docs.documenso.com/docs/compliance/signature-levels#requirements-1) QES must meet all AES requirements plus: 1. **Qualified Certificate** - Issued by a Qualified Trust Service Provider (QTSP) that is accredited by an EU member state 2. **Qualified Electronic Signature Creation Device (QSCD)** - The signature is created using hardware or software that meets specific security standards 3. **Identity Verification** - In-person or equivalent remote verification compliant with eIDAS requirements ### [Characteristics](https://docs.documenso.com/docs/compliance/signature-levels#characteristics-2) | Aspect | Description | | --- | --- | | **Technical Requirements** | Qualified certificate + qualified signature creation device | | **Identity Verification** | Strict verification by a Qualified Trust Service Provider | | **Legal Status** | Equivalent to handwritten signature across all EU member states | | **Implementation** | Requires integration with a QTSP; typically involves external service | ### [Compliance Status](https://docs.documenso.com/docs/compliance/signature-levels#compliance-status-1) Status: [Planned](https://github.com/documenso/backlog/issues/32) via third party until [Let's Sign](https://github.com/documenso/backlog/issues/21) is realized. ### [When QES Is Required](https://docs.documenso.com/docs/compliance/signature-levels#when-qes-is-required) Certain transactions require or benefit from QES: * Documents that legally require a handwritten signature under national law * Court filings and legal documents * Company formation documents * Land registry transactions * Notarized documents * Regulated financial transactions * Cross-border transactions requiring guaranteed recognition * * * [Comparison of Signature Levels](https://docs.documenso.com/docs/compliance/signature-levels#comparison-of-signature-levels) ----------------------------------------------------------------------------------------------------------------------------- | Aspect | SES | AES | QES | | --- | --- | --- | --- | | **Technical Complexity** | Low | Medium | High | | **Identity Verification** | None | Required | Strict (QTSP) | | **Legal Effect (EU)** | Admissible | Higher evidentiary value | Equal to handwritten | | **Cost** | Low | Medium | Higher | | **User Experience** | Simple | More steps | Most steps | | **Signer Requirements** | Email access | Identity verification | Certificate from QTSP | ### [Legal Recognition](https://docs.documenso.com/docs/compliance/signature-levels#legal-recognition) | Jurisdiction | SES | AES | QES | | --- | --- | --- | --- | | **European Union** | Valid, evidentiary value varies | Enhanced evidentiary value | Equivalent to handwritten | | **United States** | Valid under ESIGN/UETA | No formal distinction | No formal distinction | | **United Kingdom** | Valid | Enhanced value | Equivalent to handwritten (UK eIDAS) | | **Switzerland** | Valid | Valid | Equivalent to handwritten (ZertES) | * * * [What Documenso Provides](https://docs.documenso.com/docs/compliance/signature-levels#what-documenso-provides) --------------------------------------------------------------------------------------------------------------- Documenso supports Simple Electronic Signatures (SES) with features that enhance evidentiary value: ### [SES Features](https://docs.documenso.com/docs/compliance/signature-levels#ses-features) * **Intent to Sign** - Signers actively interact with signature fields * **Email-Based Delivery** - Documents sent to specific email addresses * **Audit Trail** - Complete record of signing events, timestamps, and IP addresses * **Document Integrity** - Cryptographic sealing detects any post-signing modifications * **Record Retention** - Signed documents stored and accessible to all parties ### [Additional Verification Options](https://docs.documenso.com/docs/compliance/signature-levels#additional-verification-options) * **Access Codes** - Require signers to enter a code before accessing documents * **Signing Order** - Control the sequence of signatures ### [What Documenso Does Not Provide](https://docs.documenso.com/docs/compliance/signature-levels#what-documenso-does-not-provide) | Capability | Status | | --- | --- | | **Qualified Electronic Signatures (QES)** | Not supported; requires QTSP integration | | **Advanced Electronic Signatures (AES)** | Partial; full AES requires identity verification services | | **Identity Verification (KYC)** | Not built-in | | **Qualified Certificates** | Not issued; would require QTSP status | For transactions requiring AES or QES, you would need to integrate with external identity verification services or Qualified Trust Service Providers. * * * [ZertES (Swiss Federal Law)](https://docs.documenso.com/docs/compliance/signature-levels#zertes-swiss-federal-law) ------------------------------------------------------------------------------------------------------------------- Status: [Planned](https://github.com/documenso/backlog/issues/34) ZertES is a Swiss federal law that regulates electronic signature compliance. It defines requirements similar to eIDAS for qualified electronic signatures within Switzerland. * * * [When You Need Higher Signature Levels](https://docs.documenso.com/docs/compliance/signature-levels#when-you-need-higher-signature-levels) ------------------------------------------------------------------------------------------------------------------------------------------- Consider using AES or QES when: ### Legal Requirements ### Risk Factors ### Industry Standards ### Evaluating Your Needs * * * [Disclaimer](https://docs.documenso.com/docs/compliance/signature-levels#disclaimer) ------------------------------------------------------------------------------------- This documentation is provided for informational purposes only and does not constitute legal advice. The appropriate signature level for your documents depends on: * Your jurisdiction and applicable laws * The type of document being signed * Industry-specific regulations * Contractual requirements from counterparties * Risk tolerance and dispute likelihood Electronic signature requirements vary significantly across jurisdictions and document types. Some transactions have specific legal requirements that may mandate particular signature levels or exclude electronic signatures entirely. Consult with qualified legal counsel to determine the signature level requirements for your specific use case. * * * [Related](https://docs.documenso.com/docs/compliance/signature-levels#related) ------------------------------------------------------------------------------- * [E-Sign Compliance](https://docs.documenso.com/docs/compliance/esign) - ESIGN Act, UETA, eIDAS, and electronic signature laws * [Signing Certificates](https://docs.documenso.com/docs/concepts/signing-certificates) - How documents are digitally signed and verified * [Standards & Regulations](https://docs.documenso.com/docs/compliance/standards) - SOC 2, 21 CFR Part 11, and other frameworks [Standards & Regulations\ \ Key technical standards that ensure digital signatures are secure, interoperable, and valid long-term.](https://docs.documenso.com/docs/compliance/standards) [GDPR\ \ Understand how Documenso handles GDPR compliance for data processing and storage.](https://docs.documenso.com/docs/compliance/gdpr) ### On this page [Compliance Status Overview](https://docs.documenso.com/docs/compliance/signature-levels#compliance-status-overview) [U.S. ESIGN Act](https://docs.documenso.com/docs/compliance/signature-levels#us-esign-act) [Main Requirements](https://docs.documenso.com/docs/compliance/signature-levels#main-requirements) [UETA (Uniform Electronic Transactions Act)](https://docs.documenso.com/docs/compliance/signature-levels#ueta-uniform-electronic-transactions-act) [Simple Electronic Signatures (SES)](https://docs.documenso.com/docs/compliance/signature-levels#simple-electronic-signatures-ses) [Characteristics](https://docs.documenso.com/docs/compliance/signature-levels#characteristics) [When SES Is Appropriate](https://docs.documenso.com/docs/compliance/signature-levels#when-ses-is-appropriate) [Advanced Electronic Signatures (AES)](https://docs.documenso.com/docs/compliance/signature-levels#advanced-electronic-signatures-aes) [Requirements](https://docs.documenso.com/docs/compliance/signature-levels#requirements) [Characteristics](https://docs.documenso.com/docs/compliance/signature-levels#characteristics-1) [Compliance Status](https://docs.documenso.com/docs/compliance/signature-levels#compliance-status) [When AES Is Appropriate](https://docs.documenso.com/docs/compliance/signature-levels#when-aes-is-appropriate) [Qualified Electronic Signatures (QES)](https://docs.documenso.com/docs/compliance/signature-levels#qualified-electronic-signatures-qes) [Requirements](https://docs.documenso.com/docs/compliance/signature-levels#requirements-1) [Characteristics](https://docs.documenso.com/docs/compliance/signature-levels#characteristics-2) [Compliance Status](https://docs.documenso.com/docs/compliance/signature-levels#compliance-status-1) [When QES Is Required](https://docs.documenso.com/docs/compliance/signature-levels#when-qes-is-required) [Comparison of Signature Levels](https://docs.documenso.com/docs/compliance/signature-levels#comparison-of-signature-levels) [Legal Recognition](https://docs.documenso.com/docs/compliance/signature-levels#legal-recognition) [What Documenso Provides](https://docs.documenso.com/docs/compliance/signature-levels#what-documenso-provides) [SES Features](https://docs.documenso.com/docs/compliance/signature-levels#ses-features) [Additional Verification Options](https://docs.documenso.com/docs/compliance/signature-levels#additional-verification-options) [What Documenso Does Not Provide](https://docs.documenso.com/docs/compliance/signature-levels#what-documenso-does-not-provide) [ZertES (Swiss Federal Law)](https://docs.documenso.com/docs/compliance/signature-levels#zertes-swiss-federal-law) [When You Need Higher Signature Levels](https://docs.documenso.com/docs/compliance/signature-levels#when-you-need-higher-signature-levels) [Disclaimer](https://docs.documenso.com/docs/compliance/signature-levels#disclaimer) [Related](https://docs.documenso.com/docs/compliance/signature-levels#related) --- # Document Lifecycle | Documenso Docs [Concepts](https://docs.documenso.com/docs/concepts) Document Lifecycle ================== Track document progress through draft, pending, completed, and rejected states. Copy MarkdownOpen [Document States](https://docs.documenso.com/docs/concepts/document-lifecycle#document-states) ----------------------------------------------------------------------------------------------- A document can be in one of four states: | State | Description | | --- | --- | | **Draft** | Document is being prepared and has not been sent | | **Pending** | Document has been sent and is awaiting recipient actions | | **Completed** | All recipients have completed their required actions | | **Rejected** | A recipient has rejected the document (when rejection is enabled) | [How a Document Moves Through States](https://docs.documenso.com/docs/concepts/document-lifecycle#how-a-document-moves-through-states) --------------------------------------------------------------------------------------------------------------------------------------- [Draft](https://docs.documenso.com/docs/concepts/document-lifecycle#draft) --------------------------------------------------------------------------- When you upload a document or create one from a template, it starts in the **Draft** state. In this state, you can: * Add and remove recipients * Assign roles to recipients (signer, approver, viewer, CC) * Add, move, and configure fields * Set signing order * Configure document settings (expiration, reminders, rejection) * Delete the document A draft document is only visible to you (the owner) and team members with appropriate permissions. Recipients cannot see or access the document until you send it. **Transition:** A draft becomes **Pending** when you send it to recipients. [Pending](https://docs.documenso.com/docs/concepts/document-lifecycle#pending) ------------------------------------------------------------------------------- Once sent, a document enters the **Pending** state. Recipients receive email notifications with links to view and complete their assigned actions. While pending, you can: * View recipient progress * Resend notifications to recipients * Void the document (cancels all pending actions) You cannot modify the document content, recipients, or fields while it is pending. **Transitions:** * Becomes **Completed** when all recipients finish their required actions * Becomes **Rejected** if any recipient rejects the document (requires rejection to be enabled) [Completed](https://docs.documenso.com/docs/concepts/document-lifecycle#completed) ----------------------------------------------------------------------------------- A document reaches the **Completed** state when all recipients have fulfilled their roles: * Signers have signed * Approvers have approved * Viewers have viewed (if view confirmation is required) At completion: * All parties receive a copy of the signed document * The document is sealed with a digital certificate * An audit log is attached showing all actions taken Completed documents cannot be modified. You can download the signed PDF or view the audit trail. [Rejected](https://docs.documenso.com/docs/concepts/document-lifecycle#rejected) --------------------------------------------------------------------------------- If you enable document rejection in settings, recipients can reject instead of signing. When any recipient rejects: * The document immediately moves to **Rejected** state * Other pending recipients can no longer act on the document * The document owner is notified Rejected documents cannot be modified or reactivated. To proceed, you need to create a new document. [Related Concepts](https://docs.documenso.com/docs/concepts/document-lifecycle#related-concepts) ------------------------------------------------------------------------------------------------- * [Recipient Roles](https://docs.documenso.com/docs/concepts/recipient-roles) - The different roles recipients can have * [Field Types](https://docs.documenso.com/docs/concepts/field-types) - Fields you can add to documents * [Signing Workflow](https://docs.documenso.com/docs/concepts/signing-workflow) - How the signing process works for recipients [Concepts\ \ Foundational concepts behind document signing, recipient roles, field types, and certificates.](https://docs.documenso.com/docs/concepts) [Recipient Roles\ \ Signers, approvers, viewers, assistants, and CC recipients.](https://docs.documenso.com/docs/concepts/recipient-roles) ### On this page [Document States](https://docs.documenso.com/docs/concepts/document-lifecycle#document-states) [How a Document Moves Through States](https://docs.documenso.com/docs/concepts/document-lifecycle#how-a-document-moves-through-states) [Draft](https://docs.documenso.com/docs/concepts/document-lifecycle#draft) [Pending](https://docs.documenso.com/docs/concepts/document-lifecycle#pending) [Completed](https://docs.documenso.com/docs/concepts/document-lifecycle#completed) [Rejected](https://docs.documenso.com/docs/concepts/document-lifecycle#rejected) [Related Concepts](https://docs.documenso.com/docs/concepts/document-lifecycle#related-concepts) --- # E-Sign Compliance | Documenso Docs [Compliance](https://docs.documenso.com/docs/compliance) E-Sign Compliance ================= Understand ESIGN, UETA, eIDAS, and other electronic signature laws that govern digital documents. Copy MarkdownOpen [ESIGN Act (United States)](https://docs.documenso.com/docs/compliance/esign#esign-act-united-states) ------------------------------------------------------------------------------------------------------ The Electronic Signatures in Global and National Commerce Act (ESIGN Act) is a U.S. federal law enacted in 2000. It ensures that electronic signatures and records have the same legal validity as paper documents and handwritten signatures in interstate and foreign commerce. ### [Key Requirements](https://docs.documenso.com/docs/compliance/esign#key-requirements) | Requirement | Description | | --- | --- | | **Intent to Sign** | Signers must demonstrate clear intent to sign the document | | **Consent** | All parties must agree to conduct the transaction electronically | | **Consumer Disclosure** | For consumer transactions, specific disclosures must be provided before obtaining consent | | **Record Retention** | Electronic records must be accurately preserved and accessible for later reference | | **Association** | The signature must be associated with the record being signed | ### [Exclusions](https://docs.documenso.com/docs/compliance/esign#exclusions) The ESIGN Act does not apply to certain document types, including: * Wills, codicils, and testamentary trusts * Family law documents (adoption, divorce) * Court orders and official court documents * Cancellation of utility services * Documents related to hazardous materials transportation * * * [UETA (United States)](https://docs.documenso.com/docs/compliance/esign#ueta-united-states) -------------------------------------------------------------------------------------------- The Uniform Electronic Transactions Act (UETA) is a model law adopted by 49 U.S. states (all except New York, which has its own Electronic Signatures and Records Act). UETA provides a legal framework for electronic signatures and records at the state level. ### [Relationship to ESIGN](https://docs.documenso.com/docs/compliance/esign#relationship-to-esign) UETA and the ESIGN Act have similar requirements and purposes. The federal ESIGN Act allows states to modify or supersede certain ESIGN provisions if they adopt UETA or an equivalent law. In practice, the requirements for electronic signatures under both laws align closely. ### [Key Requirements](https://docs.documenso.com/docs/compliance/esign#key-requirements-1) * Intent to sign demonstrated by the signer * Consent to conduct transactions electronically * Retention of records in their original electronic form * Attribution of the signature to the signer * * * [eIDAS (European Union)](https://docs.documenso.com/docs/compliance/esign#eidas-european-union) ------------------------------------------------------------------------------------------------ The Electronic Identification, Authentication and Trust Services (eIDAS) regulation governs electronic signatures across all EU member states. eIDAS establishes three levels of electronic signatures, each with different requirements and legal effects. ### [Signature Levels](https://docs.documenso.com/docs/compliance/esign#signature-levels) | Level | Description | Legal Effect | | --- | --- | --- | | **Simple (SES)** | Basic electronic signature with no specific technical requirements | Admissible as evidence; legal effect varies by use | | **Advanced (AES)** | Uniquely linked to signer, capable of identifying signer, under sole control | Higher evidentiary weight than SES | | **Qualified (QES)** | AES created by a qualified signature creation device, based on a qualified certificate | Equivalent to handwritten signature across the EU | ### [Simple Electronic Signatures (SES)](https://docs.documenso.com/docs/compliance/esign#simple-electronic-signatures-ses) SES is the baseline level. Any data in electronic form attached to or logically associated with other electronic data, used by the signatory to sign, qualifies as an SES. There are no specific technical requirements beyond demonstrating intent to sign. ### [Advanced Electronic Signatures (AES)](https://docs.documenso.com/docs/compliance/esign#advanced-electronic-signatures-aes) AES must meet additional criteria: * Uniquely linked to the signatory * Capable of identifying the signatory * Created using signature creation data under the signatory's sole control * Linked to the signed data in a way that detects subsequent changes ### [Qualified Electronic Signatures (QES)](https://docs.documenso.com/docs/compliance/esign#qualified-electronic-signatures-qes) QES requires: * A qualified certificate issued by a qualified trust service provider * Creation using a qualified electronic signature creation device * Identity verification compliant with eIDAS requirements QES carries the same legal standing as a handwritten signature in all EU member states. * * * [Other Jurisdictions](https://docs.documenso.com/docs/compliance/esign#other-jurisdictions) -------------------------------------------------------------------------------------------- Electronic signature laws exist in most countries. Below are selected examples: | Jurisdiction | Framework | Notes | | --- | --- | --- | | **United Kingdom** | UK eIDAS / Electronic Communications Act 2000 | Post-Brexit, UK maintains eIDAS-like framework | | **Canada** | PIPEDA, provincial laws | Federal and provincial laws govern e-signatures | | **Australia** | Electronic Transactions Act 1999 | Generally technology-neutral approach | | **Switzerland** | ZertES | Swiss federal law with qualified signature requirements | | **Brazil** | MP 2200-2, ICP-Brasil | PKI-based framework for digital signatures | | **India** | IT Act 2000, Aadhaar e-KYC | Recognizes electronic signatures; Aadhaar-based verification | | **China** | Electronic Signature Law | Requires reliable electronic signatures for certain uses | | **Japan** | Electronic Signatures Act | Three-tier system similar to eIDAS | Requirements vary significantly by jurisdiction. Some transactions may require specific signature types or have exclusions similar to the ESIGN Act. * * * [How Documenso Supports Compliance](https://docs.documenso.com/docs/compliance/esign#how-documenso-supports-compliance) ------------------------------------------------------------------------------------------------------------------------ Documenso provides features that support compliance with e-signature laws across jurisdictions: ### [Intent to Sign](https://docs.documenso.com/docs/compliance/esign#intent-to-sign) * Signers must actively interact with signature fields to apply their signature * The signing interface clearly indicates the document being signed * Signers receive a copy of the completed document ### [Consent](https://docs.documenso.com/docs/compliance/esign#consent) * Recipients receive clear notification that they are being asked to sign electronically * The signing process requires affirmative action from the signer ### [Record Retention](https://docs.documenso.com/docs/compliance/esign#record-retention) * Signed documents are stored and accessible to all parties * Original documents and audit trails are preserved * Documents can be downloaded in their signed form at any time ### [Document Integrity](https://docs.documenso.com/docs/compliance/esign#document-integrity) * All completed documents are cryptographically sealed * Any modification after signing invalidates the digital signature * PDF readers can verify the document has not been altered ### [Signer Identification](https://docs.documenso.com/docs/compliance/esign#signer-identification) * Email-based delivery establishes signer identity * Optional access codes add verification * Signing activity is logged with timestamps and metadata * * * [Audit Trails](https://docs.documenso.com/docs/compliance/esign#audit-trails) ------------------------------------------------------------------------------ Documenso maintains an audit trail for each document, recording: | Event | Recorded Data | | --- | --- | | Document creation | Timestamp, creator identity | | Recipient addition | Recipient details, assigned fields | | Document sent | Timestamp, delivery method | | Document viewed | Timestamp, viewer identity, IP address | | Field completed | Timestamp, field type, signer identity | | Document completed | Timestamp, final document hash | The audit trail provides evidence of the signing process, including who signed, when they signed, and the sequence of events. This information supports the legal enforceability of the signed document. * * * [What Documenso Does NOT Provide](https://docs.documenso.com/docs/compliance/esign#what-documenso-does-not-provide) -------------------------------------------------------------------------------------------------------------------- Documenso supports compliance with Simple Electronic Signature (SES) requirements. The following are not currently provided: | Capability | Status | | --- | --- | | **Qualified Electronic Signatures (QES)** | Not supported; requires integration with qualified trust service providers | | **Advanced Electronic Signatures (AES)** | Partial support; full AES requires identity verification services | | **Identity Verification (KYC)** | Not built-in; optional integrations may be available | | **Qualified Certificates** | Not issued; would require becoming a qualified trust service provider | | **Industry-Specific Compliance** | Features for specific regulations (e.g., healthcare, finance) depend on configuration | For transactions requiring AES or QES, consult with legal counsel about appropriate solutions. * * * [Disclaimer](https://docs.documenso.com/docs/compliance/esign#disclaimer) -------------------------------------------------------------------------- This page provides general information about electronic signature laws for educational purposes. It does not constitute legal advice. Electronic signature requirements vary by jurisdiction, transaction type, and specific circumstances. Some documents may have specific legal requirements that electronic signatures cannot satisfy. Consult qualified legal counsel in your jurisdiction to determine whether electronic signatures are appropriate for your specific use case and what requirements must be met. * * * [Related](https://docs.documenso.com/docs/compliance/esign#related) -------------------------------------------------------------------- * [Signature Levels](https://docs.documenso.com/docs/compliance/signature-levels) - Simple, Advanced, and Qualified electronic signatures explained * [Standards & Regulations](https://docs.documenso.com/docs/compliance/standards) - SOC 2, 21 CFR Part 11, and other compliance frameworks * [Signing Certificates](https://docs.documenso.com/docs/concepts/signing-certificates) - How documents are digitally signed and verified [Compliance\ \ Legal and regulatory compliance information for electronic signatures.](https://docs.documenso.com/docs/compliance) [Standards & Regulations\ \ Key technical standards that ensure digital signatures are secure, interoperable, and valid long-term.](https://docs.documenso.com/docs/compliance/standards) ### On this page [ESIGN Act (United States)](https://docs.documenso.com/docs/compliance/esign#esign-act-united-states) [Key Requirements](https://docs.documenso.com/docs/compliance/esign#key-requirements) [Exclusions](https://docs.documenso.com/docs/compliance/esign#exclusions) [UETA (United States)](https://docs.documenso.com/docs/compliance/esign#ueta-united-states) [Relationship to ESIGN](https://docs.documenso.com/docs/compliance/esign#relationship-to-esign) [Key Requirements](https://docs.documenso.com/docs/compliance/esign#key-requirements-1) [eIDAS (European Union)](https://docs.documenso.com/docs/compliance/esign#eidas-european-union) [Signature Levels](https://docs.documenso.com/docs/compliance/esign#signature-levels) [Simple Electronic Signatures (SES)](https://docs.documenso.com/docs/compliance/esign#simple-electronic-signatures-ses) [Advanced Electronic Signatures (AES)](https://docs.documenso.com/docs/compliance/esign#advanced-electronic-signatures-aes) [Qualified Electronic Signatures (QES)](https://docs.documenso.com/docs/compliance/esign#qualified-electronic-signatures-qes) [Other Jurisdictions](https://docs.documenso.com/docs/compliance/esign#other-jurisdictions) [How Documenso Supports Compliance](https://docs.documenso.com/docs/compliance/esign#how-documenso-supports-compliance) [Intent to Sign](https://docs.documenso.com/docs/compliance/esign#intent-to-sign) [Consent](https://docs.documenso.com/docs/compliance/esign#consent) [Record Retention](https://docs.documenso.com/docs/compliance/esign#record-retention) [Document Integrity](https://docs.documenso.com/docs/compliance/esign#document-integrity) [Signer Identification](https://docs.documenso.com/docs/compliance/esign#signer-identification) [Audit Trails](https://docs.documenso.com/docs/compliance/esign#audit-trails) [What Documenso Does NOT Provide](https://docs.documenso.com/docs/compliance/esign#what-documenso-does-not-provide) [Disclaimer](https://docs.documenso.com/docs/compliance/esign#disclaimer) [Related](https://docs.documenso.com/docs/compliance/esign#related) --- # Standards & Regulations | Documenso Docs [Compliance](https://docs.documenso.com/docs/compliance) Standards & Regulations ======================= Key technical standards that ensure digital signatures are secure, interoperable, and valid long-term. Copy MarkdownOpen [PDF/A for Archival](https://docs.documenso.com/docs/compliance/standards#pdfa-for-archival) --------------------------------------------------------------------------------------------- PDF/A is an ISO-standardized version of PDF designed for long-term archival of electronic documents. Unlike standard PDFs, PDF/A files are self-contained and do not rely on external resources. Key characteristics: * All fonts must be embedded * No external content references allowed * No encryption that would prevent future access * Metadata must be embedded in XMP format * Color spaces must be device-independent or include ICC profiles PDF/A has several conformance levels (PDF/A-1, PDF/A-2, PDF/A-3) with increasing capabilities. PDF/A-3, for example, allows embedding of arbitrary file formats as attachments. For signed documents intended for long-term storage, PDF/A ensures the document remains readable and verifiable years or decades after signing. [PAdES (PDF Advanced Electronic Signatures)](https://docs.documenso.com/docs/compliance/standards#pades-pdf-advanced-electronic-signatures) -------------------------------------------------------------------------------------------------------------------------------------------- PAdES is a set of standards (ETSI EN 319 142) that defines profiles for electronic signatures in PDF documents. It builds on the PDF signature capabilities defined in ISO 32000 and adds requirements for long-term validity. PAdES defines several signature profiles: | Profile | Description | | --- | --- | | PAdES-B | Basic signature with signing certificate | | PAdES-T | Adds a trusted timestamp | | PAdES-LT | Adds validation data (certificates, revocation info) | | PAdES-LTA | Adds long-term archival timestamps | Each level builds upon the previous, with PAdES-LTA providing the strongest guarantees for long-term signature validity. The inclusion of validation data and archival timestamps allows signatures to be verified even after certificates expire or CAs cease operations. [ISO 32000 (PDF Standard)](https://docs.documenso.com/docs/compliance/standards#iso-32000-pdf-standard) -------------------------------------------------------------------------------------------------------- ISO 32000 is the international standard that defines the PDF format. It specifies the technical foundation for digital signatures in PDF documents. Relevant signature capabilities defined in ISO 32000: * Signature field dictionaries and appearance streams * Cryptographic signature handlers * Certificate and timestamp embedding * Incremental updates for signature preservation * Document modification detection ISO 32000-2 (PDF 2.0) introduced additional features including support for more signature algorithms and improved encryption options. [X.509 Certificates](https://docs.documenso.com/docs/compliance/standards#x509-certificates) --------------------------------------------------------------------------------------------- X.509 is the standard format for public key certificates used in digital signatures. These certificates bind a public key to an identity and are issued by Certificate Authorities (CAs). A typical X.509 certificate contains: * Subject (identity information) * Issuer (the CA that issued the certificate) * Public key * Validity period (not before / not after dates) * Serial number * Signature algorithm * Extensions (key usage, policies, etc.) For document signing, certificates typically include the "digital signature" key usage extension. Qualified certificates under eIDAS regulations have additional requirements and provide higher levels of assurance. Certificate validation involves checking: 1. The certificate chain up to a trusted root CA 2. That no certificate in the chain has expired 3. Revocation status via CRL or OCSP [RFC 3161 (Timestamping)](https://docs.documenso.com/docs/compliance/standards#rfc-3161-timestamping) ------------------------------------------------------------------------------------------------------ RFC 3161 defines the Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP). Timestamps prove that a document existed in a specific state at a particular point in time. A timestamp token contains: * Hash of the signed data * Time of issuance (from a trusted time source) * Identifier of the Time Stamping Authority (TSA) * TSA's digital signature Timestamps serve two purposes in document signing: 1. **Proof of existence**: Demonstrates the document was signed before a certain time 2. **Signature validity extension**: Allows signature verification after the signing certificate expires Without a trusted timestamp, a signature can only be verified while the signing certificate remains valid. With a timestamp, the signature remains verifiable as long as the timestamp can be validated. [What Documenso Implements](https://docs.documenso.com/docs/compliance/standards#what-documenso-implements) ------------------------------------------------------------------------------------------------------------ Documenso implements digital signatures with the following characteristics: * **PDF signatures**: Documents are signed using the PDF signature capabilities defined in ISO 32000 * **X.509 certificates**: Signatures use X.509 certificates for signer identification * **Timestamps**: RFC 3161 timestamps can be applied to signatures * **Signature visualization**: Signed documents include visual signature representations For specific implementation details and configuration options, refer to the [signing certificates](https://docs.documenso.com/signing-certificates/overview) documentation. Self-hosted deployments can configure their own signing certificates and timestamp authorities to meet specific compliance requirements. [Related](https://docs.documenso.com/docs/compliance/standards#related) ------------------------------------------------------------------------ * [Legal Validity](https://docs.documenso.com/compliance/legal-validity) - Legal frameworks for electronic signatures * [Signing Certificates Overview](https://docs.documenso.com/signing-certificates/overview) - Certificate configuration * [Audit Log](https://docs.documenso.com/features/audit-log) - Document activity tracking [E-Sign Compliance\ \ Understand ESIGN, UETA, eIDAS, and other electronic signature laws that govern digital documents.](https://docs.documenso.com/docs/compliance/esign) [Signature Levels\ \ Understand the three eIDAS signature levels — SES, AES, and QES — their requirements, legal effect, and when to use each.](https://docs.documenso.com/docs/compliance/signature-levels) ### On this page [PDF/A for Archival](https://docs.documenso.com/docs/compliance/standards#pdfa-for-archival) [PAdES (PDF Advanced Electronic Signatures)](https://docs.documenso.com/docs/compliance/standards#pades-pdf-advanced-electronic-signatures) [ISO 32000 (PDF Standard)](https://docs.documenso.com/docs/compliance/standards#iso-32000-pdf-standard) [X.509 Certificates](https://docs.documenso.com/docs/compliance/standards#x509-certificates) [RFC 3161 (Timestamping)](https://docs.documenso.com/docs/compliance/standards#rfc-3161-timestamping) [What Documenso Implements](https://docs.documenso.com/docs/compliance/standards#what-documenso-implements) [Related](https://docs.documenso.com/docs/compliance/standards#related) --- # Concepts | Documenso Docs Concepts ======== Foundational concepts behind document signing, recipient roles, field types, and certificates. Copy MarkdownOpen [Core Concepts](https://docs.documenso.com/docs/concepts#core-concepts) ------------------------------------------------------------------------ [### Document Lifecycle\ \ How documents move from draft to pending to completed or rejected.](https://docs.documenso.com/docs/concepts/document-lifecycle) [### Recipient Roles\ \ Signers, approvers, viewers, assistants, and CC recipients.](https://docs.documenso.com/docs/concepts/recipient-roles) [### Field Types\ \ Signatures, text, dates, checkboxes, dropdowns, and more.](https://docs.documenso.com/docs/concepts/field-types) [### Signing Workflow\ \ The complete process from preparing a document to collecting signatures and sealing the final PDF.](https://docs.documenso.com/docs/concepts/signing-workflow) [### Signing Certificates\ \ How documents are digitally signed and verified.](https://docs.documenso.com/docs/concepts/signing-certificates) * * * [How These Concepts Apply](https://docs.documenso.com/docs/concepts#how-these-concepts-apply) ---------------------------------------------------------------------------------------------- These concepts work consistently across all ways you interact with Documenso: * **Web application**: When you create documents in the UI, you'll select recipient roles, add fields, and track documents through their lifecycle states. * **API integration**: The same concepts map directly to API endpoints. Documents have status fields, recipients have role properties, and fields have type configurations. * **Self-hosting**: The signing certificate concept becomes particularly relevant when you deploy your own instance and configure your own certificates for document signing. Understanding these fundamentals will make the rest of the documentation easier to follow. * * * [Related Sections](https://docs.documenso.com/docs/concepts#related-sections) ------------------------------------------------------------------------------ [### User Guide\ \ Apply these concepts when sending documents.](https://docs.documenso.com/docs/users) [### Developer Guide\ \ Work with these concepts through the API.](https://docs.documenso.com/docs/developers) [### Compliance\ \ How these concepts relate to legal standards.](https://docs.documenso.com/docs/compliance) [Troubleshooting\ \ Diagnose and resolve common issues with your self-hosted Documenso instance, organized by component.](https://docs.documenso.com/docs/self-hosting/maintenance/troubleshooting) [Document Lifecycle\ \ Track document progress through draft, pending, completed, and rejected states.](https://docs.documenso.com/docs/concepts/document-lifecycle) ### On this page [Core Concepts](https://docs.documenso.com/docs/concepts#core-concepts) [How These Concepts Apply](https://docs.documenso.com/docs/concepts#how-these-concepts-apply) [Related Sections](https://docs.documenso.com/docs/concepts#related-sections) --- # Recipient Roles | Documenso Docs [Concepts](https://docs.documenso.com/docs/concepts) Recipient Roles =============== Signers, approvers, viewers, assistants, and CC recipients. Copy MarkdownOpen [Role Overview](https://docs.documenso.com/docs/concepts/recipient-roles#role-overview) ---------------------------------------------------------------------------------------- | Role | Action Required | Can Sign | Description | | --- | --- | --- | --- | | Signer | Yes | Yes | Must sign the document | | Approver | Yes | Optional | Must approve the document | | Viewer | Yes | No | Must view the document | | Assistant | Yes | No | Can pre-fill fields for other recipients | | CC | No | No | Receives a copy after completion | [Role Details](https://docs.documenso.com/docs/concepts/recipient-roles#role-details) -------------------------------------------------------------------------------------- SignerApproverViewerAssistantCC Signers are the primary recipients of a document. They must complete all signature fields assigned to them before the document can be finalized. **What they can do:** * Sign signature fields assigned to them * Fill out any other fields assigned to them (text, date, checkbox, etc.) * Download the document after signing **What they cannot do:** * Sign on behalf of other recipients * Modify fields assigned to other recipients **When to use this role:** * Contracts requiring a legally binding signature * Agreements where the recipient must formally consent * Any document that requires a signature to be valid Approvers must review and approve the document, but signing is optional. The document cannot be completed until all approvers have given their approval. **What they can do:** * Approve or reject the document * Optionally add a signature if signature fields are assigned * Fill out fields assigned to them * Download the document after approval **What they cannot do:** * Complete the document without explicitly approving it * Modify fields assigned to other recipients **When to use this role:** * Documents requiring manager or supervisor approval * Workflows where review is required before final signatures * Compliance processes requiring sign-off from multiple parties Viewers must acknowledge that they have viewed the document. They cannot add signatures but must confirm they have reviewed the content. **What they can do:** * View the complete document * Confirm they have viewed it * Download the document after viewing **What they cannot do:** * Sign the document * Fill out fields (no fields can be assigned to viewers) * Modify the document in any way **When to use this role:** * Informational documents that require acknowledgment * Policies or disclosures that recipients must review * Documents where you need proof of receipt without a signature Assistants can prepare the document by pre-filling fields on behalf of other signers. This role is only available when sequential signing is enabled. **What they can do:** * Pre-fill suggested values in fields assigned to later signers * Help prepare the document for the actual signers * Fill out any fields specifically assigned to them **What they cannot do:** * Sign on behalf of other recipients * Submit the document as complete * Be used in parallel signing mode **When to use this role:** * Administrative staff preparing documents for executives to sign * Workflows where one person gathers information and another signs * Situations where you want to reduce the burden on the final signer The Assistant role requires sequential signing to be enabled. You cannot use this role when recipients sign in parallel. CC recipients receive a copy of the completed document but do not need to take any action. They are notified when the document is fully signed. **What they can do:** * Receive a copy of the completed document * Download the signed document **What they cannot do:** * Sign or approve the document * View the document before it is completed * Take any action that affects document completion **When to use this role:** * Keeping stakeholders informed about signed agreements * Sending copies to legal or compliance teams * Archiving completed documents with relevant parties [Signing Order](https://docs.documenso.com/docs/concepts/recipient-roles#signing-order) ---------------------------------------------------------------------------------------- You can control the sequence in which recipients receive and act on a document by enabling signing order. Parallel signing (default)Sequential signing All recipients receive the document simultaneously and can act in any order. The document is completed when all required recipients have finished their actions. Recipients receive the document one at a time, in the order you specify. Each recipient must complete their action before the next recipient is notified. To enable sequential signing: 1. When adding recipients, check the "Enable signing order" option 2. Assign an order number to each recipient 3. Recipients with the same order number can act simultaneously 4. The document proceeds to the next order number only when all recipients at the current level have completed their actions Sequential signing is required if you want to use the Assistant role. [Related](https://docs.documenso.com/docs/concepts/recipient-roles#related) ---------------------------------------------------------------------------- * [Add Recipients](https://docs.documenso.com/users/documents/add-recipients) - How to add recipients to a document * [Field Types](https://docs.documenso.com/concepts/field-types) - Learn about the different field types you can assign to recipients [Document Lifecycle\ \ Track document progress through draft, pending, completed, and rejected states.](https://docs.documenso.com/docs/concepts/document-lifecycle) [Field Types\ \ Placeholder types for capturing signatures, text, dates, and selections during signing.](https://docs.documenso.com/docs/concepts/field-types) ### On this page [Role Overview](https://docs.documenso.com/docs/concepts/recipient-roles#role-overview) [Role Details](https://docs.documenso.com/docs/concepts/recipient-roles#role-details) [Signing Order](https://docs.documenso.com/docs/concepts/recipient-roles#signing-order) [Related](https://docs.documenso.com/docs/concepts/recipient-roles#related) --- # GDPR | Documenso Docs [Compliance](https://docs.documenso.com/docs/compliance) GDPR ==== Understand how Documenso handles GDPR compliance for data processing and storage. Copy MarkdownOpen [Documenso's Role](https://docs.documenso.com/docs/compliance/gdpr#documensos-role) ------------------------------------------------------------------------------------ When using Documenso for document signing, two distinct data processing roles apply: | Role | Description | | --- | --- | | **Data Controller** | You (the organisation using Documenso) determine the purposes and means of processing | | **Data Processor** | Documenso processes personal data on your behalf according to your instructions | As the data controller, you are responsible for: * Obtaining appropriate consent or legal basis for processing * Informing data subjects about how their data is used * Responding to data subject access requests * Ensuring compliance with GDPR requirements As the data processor, Documenso: * Processes data only according to your instructions * Implements appropriate security measures * Assists with data subject requests when needed * Maintains records of processing activities [Data Processing](https://docs.documenso.com/docs/compliance/gdpr#data-processing) ----------------------------------------------------------------------------------- Documenso processes personal data necessary to provide document signing services: | Data Category | Examples | Purpose | | --- | --- | --- | | **Identity Data** | Name, email address | User accounts, recipient identification | | **Document Data** | Uploaded PDFs, field values | Document storage and signing | | **Signature Data** | Signature images, signing timestamps | Recording signing actions | | **Audit Data** | IP addresses, browser information, action logs | Audit trail and verification | Data is processed for the following purposes: * Delivering documents to recipients * Recording signatures and other recipient actions * Generating signed documents with audit trails * Sending email notifications [Data Storage Locations](https://docs.documenso.com/docs/compliance/gdpr#data-storage-locations) ------------------------------------------------------------------------------------------------- Where your data is stored depends on how you use Documenso: Documenso CloudSelf-Hosted For the hosted cloud service: * Application data is stored in data centres within the European Union * Document storage uses EU-based infrastructure * Backups are maintained in geographically separate EU locations Contact Documenso for specific information about sub-processors and data centre locations. When you self-host Documenso: * You control all data storage locations * No data is transmitted to Documenso's infrastructure * You choose your own database, file storage, and backup locations Self-hosting provides complete control over data residency, which may be required for certain compliance scenarios. [Data Subject Rights](https://docs.documenso.com/docs/compliance/gdpr#data-subject-rights) ------------------------------------------------------------------------------------------- GDPR grants individuals specific rights regarding their personal data. As the data controller, you are responsible for fulfilling these requests: | Right | Description | | --- | --- | | **Access** | Data subjects can request a copy of their personal data | | **Rectification** | Data subjects can request correction of inaccurate data | | **Erasure** | Data subjects can request deletion of their data ("right to be forgotten") | | **Portability** | Data subjects can request their data in a machine-readable format | | **Restriction** | Data subjects can request limited processing of their data | | **Objection** | Data subjects can object to certain types of processing | When you receive a data subject request, you can: * Export user and document data from your Documenso account * Delete user accounts and associated documents * Contact Documenso support for assistance with cloud-hosted data [Data Deletion](https://docs.documenso.com/docs/compliance/gdpr#data-deletion) ------------------------------------------------------------------------------- Documenso supports data deletion to help fulfill erasure requests: ### User Account Deletion ### Document Deletion ### Retention Considerations [Self-Hosting for GDPR Compliance](https://docs.documenso.com/docs/compliance/gdpr#self-hosting-for-gdpr-compliance) --------------------------------------------------------------------------------------------------------------------- Self-hosting Documenso can simplify GDPR compliance: * **Data residency** - Store all data in your chosen jurisdiction * **Sub-processor control** - No third-party data processors beyond your own infrastructure * **Direct access** - Full database access for data subject requests * **Retention control** - Implement custom data retention and deletion policies See the [Self-Hosting Guide](https://docs.documenso.com/docs/self-hosting) for deployment options. [Data Processing Agreement](https://docs.documenso.com/docs/compliance/gdpr#data-processing-agreement) ------------------------------------------------------------------------------------------------------- A Data Processing Agreement (DPA) is a contract required by GDPR when a data controller engages a data processor. Documenso CloudSelf-Hosted * A DPA is available upon request * Contact [support@documenso.com](mailto:support@documenso.com) to request a DPA * The DPA covers Documenso's obligations as a data processor No DPA with Documenso is required since no personal data is processed by Documenso. * * * [Disclaimer](https://docs.documenso.com/docs/compliance/gdpr#disclaimer) ------------------------------------------------------------------------- This documentation is provided for informational purposes only and does not constitute legal advice. GDPR compliance depends on your specific circumstances, including how you use Documenso, what data you process, and your organisation's obligations. Consult with qualified legal counsel to: * Determine your GDPR obligations * Draft appropriate privacy notices * Establish lawful bases for processing * Implement compliant data handling procedures * * * [Related](https://docs.documenso.com/docs/compliance/gdpr#related) ------------------------------------------------------------------- * [Standards & Regulations](https://docs.documenso.com/docs/compliance/standards) - eIDAS, ESIGN Act, and other compliance frameworks * [Self-Hosting Guide](https://docs.documenso.com/docs/self-hosting) - Deploy Documenso on your own infrastructure * [Security Settings](https://docs.documenso.com/docs/users/settings/security) - Configure authentication and security options [Signature Levels\ \ Understand the three eIDAS signature levels — SES, AES, and QES — their requirements, legal effect, and when to use each.](https://docs.documenso.com/docs/compliance/signature-levels) [Certifications & Regulatory Compliance\ \ Documenso's compliance status for industry certifications and regulatory frameworks.](https://docs.documenso.com/docs/compliance/certifications) ### On this page [Documenso's Role](https://docs.documenso.com/docs/compliance/gdpr#documensos-role) [Data Processing](https://docs.documenso.com/docs/compliance/gdpr#data-processing) [Data Storage Locations](https://docs.documenso.com/docs/compliance/gdpr#data-storage-locations) [Data Subject Rights](https://docs.documenso.com/docs/compliance/gdpr#data-subject-rights) [Data Deletion](https://docs.documenso.com/docs/compliance/gdpr#data-deletion) [Self-Hosting for GDPR Compliance](https://docs.documenso.com/docs/compliance/gdpr#self-hosting-for-gdpr-compliance) [Data Processing Agreement](https://docs.documenso.com/docs/compliance/gdpr#data-processing-agreement) [Disclaimer](https://docs.documenso.com/docs/compliance/gdpr#disclaimer) [Related](https://docs.documenso.com/docs/compliance/gdpr#related) --- # Signing Workflow | Documenso Docs [Concepts](https://docs.documenso.com/docs/concepts) Signing Workflow ================ The complete process from preparing a document to collecting signatures and sealing the final PDF. Copy MarkdownOpen [Workflow Overview](https://docs.documenso.com/docs/concepts/signing-workflow#workflow-overview) ------------------------------------------------------------------------------------------------- A typical signing workflow follows these steps: 1. **Prepare** - Upload the document, add recipients, and place fields 2. **Send** - Distribute the document to recipients 3. **Notify** - Recipients receive signing requests 4. **Sign** - Recipients complete their assigned fields 5. **Complete** - Document is sealed and distributed to all parties ### [Prepare the document](https://docs.documenso.com/docs/concepts/signing-workflow#prepare-the-document) Document preparation involves three main tasks: uploading, adding recipients, and placing fields. **Upload the document** Start by uploading a PDF. You can upload directly: * from your device * create from an existing template * or duplicate a previously sent document. Once uploaded, the document enters the **Draft** state. **Add recipients** Add the people who need to interact with the document. Each recipient needs: * an email address * a name * a role Available roles are: | Role | Purpose | | --- | --- | | Signer | Must sign the document | | Approver | Must approve (signature optional) | | Viewer | Must confirm they viewed the document | | Assistant | Pre-fills fields for other recipients | | CC | Receives a copy after completion (no action needed) | **Place fields** Add fields that recipients will complete. At minimum, each signer needs one signature field. You can also add: * name * email * date * text * number * dropdown * checkbox * radio * initials fields Each field is assigned to a specific recipient, indicated by color coding in the editor. The document cannot be sent until every signer has at least one signature field assigned to them. ### [Send the document](https://docs.documenso.com/docs/concepts/signing-workflow#send-the-document) When the document is ready, you send it to recipients. You have two distribution options: Email distributionManual distribution Recipients receive an email notification with a link to sign. You can customize the email: * subject line * message body with personalized variables * reply-to address for recipient responses Generate signing links without sending emails. Use this when you want to: * send links via SMS or messaging apps * embed links in your own application * control notification timing yourself After sending, the document moves from **Draft** to **Pending** status. ### [Recipients are notified](https://docs.documenso.com/docs/concepts/signing-workflow#recipients-are-notified) When you send a document via email, each recipient receives a notification containing: * the document title * your name and email (or team name) * your custom message (or a role-specific default) * a unique signing link The signing link is specific to each recipient and cannot be used by others. Links remain active until the document is completed, deleted, or expired. **Signing order** By default, all recipients are notified simultaneously (parallel signing). If you enable sequential signing, only recipients in the first signing position receive notifications initially. When they complete their actions, the next group is notified. This continues until all recipients have been notified and completed their actions. ### [Recipients sign](https://docs.documenso.com/docs/concepts/signing-workflow#recipients-sign) When a recipient clicks their signing link, they see the document with their assigned fields highlighted. The signing experience depends on their role: SignerApproverViewer Signers must complete all required fields before they can finish. For signature fields, they can: * draw a signature using mouse or touchscreen * type their name and select a font style * upload an image of their existing signature After completing all fields, the signer clicks a button to submit. They receive a confirmation and can download a copy of the document showing their completed fields. Approvers review the document and must explicitly approve it. If signature fields are assigned, they can optionally sign. The document cannot proceed until all approvers have given approval. Viewers see the full document and must confirm they have viewed it. They cannot add signatures or modify any content. **Authentication** You can require recipients to verify their identity before signing through: * email verification (confirm access to the email address) * access code (enter a code you provide separately) * passkey (authenticate with a hardware or software passkey) ### [Document is completed](https://docs.documenso.com/docs/concepts/signing-workflow#document-is-completed) Once all recipients with required actions have completed them, the document is finalized. | Aspect | Description | | --- | --- | | **Sealing** | The completed document is sealed with a digital certificate that cryptographically signs the PDF, prevents modification without detection, and provides proof of authenticity. | | **Audit trail** | An audit log is generated and can be attached to the document. It records when the document was created and sent, when each recipient viewed and signed, IP addresses and timestamps for each action, and any authentication methods used. | | **Distribution** | All parties receive the completed document: signers, approvers, and viewers receive their copy via email; CC recipients receive their first notification with the completed document; the document owner can download the signed PDF from their dashboard. | [Workflow Variations](https://docs.documenso.com/docs/concepts/signing-workflow#workflow-variations) ----------------------------------------------------------------------------------------------------- Documenso supports several workflow variations to handle different signing scenarios. Sequential signingApproval workflowsAssistants for pre-fillingDirect links When recipients must sign in a specific order, enable signing order: 1. Assign each recipient a signing position (1, 2, 3, etc.) 2. Recipients at position 1 sign first 3. Recipients at position 2 are notified only after position 1 completes 4. Multiple recipients can share the same position to sign in parallel within that step Use sequential signing when later signers: * need to see what earlier signers entered * approval must happen before final signatures * company policy requires a specific signing order Combine approver and signer roles to create approval workflows: 1. Add approvers at signing position 1 2. Add signers at signing position 2 3. Approvers review and approve first 4. Signers are notified only after approval is complete If an approver rejects the document (when rejection is enabled), the workflow stops and signers are never notified. Use assistants to have one person prepare the document for another: 1. Add an assistant at signing position 1 2. Add the final signer at signing position 2 3. The assistant pre-fills fields with suggested values 4. The signer reviews and completes their signature This is useful when administrative staff prepare documents for executives or when gathering information from one person while another signs. The Assistant role is only available when sequential signing is enabled. For high-volume signing scenarios, you can create direct links that allow anyone to sign without receiving an individual invitation: * Generate a public signing link for a document or template * Share the link on your website, in emails, or through other channels * Each person who accesses the link creates their own signing instance * Useful for waivers, consent forms, and public agreements [Related Concepts](https://docs.documenso.com/docs/concepts/signing-workflow#related-concepts) ----------------------------------------------------------------------------------------------- * [Document Lifecycle](https://docs.documenso.com/docs/concepts/document-lifecycle) - Understanding document states from draft to completion * [Recipient Roles](https://docs.documenso.com/docs/concepts/recipient-roles) - Detailed explanation of each role type * [Field Types](https://docs.documenso.com/docs/concepts/field-types) - All available field types and their configuration options * [Signing Certificates](https://docs.documenso.com/docs/concepts/signing-certificates) - How documents are digitally sealed [Field Types\ \ Placeholder types for capturing signatures, text, dates, and selections during signing.](https://docs.documenso.com/docs/concepts/field-types) [Signing Certificates\ \ Documenso digitally signs completed documents using X.509 certificates, providing cryptographic proof of authenticity and integrity.](https://docs.documenso.com/docs/concepts/signing-certificates) ### On this page [Workflow Overview](https://docs.documenso.com/docs/concepts/signing-workflow#workflow-overview) [Prepare the document](https://docs.documenso.com/docs/concepts/signing-workflow#prepare-the-document) [Send the document](https://docs.documenso.com/docs/concepts/signing-workflow#send-the-document) [Recipients are notified](https://docs.documenso.com/docs/concepts/signing-workflow#recipients-are-notified) [Recipients sign](https://docs.documenso.com/docs/concepts/signing-workflow#recipients-sign) [Document is completed](https://docs.documenso.com/docs/concepts/signing-workflow#document-is-completed) [Workflow Variations](https://docs.documenso.com/docs/concepts/signing-workflow#workflow-variations) [Related Concepts](https://docs.documenso.com/docs/concepts/signing-workflow#related-concepts) --- # Signing Certificates | Documenso Docs [Concepts](https://docs.documenso.com/docs/concepts) Signing Certificates ==================== Documenso digitally signs completed documents using X.509 certificates, providing cryptographic proof of authenticity and integrity. Copy MarkdownOpen [How Documenso Signs Documents](https://docs.documenso.com/docs/concepts/signing-certificates#how-documenso-signs-documents) ----------------------------------------------------------------------------------------------------------------------------- Documenso applies a digital signature to the PDF when all recipients complete their actions. ### [Create hash](https://docs.documenso.com/docs/concepts/signing-certificates#create-hash) Creates a cryptographic hash of the document content. ### [Sign the hash](https://docs.documenso.com/docs/concepts/signing-certificates#sign-the-hash) Signs the hash using the certificate's private key. ### [Embed signature](https://docs.documenso.com/docs/concepts/signing-certificates#embed-signature) Embeds the signature and certificate information into the PDF. The signature is applied at the platform level, not by individual signers. Each signer's actions (signature image, text, checkboxes) are recorded and sealed together in the final signed document. [What the Signature Proves](https://docs.documenso.com/docs/concepts/signing-certificates#what-the-signature-proves) --------------------------------------------------------------------------------------------------------------------- The digital signature provides two guarantees: | Guarantee | Description | | --- | --- | | **Integrity** | The document has not been altered since signing | | **Authenticity** | The document was signed by the certificate holder (the Documenso instance) | If anyone modifies the PDF after signing, the signature becomes invalid. PDF readers will display a warning that the document has been changed. [Timestamps](https://docs.documenso.com/docs/concepts/signing-certificates#timestamps) --------------------------------------------------------------------------------------- Documenso can include a trusted timestamp from a Time Stamping Authority (TSA) in the signature. This proves when the document was signed, independent of the signer's system clock. Timestamps are important for: * Legal evidence of when signing occurred * Long-term validation (LTV) of signatures * Compliance with archival requirements [Viewing the Signature in PDF Readers](https://docs.documenso.com/docs/concepts/signing-certificates#viewing-the-signature-in-pdf-readers) ------------------------------------------------------------------------------------------------------------------------------------------- You can verify a signed document's signature in any PDF reader that supports digital signatures. Adobe AcrobatOther PDF readers 1. Open the signed PDF 2. Click the signature panel on the left, or click on a signature field 3. View certificate details, signing time, and validation status Preview, Foxit, and other PDF readers also display signature information, though the interface varies. Look for a signatures or security panel in the application menu. The signature panel shows who signed (certificate subject), when it was signed, whether the document has been modified, and certificate trust status. [Certificate Trust and Validation](https://docs.documenso.com/docs/concepts/signing-certificates#certificate-trust-and-validation) ----------------------------------------------------------------------------------------------------------------------------------- PDF readers validate signatures against their list of trusted Certificate Authorities (CAs). You may see different validation results depending on the certificate type: | Certificate Type | Validation Result | | --- | --- | | **CA-issued** | Green checkmark in Adobe if the CA is on the Adobe Approved Trust List | | **Self-signed** | Warning that the certificate is not from a trusted source | A self-signed certificate still provides integrity verification. The document cannot be modified without invalidating the signature. The warning only indicates that a third-party CA has not verified the certificate issuer's identity. For most use cases, self-signed certificates are sufficient. The signature still proves the document came from your Documenso instance and has not been tampered with. [Using Custom Certificates](https://docs.documenso.com/docs/concepts/signing-certificates#using-custom-certificates) --------------------------------------------------------------------------------------------------------------------- If you self-host Documenso, you can use your own signing certificate. Self-signedCA-issued Free and suitable for most use cases. The signature still proves document integrity and authenticity. You may see a warning in PDF readers that the certificate is not from a trusted source, but the document cannot be modified without invalidating the signature. Provides trusted validation in PDF readers (e.g. green checkmark in Adobe) when the CA is on the Adobe Approved Trust List. Required for some compliance scenarios where third-party verification of the certificate issuer is needed. See [Signing Certificate Configuration](https://docs.documenso.com/docs/self-hosting/configuration/signing-certificate) for setup instructions. [Related](https://docs.documenso.com/docs/concepts/signing-certificates#related) --------------------------------------------------------------------------------- * [Signature Levels](https://docs.documenso.com/docs/compliance/signature-levels) - Simple, Advanced, and Qualified electronic signatures * [Standards and Regulations](https://docs.documenso.com/docs/compliance/standards) - ESIGN, eIDAS, and other compliance frameworks * [Signing Certificate Configuration](https://docs.documenso.com/docs/self-hosting/configuration/signing-certificate) - Self-hosting certificate setup [Signing Workflow\ \ The complete process from preparing a document to collecting signatures and sealing the final PDF.](https://docs.documenso.com/docs/concepts/signing-workflow) [Compliance\ \ Legal and regulatory compliance information for electronic signatures.](https://docs.documenso.com/docs/compliance) ### On this page [How Documenso Signs Documents](https://docs.documenso.com/docs/concepts/signing-certificates#how-documenso-signs-documents) [Create hash](https://docs.documenso.com/docs/concepts/signing-certificates#create-hash) [Sign the hash](https://docs.documenso.com/docs/concepts/signing-certificates#sign-the-hash) [Embed signature](https://docs.documenso.com/docs/concepts/signing-certificates#embed-signature) [What the Signature Proves](https://docs.documenso.com/docs/concepts/signing-certificates#what-the-signature-proves) [Timestamps](https://docs.documenso.com/docs/concepts/signing-certificates#timestamps) [Viewing the Signature in PDF Readers](https://docs.documenso.com/docs/concepts/signing-certificates#viewing-the-signature-in-pdf-readers) [Certificate Trust and Validation](https://docs.documenso.com/docs/concepts/signing-certificates#certificate-trust-and-validation) [Using Custom Certificates](https://docs.documenso.com/docs/concepts/signing-certificates#using-custom-certificates) [Related](https://docs.documenso.com/docs/concepts/signing-certificates#related) --- # Developer Guide | Documenso Docs Developer Guide =============== Integrate Documenso into your applications using the REST API, webhooks, and embedding options. Copy MarkdownOpen [Getting Started](https://docs.documenso.com/docs/developers#getting-started) ------------------------------------------------------------------------------ [### Authentication\ \ Get your API key and authenticate requests.](https://docs.documenso.com/docs/developers/getting-started/authentication) [### First API Call\ \ Create and send your first document via the API.](https://docs.documenso.com/docs/developers/getting-started/first-api-call) * * * [Integration Options](https://docs.documenso.com/docs/developers#integration-options) -------------------------------------------------------------------------------------- [### API Reference\ \ Documents, recipients, fields, templates, and teams.](https://docs.documenso.com/docs/developers/api) [### Webhooks\ \ Receive notifications when documents are signed or updated.](https://docs.documenso.com/docs/developers/webhooks) [### Embedding\ \ Embed signing experiences using direct links or React.](https://docs.documenso.com/docs/developers/embedding) [### Examples\ \ Common integration patterns and workflows.](https://docs.documenso.com/docs/developers/examples) * * * [API Base URL](https://docs.documenso.com/docs/developers#api-base-url) ------------------------------------------------------------------------ https://app.documenso.com/api/v2 For self-hosted instances, replace with your instance URL: https://your-instance.com/api/v2 * * * [SDKs](https://docs.documenso.com/docs/developers#sdks) -------------------------------------------------------- Official SDKs are available for multiple languages: * [TypeScript SDK](https://github.com/documenso/sdk-typescript) * [Python SDK](https://github.com/documenso/sdk-python) * [Go SDK](https://github.com/documenso/sdk-go) * * * [Looking for Something Else?](https://docs.documenso.com/docs/developers#looking-for-something-else) ----------------------------------------------------------------------------------------------------- [### User Guide\ \ Send documents using the web application.](https://docs.documenso.com/docs/users) [### Self-Hosting\ \ Deploy your own Documenso instance.](https://docs.documenso.com/docs/self-hosting) ### On this page [Getting Started](https://docs.documenso.com/docs/developers#getting-started) [Integration Options](https://docs.documenso.com/docs/developers#integration-options) [API Base URL](https://docs.documenso.com/docs/developers#api-base-url) [SDKs](https://docs.documenso.com/docs/developers#sdks) [Looking for Something Else?](https://docs.documenso.com/docs/developers#looking-for-something-else) --- # Community Edition | Documenso Docs [Policies](https://docs.documenso.com/docs/policies) Community Edition ================= The open-source version of Documenso, available under the AGPL-3.0 license. Includes core document signing functionality and can be self-hosted. Copy MarkdownOpen [AGPL-3.0 License Overview](https://docs.documenso.com/docs/policies/community-edition#agpl-30-license-overview) ----------------------------------------------------------------------------------------------------------------- The GNU Affero General Public License version 3 (AGPL-3.0) is a copyleft license designed to ensure software freedom. It is similar to GPL-3.0 but includes an additional "network clause" that addresses software-as-a-service use cases. Key characteristics: * **Copyleft**: Derivative works must use the same license * **Network clause**: Network access triggers the same obligations as distribution * **Source availability**: Users must be able to access the source code The full license text is available in the [LICENSE file](https://github.com/documenso/documenso/blob/main/LICENSE) in the repository. [What You Can Do](https://docs.documenso.com/docs/policies/community-edition#what-you-can-do) ---------------------------------------------------------------------------------------------- Under the AGPL-3.0 license, you are permitted to: | Action | Description | | --- | --- | | **Use** | Run Documenso for any purpose, including commercial use | | **Study** | Access and examine the complete source code | | **Modify** | Make changes and customizations to the software | | **Distribute** | Share copies of the original or modified software | | **Self-host** | Deploy on your own servers, cloud infrastructure, or locally | | **Offer services** | Provide document signing services to users (with obligations) | [What You Must Do](https://docs.documenso.com/docs/policies/community-edition#what-you-must-do) ------------------------------------------------------------------------------------------------ When using or distributing the Community Edition, you must comply with these requirements: ### Source Code Disclosure ### Attribution ### License Continuity ### Enterprise Edition Boundary [Features Included](https://docs.documenso.com/docs/policies/community-edition#features-included) -------------------------------------------------------------------------------------------------- The Community Edition includes the core Documenso functionality: ### Document Management ### Field Types ### Signing Experience ### Templates ### API Access ### Self-Hosting [Support Options](https://docs.documenso.com/docs/policies/community-edition#support-options) ---------------------------------------------------------------------------------------------- Community Edition users have access to community-based support: ### Discord ### GitHub ### Documentation Community support is provided on a best-effort basis by volunteers and Documenso team members. For guaranteed response times and dedicated support, consider the Enterprise Edition. [Contributing Back](https://docs.documenso.com/docs/policies/community-edition#contributing-back) -------------------------------------------------------------------------------------------------- Contributions to Documenso are welcome and appreciated. You can contribute in several ways: ### Code Contributions ### Other Contributions ### Contributor Guidelines [When to Consider Enterprise Edition](https://docs.documenso.com/docs/policies/community-edition#when-to-consider-enterprise-edition) -------------------------------------------------------------------------------------------------------------------------------------- The Community Edition is appropriate for many use cases. However, you may need the Enterprise Edition if you: * Cannot comply with AGPL-3.0 source disclosure requirements * Need to keep modifications proprietary * Require dedicated support with guaranteed response times * Need enterprise-specific features (SSO, advanced audit logs, etc.) * Have corporate policies that prohibit AGPL-licensed software See [Enterprise Edition](https://docs.documenso.com/docs/policies/enterprise-edition) for details on commercial licensing. [Related](https://docs.documenso.com/docs/policies/community-edition#related) ------------------------------------------------------------------------------ * [Licenses](https://docs.documenso.com/docs/policies/licenses) - Overview of both licensing options * [Licenses](https://docs.documenso.com/docs/policies/licenses) - Detailed AGPL-3.0 explanation * [Enterprise Edition](https://docs.documenso.com/docs/policies/enterprise-edition) - Commercial license details * [Self-Hosting Guide](https://docs.documenso.com/docs/self-hosting) - Deploy your own instance * [Support](https://docs.documenso.com/docs/policies/support) - All support options * [Full AGPL-3.0 License Text](https://www.gnu.org/licenses/agpl-3.0.html) - Complete license terms * [GitHub Repository](https://github.com/documenso/documenso) - Source code and LICENSE file [Licenses\ \ Documenso uses a dual licensing model with an open-source AGPL-3.0 license (Community Edition) and a commercial license (Enterprise Edition).](https://docs.documenso.com/docs/policies/licenses) [Enterprise Edition\ \ Commercial license that removes AGPL-3.0 source code disclosure requirements, allowing organisations to integrate Documenso into proprietary products.](https://docs.documenso.com/docs/policies/enterprise-edition) ### On this page [AGPL-3.0 License Overview](https://docs.documenso.com/docs/policies/community-edition#agpl-30-license-overview) [What You Can Do](https://docs.documenso.com/docs/policies/community-edition#what-you-can-do) [What You Must Do](https://docs.documenso.com/docs/policies/community-edition#what-you-must-do) [Features Included](https://docs.documenso.com/docs/policies/community-edition#features-included) [Support Options](https://docs.documenso.com/docs/policies/community-edition#support-options) [Contributing Back](https://docs.documenso.com/docs/policies/community-edition#contributing-back) [When to Consider Enterprise Edition](https://docs.documenso.com/docs/policies/community-edition#when-to-consider-enterprise-edition) [Related](https://docs.documenso.com/docs/policies/community-edition#related) --- # Fair Use Policy | Documenso Docs [Policies](https://docs.documenso.com/docs/policies) Fair Use Policy =============== Fair use guidelines for Documenso Cloud to keep things sustainable for everyone. Copy MarkdownOpen We like to overdeliver, but we cannot overcommit. Our plans are designed to be generous and flexible without forcing customers into rigid volume limits they may never use. Estimating usage at scale is hard, especially over short periods. This fair use policy exists to keep plans sustainable while allowing us to add more value wherever possible without overformalising restrictions. We offer our plans without limits on signing or API volume because we want users and customers to make the most of their accounts. If you are on one of these plans, we ask you to abide by this fair use policy. [Spirit of the Plan](https://docs.documenso.com/docs/policies/fair-use#spirit-of-the-plan) ------------------------------------------------------------------------------------------- Use the limitless plans as much as you like. They are meant to offer a lot. Please respect the spirit and intended scope of the account. **What happens if I go beyond the scope of this policy?** We will ask you to upgrade to a fitting plan or custom pricing. We will not block your account without reaching out. You can message us with any questions. ### [Do](https://docs.documenso.com/docs/policies/fair-use#do) * Sign as many documents as you need with the individual plan for your single business or organisation * Use the API and automation tools to automate your signing workflows * Experiment with plans and integrations while testing what you want to build ### [Don't](https://docs.documenso.com/docs/policies/fair-use#dont) * Use an individual account API to power a platform or product * Run a large company signing thousands of documents per day on a small team plan * Expect enterprise-level support on a fair support plan * Overthink this policy — if you are a paying customer, we want you to win [Rate Limits](https://docs.documenso.com/docs/policies/fair-use#rate-limits) ----------------------------------------------------------------------------- API and application requests are rate-limited to protect service availability. Limits apply per user or API token. When a limit is reached, requests return a `429 Too Many Requests` response with a `Retry-After` header indicating when to retry. | Action | Limit | Window | | --- | --- | --- | | API requests (v1 and v2) | 100 requests | 1 minute | | File uploads | 20 requests | 1 minute | | AI features | 3 requests | 1 minute | Authentication endpoints (login, signup, password reset, etc.) are also rate-limited to protect against abuse. Rate limits may vary by plan. Enterprise plans can include higher or custom limits. Contact [sales](https://documen.so/sales) for details. Self-hosted deployments can configure their own rate limits. You control all limits based on your infrastructure capacity. See [Self-Hosting](https://docs.documenso.com/docs/self-hosting) for deployment options. [Fair Support](https://docs.documenso.com/docs/policies/fair-use#fair-support) ------------------------------------------------------------------------------- Fair support includes reasonable application-level help for self-hosted users. We will help you get unstuck and point you in the right direction when issues come up. Support is provided in good faith and within reasonable time and effort limits. We are not your operations team and cannot take responsibility for running, monitoring, or maintaining your infrastructure. If you are unsure whether something falls within fair use or fair support, reach out. We are happy to talk it through. [Related](https://docs.documenso.com/docs/policies/fair-use#related) --------------------------------------------------------------------- * [Enterprise Edition](https://docs.documenso.com/docs/policies/enterprise-edition) - Commercial licensing and custom limits * [Self-Hosting](https://docs.documenso.com/docs/self-hosting) - Deploy without cloud-imposed limits [Enterprise Edition\ \ Commercial license that removes AGPL-3.0 source code disclosure requirements, allowing organisations to integrate Documenso into proprietary products.](https://docs.documenso.com/docs/policies/enterprise-edition) [Privacy Policy\ \ How Documenso collects, uses, and protects your data.](https://docs.documenso.com/docs/policies/privacy) ### On this page [Spirit of the Plan](https://docs.documenso.com/docs/policies/fair-use#spirit-of-the-plan) [Do](https://docs.documenso.com/docs/policies/fair-use#do) [Don't](https://docs.documenso.com/docs/policies/fair-use#dont) [Rate Limits](https://docs.documenso.com/docs/policies/fair-use#rate-limits) [Fair Support](https://docs.documenso.com/docs/policies/fair-use#fair-support) [Related](https://docs.documenso.com/docs/policies/fair-use#related) --- # Policies | Documenso Docs Policies ======== License, privacy, terms, and support information Copy MarkdownOpen [### License\ \ AGPL-3.0 license terms and what they mean for you.](https://docs.documenso.com/docs/policies/licenses) [### Privacy Policy\ \ How Documenso collects, uses, and protects your data.](https://docs.documenso.com/docs/policies/privacy) [### Terms of Service\ \ Terms governing your use of Documenso.](https://docs.documenso.com/docs/policies/terms) [### Security\ \ Security practices and vulnerability disclosure.](https://docs.documenso.com/docs/policies/security) [### Support\ \ Getting help and available support options.](https://docs.documenso.com/docs/policies/support) [Full Legal Documents](https://docs.documenso.com/docs/policies#full-legal-documents) -------------------------------------------------------------------------------------- The complete legal documents are available on the main Documenso website: * [Privacy Policy](https://documenso.com/privacy) * [Terms of Service](https://documenso.com/terms) The pages in this documentation provide summaries and practical guidance. For binding legal terms, refer to the full documents linked above. * * * [Related](https://docs.documenso.com/docs/policies#related) ------------------------------------------------------------ * [Compliance](https://docs.documenso.com/docs/compliance) - Electronic signature standards and regulations [Certifications & Regulatory Compliance\ \ Documenso's compliance status for industry certifications and regulatory frameworks.](https://docs.documenso.com/docs/compliance/certifications) [Licenses\ \ Documenso uses a dual licensing model with an open-source AGPL-3.0 license (Community Edition) and a commercial license (Enterprise Edition).](https://docs.documenso.com/docs/policies/licenses) ### On this page [Full Legal Documents](https://docs.documenso.com/docs/policies#full-legal-documents) [Related](https://docs.documenso.com/docs/policies#related) --- # Enterprise Edition | Documenso Docs [Policies](https://docs.documenso.com/docs/policies) Enterprise Edition ================== Commercial license that removes AGPL-3.0 source code disclosure requirements, allowing organisations to integrate Documenso into proprietary products. Copy MarkdownOpen [When You Need Enterprise](https://docs.documenso.com/docs/policies/enterprise-edition#when-you-need-enterprise) ----------------------------------------------------------------------------------------------------------------- The Enterprise Edition is required when you: * **Build proprietary products**: Integrate Documenso into commercial software without releasing source code * **Offer SaaS with modifications**: Provide document signing as part of your platform with custom modifications you want to keep private * **Cannot comply with AGPL-3.0**: Corporate policies or legal requirements prohibit use of AGPL-licensed software * **Need to keep modifications private**: Any changes to Documenso source code that you don't want to disclose If you run Documenso without modifications, or your modifications are open source under AGPL-3.0, the Community Edition is sufficient. ### [Common Use Cases](https://docs.documenso.com/docs/policies/enterprise-edition#common-use-cases) | Scenario | License Needed | | --- | --- | | Internal use without modifications | Community Edition | | Internal use with private modifications | Enterprise Edition | | SaaS product using Documenso API only | Community Edition | | SaaS product with modified Documenso code | Enterprise Edition | | White-label product with proprietary changes | Enterprise Edition | | Open-source project under AGPL-3.0 | Community Edition | [Features and Benefits](https://docs.documenso.com/docs/policies/enterprise-edition#features-and-benefits) ----------------------------------------------------------------------------------------------------------- ### License Rights ### Enterprise-Only Features ### License Setup [Licensing Terms](https://docs.documenso.com/docs/policies/enterprise-edition#licensing-terms) ----------------------------------------------------------------------------------------------- ### Grant of License ### What the License Covers ### What the License Does Not Cover [Pricing Model](https://docs.documenso.com/docs/policies/enterprise-edition#pricing-model) ------------------------------------------------------------------------------------------- Enterprise pricing is based on: | Factor | Description | | --- | --- | | **Deployment type** | Self-hosted or Documenso Cloud | | **User count** | Number of users sending documents | | **Volume** | Monthly document signing volume | | **Support level** | Standard or premium support options | | **Contract term** | Annual or multi-year agreements | ### [Pricing Tiers](https://docs.documenso.com/docs/policies/enterprise-edition#pricing-tiers) Contact [sales](https://documen.so/enterprise) for current pricing. Enterprise agreements typically include: * Annual subscription billing * Volume discounts for larger deployments * Multi-year discount options * Custom terms for specific requirements Pricing and terms are subject to change. Contact sales for current rates and availability. [Support Included](https://docs.documenso.com/docs/policies/enterprise-edition#support-included) ------------------------------------------------------------------------------------------------- Enterprise licenses include dedicated support beyond community channels. Standard Enterprise SupportPremium Support Options * Email support with priority response * Target response time within 4-8 business hours * Deployment and configuration assistance * Access to technical account resources Available as add-ons or with higher-tier plans: * Dedicated support contact * Scheduled calls for complex issues * Implementation guidance * Custom SLA agreements * On-call support for critical issues See [Support](https://docs.documenso.com/docs/policies/support) for complete support options. [How to Get Started](https://docs.documenso.com/docs/policies/enterprise-edition#how-to-get-started) ----------------------------------------------------------------------------------------------------- ### [Evaluate your requirements](https://docs.documenso.com/docs/policies/enterprise-edition#evaluate-your-requirements) Determine if you need the Enterprise Edition: * Review the [license comparison](https://docs.documenso.com/docs/policies/licenses) to understand AGPL-3.0 vs commercial license * Identify your use case from the scenarios above * List any enterprise features you require ### [Contact sales](https://docs.documenso.com/docs/policies/enterprise-edition#contact-sales) Reach out to discuss your needs: * Email: [sales@documenso.com](https://documen.so/enterprise) * Include: Organisation name, use case, estimated user count, deployment preference (self-hosted or cloud) ### [Evaluation](https://docs.documenso.com/docs/policies/enterprise-edition#evaluation) Options for evaluating Documenso before purchase: * Test with the Community Edition (same codebase, AGPL-3.0 license) * Request an evaluation license for Enterprise features * Schedule a demo with the sales team ### [Agreement and deployment](https://docs.documenso.com/docs/policies/enterprise-edition#agreement-and-deployment) Once terms are agreed: 1. Sign the Enterprise license agreement 2. Receive license key and access credentials 3. Deploy using [self-hosting guides](https://docs.documenso.com/docs/self-hosting) or access Documenso Cloud 4. Configure Enterprise features with support assistance ### [Ongoing](https://docs.documenso.com/docs/policies/enterprise-edition#ongoing) * Renew subscription annually (or per agreement terms) * Access support channels for assistance * Receive updates and new features per your agreement [Frequently Asked Questions](https://docs.documenso.com/docs/policies/enterprise-edition#frequently-asked-questions) --------------------------------------------------------------------------------------------------------------------- ### Can I switch from Community to Enterprise? ### Does the Enterprise license include Documenso Cloud? ### What happens if I don't renew? ### Can I use Enterprise features with the Community Edition? ### Is there a trial period? [Related](https://docs.documenso.com/docs/policies/enterprise-edition#related) ------------------------------------------------------------------------------- * [Community Edition](https://docs.documenso.com/docs/policies/community-edition) - AGPL-3.0 open-source license * [Licenses](https://docs.documenso.com/docs/policies/licenses) - Complete licensing overview and FAQ * [Support](https://docs.documenso.com/docs/policies/support) - Support channels and response times * [Self-Hosting](https://docs.documenso.com/docs/self-hosting) - Deployment guides for self-hosted installations [Community Edition\ \ The open-source version of Documenso, available under the AGPL-3.0 license. Includes core document signing functionality and can be self-hosted.](https://docs.documenso.com/docs/policies/community-edition) [Fair Use Policy\ \ Fair use guidelines for Documenso Cloud to keep things sustainable for everyone.](https://docs.documenso.com/docs/policies/fair-use) ### On this page [When You Need Enterprise](https://docs.documenso.com/docs/policies/enterprise-edition#when-you-need-enterprise) [Common Use Cases](https://docs.documenso.com/docs/policies/enterprise-edition#common-use-cases) [Features and Benefits](https://docs.documenso.com/docs/policies/enterprise-edition#features-and-benefits) [Licensing Terms](https://docs.documenso.com/docs/policies/enterprise-edition#licensing-terms) [Pricing Model](https://docs.documenso.com/docs/policies/enterprise-edition#pricing-model) [Pricing Tiers](https://docs.documenso.com/docs/policies/enterprise-edition#pricing-tiers) [Support Included](https://docs.documenso.com/docs/policies/enterprise-edition#support-included) [How to Get Started](https://docs.documenso.com/docs/policies/enterprise-edition#how-to-get-started) [Evaluate your requirements](https://docs.documenso.com/docs/policies/enterprise-edition#evaluate-your-requirements) [Contact sales](https://docs.documenso.com/docs/policies/enterprise-edition#contact-sales) [Evaluation](https://docs.documenso.com/docs/policies/enterprise-edition#evaluation) [Agreement and deployment](https://docs.documenso.com/docs/policies/enterprise-edition#agreement-and-deployment) [Ongoing](https://docs.documenso.com/docs/policies/enterprise-edition#ongoing) [Frequently Asked Questions](https://docs.documenso.com/docs/policies/enterprise-edition#frequently-asked-questions) [Related](https://docs.documenso.com/docs/policies/enterprise-edition#related) --- # Local Development | Documenso Docs Local Development ================= Learn how to set up Documenso for local development. Copy MarkdownOpen [Overview](https://docs.documenso.com/docs/developers/local-development#overview) ---------------------------------------------------------------------------------- There are multiple ways of setting up Documenso for local development. At the moment of writing this documentation, there are 3 ways of running Documenso locally: * [Using the developer quickstart with Docker](https://docs.documenso.com/docs/developers/local-development/quickstart) * [Manually setting up the development environment](https://docs.documenso.com/docs/developers/local-development/manual) * [Using Gitpod](https://docs.documenso.com/docs/developers/local-development/gitpod) Pick the one that fits your needs the best. [Tech Stack](https://docs.documenso.com/docs/developers/local-development#tech-stack) -------------------------------------------------------------------------------------- * [Typescript](https://www.typescriptlang.org/) - Language * [React Router](https://reactrouter.com/) - Framework * [Prisma](https://www.prisma.io/) - ORM * [Tailwind](https://tailwindcss.com/) - CSS * [shadcn/ui](https://ui.shadcn.com/) - Component Library * [react-email](https://react.email/) - Email Templates * [tRPC](https://trpc.io/) - API * [@documenso/pdf-sign](https://www.npmjs.com/package/@documenso/pdf-sign) - PDF Signatures * [React-PDF](https://github.com/wojtekmaj/react-pdf) - Viewing PDFs * [PDF-Lib](https://github.com/Hopding/pdf-lib) - PDF manipulation * [Stripe](https://stripe.com/) - Payments [![Join Documenso on Discord](https://img.shields.io/badge/Discord-documen.so/discord-%235865F2)](https://documen.so/discord) [![Github Stars](https://img.shields.io/github/stars/documenso/documenso)](https://github.com/documenso/documenso/stargazers) [![License](https://img.shields.io/badge/license-AGPLv3-purple)](https://github.com/documenso/documenso/blob/main/LICENSE) [![Commits-per-month](https://img.shields.io/github/commit-activity/m/documenso/documenso)](https://github.com/documenso/documenso/pulse) [![open in devcontainer](https://img.shields.io/static/v1?label=Dev%20Containers&message=Enabled&color=blue&logo=visualstudiocode)](https://vscode.dev/redirect?url=vscode://ms-vscode-remote.remote-containers/cloneInVolume?url=https://github.com/documenso/documenso) [![Contributor Covenant](https://img.shields.io/badge/Contributor%20Covenant-2.1-4baaaa.svg)](https://github.com/documenso/documenso/blob/main/CODE_OF_CONDUCT.md) [See Also](https://docs.documenso.com/docs/developers/local-development#see-also) ---------------------------------------------------------------------------------- * [Contributing](https://docs.documenso.com/docs/developers/contributing) - Learn how to contribute to Documenso * [Self-Hosting](https://docs.documenso.com/docs/self-hosting) - Deploy your own instance [Common Workflows\ \ Complete code examples for common document signing workflows, with error handling that can be adapted for your specific use case.](https://docs.documenso.com/docs/developers/examples/common-workflows) [Developer Quickstart\ \ Quickly set up Documenso on your machine for local development with Docker and Docker Compose.](https://docs.documenso.com/docs/developers/local-development/quickstart) ### On this page [Overview](https://docs.documenso.com/docs/developers/local-development#overview) [Tech Stack](https://docs.documenso.com/docs/developers/local-development#tech-stack) [See Also](https://docs.documenso.com/docs/developers/local-development#see-also) --- # Privacy Policy | Documenso Docs [Policies](https://docs.documenso.com/docs/policies) Privacy Policy ============== How Documenso collects, uses, and protects your data. Copy MarkdownOpen Our full Privacy Policy is available at [documenso.com/privacy](https://documenso.com/privacy) . [Fair Use Policy\ \ Fair use guidelines for Documenso Cloud to keep things sustainable for everyone.](https://docs.documenso.com/docs/policies/fair-use) [Terms of Service\ \ The terms that govern your use of Documenso.](https://docs.documenso.com/docs/policies/terms) --- # Licenses | Documenso Docs [Policies](https://docs.documenso.com/docs/policies) Licenses ======== Documenso uses a dual licensing model with an open-source AGPL-3.0 license (Community Edition) and a commercial license (Enterprise Edition). Copy MarkdownOpen [Dual Licensing Overview](https://docs.documenso.com/docs/policies/licenses#dual-licensing-overview) ----------------------------------------------------------------------------------------------------- | Aspect | Community Edition | Enterprise Edition | | --- | --- | --- | | **License** | AGPL-3.0 | Commercial | | **Cost** | Free | Paid | | **Source code disclosure** | Required for network use | Not required | | **Proprietary modifications** | Not permitted | Permitted | | **Support** | Community | Dedicated | | **Use case** | Open-source projects, internal tools with AGPL compliance | Commercial products, SaaS offerings, proprietary integrations | Community EditionEnterprise Edition [Community Edition (AGPL-3.0)](https://docs.documenso.com/docs/policies/licenses#community-edition-agpl-30) ------------------------------------------------------------------------------------------------------------ The Community Edition is licensed under the GNU Affero General Public License version 3 (AGPL-3.0). This is a copyleft license that preserves software freedom. ### [What AGPL-3.0 Allows](https://docs.documenso.com/docs/policies/licenses#what-agpl-30-allows) * Use Documenso for any purpose, including commercial use * Access, study, and modify the source code * Distribute copies of the original or modified software * Self-host Documenso on your own infrastructure ### [What AGPL-3.0 Requires](https://docs.documenso.com/docs/policies/licenses#what-agpl-30-requires) The AGPL-3.0 has specific requirements that apply when you modify or distribute Documenso: **Source Code Disclosure**: If you modify Documenso and make it available over a network, you must provide access to the complete source code of your modified version under AGPL-3.0. **Attribution**: You must keep all copyright notices intact and include a copy of the AGPL-3.0 license with any distribution. **Same License**: Derivative works must be licensed under AGPL-3.0. The "network clause" is the distinguishing feature of AGPL-3.0. Unlike GPL-3.0, AGPL-3.0 treats network access as distribution. If users interact with your modified Documenso instance over a network, you must provide them access to the source code. ### [When to Use Community Edition](https://docs.documenso.com/docs/policies/licenses#when-to-use-community-edition) The Community Edition is appropriate when you: * Are building an open-source project * Can comply with AGPL-3.0 requirements * Use Documenso internally without modifications * Want to contribute to the open-source ecosystem * Do not need to keep modifications proprietary See [Community Edition](https://docs.documenso.com/docs/policies/community-edition) for complete details. [Enterprise Edition (Commercial License)](https://docs.documenso.com/docs/policies/licenses#enterprise-edition-commercial-license) ----------------------------------------------------------------------------------------------------------------------------------- The Enterprise Edition provides a commercial license that removes the AGPL-3.0 requirements. This allows organisations to use, modify, and integrate Documenso without source code disclosure obligations. ### [What the Enterprise License Provides](https://docs.documenso.com/docs/policies/licenses#what-the-enterprise-license-provides) **No Source Code Disclosure**: Keep your modifications private. You are not required to share changes with users or the public. **Proprietary Integration**: Integrate Documenso into proprietary products and services without licensing conflicts. **Commercial Support**: Access to dedicated support channels and SLAs. **Additional Features**: Enterprise-specific features not available in the Community Edition. ### [When to Use Enterprise Edition](https://docs.documenso.com/docs/policies/licenses#when-to-use-enterprise-edition) The Enterprise Edition is appropriate when you: * Build commercial products that incorporate Documenso * Offer document signing as part of a SaaS platform * Cannot or prefer not to open-source your modifications * Need to comply with corporate policies that prohibit AGPL software * Require dedicated support and SLAs If you modify Documenso and provide network access to users (internal or external) without complying with AGPL-3.0 source disclosure requirements, you need an Enterprise license. See [Enterprise Edition](https://docs.documenso.com/docs/policies/enterprise-edition) for complete details and pricing. [Choosing the Right License](https://docs.documenso.com/docs/policies/licenses#choosing-the-right-license) ----------------------------------------------------------------------------------------------------------- Use this decision tree to determine which license fits your needs: ### Do you modify Documenso? ### Are your modifications available as open source? ### Are you embedding Documenso in a commercial product? ### Internal use only? [License FAQ](https://docs.documenso.com/docs/policies/licenses#license-faq) ----------------------------------------------------------------------------- ### Can I use the Community Edition for commercial purposes? ### Does using the Documenso API require a commercial license? ### What counts as a "modification" under AGPL-3.0? ### Can I white-label Documenso? ### Do signed documents fall under the license? ### What happens if I switch from Community to Enterprise Edition? ### Can I contribute to Documenso under the Enterprise license? ### Is there a trial for the Enterprise Edition? [Related](https://docs.documenso.com/docs/policies/licenses#related) --------------------------------------------------------------------- * [Licenses](https://docs.documenso.com/docs/policies/licenses) - Detailed AGPL-3.0 license explanation * [Community Edition](https://docs.documenso.com/docs/policies/community-edition) - Open-source edition details * [Enterprise Edition](https://docs.documenso.com/docs/policies/enterprise-edition) - Commercial license details * [Full AGPL-3.0 License Text](https://www.gnu.org/licenses/agpl-3.0.html) - Complete license terms * [GitHub Repository](https://github.com/documenso/documenso) - Source code and LICENSE file [Policies\ \ License, privacy, terms, and support information](https://docs.documenso.com/docs/policies) [Community Edition\ \ The open-source version of Documenso, available under the AGPL-3.0 license. Includes core document signing functionality and can be self-hosted.](https://docs.documenso.com/docs/policies/community-edition) ### On this page [Dual Licensing Overview](https://docs.documenso.com/docs/policies/licenses#dual-licensing-overview) [Community Edition (AGPL-3.0)](https://docs.documenso.com/docs/policies/licenses#community-edition-agpl-30) [What AGPL-3.0 Allows](https://docs.documenso.com/docs/policies/licenses#what-agpl-30-allows) [What AGPL-3.0 Requires](https://docs.documenso.com/docs/policies/licenses#what-agpl-30-requires) [When to Use Community Edition](https://docs.documenso.com/docs/policies/licenses#when-to-use-community-edition) [Enterprise Edition (Commercial License)](https://docs.documenso.com/docs/policies/licenses#enterprise-edition-commercial-license) [What the Enterprise License Provides](https://docs.documenso.com/docs/policies/licenses#what-the-enterprise-license-provides) [When to Use Enterprise Edition](https://docs.documenso.com/docs/policies/licenses#when-to-use-enterprise-edition) [Choosing the Right License](https://docs.documenso.com/docs/policies/licenses#choosing-the-right-license) [License FAQ](https://docs.documenso.com/docs/policies/licenses#license-faq) [Related](https://docs.documenso.com/docs/policies/licenses#related) --- # Security | Documenso Docs [Policies](https://docs.documenso.com/docs/policies) Security ======== Security practices for Documenso Cloud and self-hosted deployments, along with our vulnerability disclosure process. Copy MarkdownOpen [Security Practices](https://docs.documenso.com/docs/policies/security#security-practices) ------------------------------------------------------------------------------------------- ### Development Security ### Access Controls [Infrastructure Security](https://docs.documenso.com/docs/policies/security#infrastructure-security) ----------------------------------------------------------------------------------------------------- ### [Documenso Cloud](https://docs.documenso.com/docs/policies/security#documenso-cloud) The hosted cloud service uses the following security measures: | Layer | Implementation | | --- | --- | | **Hosting** | Infrastructure hosted in EU data centers | | **Network** | TLS 1.2+ for all connections | | **Database** | Managed PostgreSQL with automated backups | | **Storage** | Encrypted object storage for documents | | **Monitoring** | 24/7 infrastructure monitoring and alerting | | **Updates** | Regular security patches applied to all infrastructure | ### [Self-Hosted](https://docs.documenso.com/docs/policies/security#self-hosted) Self-hosted deployments are responsible for their own infrastructure security. See [Self-Hosted Security Considerations](https://docs.documenso.com/docs/policies/security#self-hosted-security-considerations) below. [Data Encryption](https://docs.documenso.com/docs/policies/security#data-encryption) ------------------------------------------------------------------------------------- ### Encryption in Transit ### Encryption at Rest ### Application-Level Encryption [Authentication Security](https://docs.documenso.com/docs/policies/security#authentication-security) ----------------------------------------------------------------------------------------------------- ### [Supported Authentication Methods](https://docs.documenso.com/docs/policies/security#supported-authentication-methods) | Method | Description | | --- | --- | | **Email and password** | Traditional authentication with hashed passwords | | **OAuth providers** | Google and Microsoft authentication | | **Generic OIDC** | Any OpenID Connect provider | | **Team SSO** | SAML-based single sign-on for enterprise teams | | **Two-factor authentication** | TOTP-based 2FA with recovery codes | | **Passkeys** | WebAuthn-based passwordless authentication | ### [Password Requirements](https://docs.documenso.com/docs/policies/security#password-requirements) * Minimum length enforced * Passwords are hashed using bcrypt before storage * Password reset tokens are time-limited and single-use ### [Session Security](https://docs.documenso.com/docs/policies/security#session-security) * Sessions can be viewed and revoked from account settings * Session tokens are rotated on authentication events * Idle sessions expire after a configurable period [Vulnerability Disclosure](https://docs.documenso.com/docs/policies/security#vulnerability-disclosure) ------------------------------------------------------------------------------------------------------- Documenso operates a responsible disclosure process for security vulnerabilities. ### Reporting a Vulnerability ### Response Timeline ### Scope ### Recognition Do not publicly disclose vulnerabilities until they have been addressed. Public disclosure of unpatched vulnerabilities puts users at risk. [Security Updates](https://docs.documenso.com/docs/policies/security#security-updates) --------------------------------------------------------------------------------------- ### [Notification](https://docs.documenso.com/docs/policies/security#notification) Security updates are announced through: * [GitHub releases](https://github.com/documenso/documenso/releases) * [GitHub security advisories](https://github.com/documenso/documenso/security/advisories) ### [Update Policy](https://docs.documenso.com/docs/policies/security#update-policy) * Critical vulnerabilities are patched as quickly as possible * Security patches are backported to supported versions when feasible * Release notes include security-related changes ### [Staying Updated](https://docs.documenso.com/docs/policies/security#staying-updated) For self-hosted deployments: 1. Watch the [GitHub repository](https://github.com/documenso/documenso) for releases 2. Subscribe to security advisories 3. Apply updates promptly, especially security patches See [Upgrades](https://docs.documenso.com/docs/self-hosting/maintenance/upgrades) for update procedures. [Self-Hosted Security Considerations](https://docs.documenso.com/docs/policies/security#self-hosted-security-considerations) ----------------------------------------------------------------------------------------------------------------------------- When self-hosting Documenso, you are responsible for the security of your deployment. The following recommendations apply: ### Infrastructure ### Configuration ### Operations ### Signing Certificates See [Environment Variables](https://docs.documenso.com/docs/self-hosting/configuration/environment) for security-related configuration options. Self-hosted deployments have full control over security but also full responsibility. Consider your organisation's security requirements and compliance obligations when configuring your deployment. [Contact](https://docs.documenso.com/docs/policies/security#contact) --------------------------------------------------------------------- For security-related inquiries: * **Security vulnerabilities**: [security@documenso.com](mailto:security@documenso.com) * **General questions**: [support@documenso.com](mailto:support@documenso.com) * **GitHub**: [github.com/documenso/documenso](https://github.com/documenso/documenso) [Related](https://docs.documenso.com/docs/policies/security#related) --------------------------------------------------------------------- * [Security Settings](https://docs.documenso.com/docs/users/settings/security) - Account security configuration * [Privacy Policy](https://docs.documenso.com/docs/policies/privacy) - Data handling practices * [GDPR](https://docs.documenso.com/docs/compliance/gdpr) - Data protection compliance * [Self-Hosting](https://docs.documenso.com/docs/self-hosting) - Deploy on your own infrastructure * [Environment Variables](https://docs.documenso.com/docs/self-hosting/configuration/environment) - Configuration reference [Terms of Service\ \ The terms that govern your use of Documenso.](https://docs.documenso.com/docs/policies/terms) [Support\ \ Support channels and options available depending on your needs and subscription level.](https://docs.documenso.com/docs/policies/support) ### On this page [Security Practices](https://docs.documenso.com/docs/policies/security#security-practices) [Infrastructure Security](https://docs.documenso.com/docs/policies/security#infrastructure-security) [Documenso Cloud](https://docs.documenso.com/docs/policies/security#documenso-cloud) [Self-Hosted](https://docs.documenso.com/docs/policies/security#self-hosted) [Data Encryption](https://docs.documenso.com/docs/policies/security#data-encryption) [Authentication Security](https://docs.documenso.com/docs/policies/security#authentication-security) [Supported Authentication Methods](https://docs.documenso.com/docs/policies/security#supported-authentication-methods) [Password Requirements](https://docs.documenso.com/docs/policies/security#password-requirements) [Session Security](https://docs.documenso.com/docs/policies/security#session-security) [Vulnerability Disclosure](https://docs.documenso.com/docs/policies/security#vulnerability-disclosure) [Security Updates](https://docs.documenso.com/docs/policies/security#security-updates) [Notification](https://docs.documenso.com/docs/policies/security#notification) [Update Policy](https://docs.documenso.com/docs/policies/security#update-policy) [Staying Updated](https://docs.documenso.com/docs/policies/security#staying-updated) [Self-Hosted Security Considerations](https://docs.documenso.com/docs/policies/security#self-hosted-security-considerations) [Contact](https://docs.documenso.com/docs/policies/security#contact) [Related](https://docs.documenso.com/docs/policies/security#related) --- # Terms of Service | Documenso Docs [Policies](https://docs.documenso.com/docs/policies) Terms of Service ================ The terms that govern your use of Documenso. Copy MarkdownOpen Our full Terms of Service are available at [documenso.com/terms](https://documenso.com/terms) . [Privacy Policy\ \ How Documenso collects, uses, and protects your data.](https://docs.documenso.com/docs/policies/privacy) [Security\ \ Security practices for Documenso Cloud and self-hosted deployments, along with our vulnerability disclosure process.](https://docs.documenso.com/docs/policies/security) --- # Support | Documenso Docs [Policies](https://docs.documenso.com/docs/policies) Support ======= Support channels and options available depending on your needs and subscription level. Copy MarkdownOpen [Support Channels](https://docs.documenso.com/docs/policies/support#support-channels) -------------------------------------------------------------------------------------- | Channel | Availability | Best For | | --- | --- | --- | | Community (Discord, GitHub) | All users | General questions, community discussion | | Email Support | Paid plans | Account issues, billing questions | | Priority Support | Enterprise | Urgent issues, dedicated assistance | [Community Support](https://docs.documenso.com/docs/policies/support#community-support) ---------------------------------------------------------------------------------------- Community support is available to all users, including those on free plans and self-hosted deployments. DiscordGitHub Join the Documenso Discord server to: * Ask questions and get help from the community * Share feedback and feature requests * Connect with other Documenso users * Stay updated on announcements Discord is best for general questions and discussions. Response times vary based on community availability. Use GitHub for technical discussions and bug reports: * **[GitHub Discussions](https://github.com/documenso/documenso/discussions) **: Ask questions, share ideas, and discuss features * **[GitHub Issues](https://github.com/documenso/documenso/issues) **: Report confirmed bugs with reproducible steps When opening an issue, include: 1. Documenso version 2. Deployment method (Cloud, self-hosted Docker, Kubernetes, etc.) 3. Steps to reproduce the problem 4. Expected vs actual behavior 5. Relevant logs (with sensitive information redacted) Do not report security vulnerabilities through public GitHub issues. See the [Security Issues](https://docs.documenso.com/docs/policies/support#security-issues) section below. [Paid Support Tiers](https://docs.documenso.com/docs/policies/support#paid-support-tiers) ------------------------------------------------------------------------------------------ Paid plans include access to direct support from the Documenso team. Standard SupportPlatform and AboveEnterprise Support Available on paid subscription plans: * Email support at [support@documenso.com](mailto:support@documenso.com) * Account and billing assistance * Technical guidance for Documenso Cloud usage * Response during business hours Available on [Platform plans](https://documen.so/platform-cta-pricing) and above: * All standard support channels * Private Discord channel for direct communication with the Documenso team * Private Slack workspace for closer collaboration Available with Enterprise subscriptions: * All Platform support channels * Priority response times * Dedicated support contact * Assistance with deployment and integration * Custom configuration guidance * Scheduled calls for complex issues Contact [sales](https://documen.so/enterprise) for Enterprise support options. If you prefer Discord or Slack, contact support to be invited to a private channel or workspace. [Self-Hosted Support](https://docs.documenso.com/docs/policies/support#self-hosted-support) -------------------------------------------------------------------------------------------- Self-hosted deployments have access to community support through Discord and GitHub. The following resources are available: * [Self-Hosting Documentation](https://docs.documenso.com/docs/self-hosting) - Setup and configuration guides * [Troubleshooting Guide](https://docs.documenso.com/docs/self-hosting/maintenance/troubleshooting) - Common issues and solutions * [GitHub Discussions](https://github.com/documenso/documenso/discussions) - Community Q&A Enterprise licenses for self-hosted deployments can include dedicated support. Contact [sales](https://documen.so/enterprise) for details. [Response Times](https://docs.documenso.com/docs/policies/support#response-times) ---------------------------------------------------------------------------------- Response times depend on the support channel and plan: | Plan | Channel | Target Response Time | | --- | --- | --- | | Free / Self-Hosted | Community (Discord, GitHub) | Best effort | | Paid Plans | Email | 1-2 business days | | Enterprise | Priority Support | Within 4-8 business hours | Response times are targets, not guarantees. Actual times may vary based on issue complexity and volume. [What's Included](https://docs.documenso.com/docs/policies/support#whats-included) ----------------------------------------------------------------------------------- IncludedNot included * Guidance on Documenso features and functionality * Help with configuration and settings * Troubleshooting application errors * Account and billing questions (paid plans) * Bug reports and issue investigation * Upgrade assistance * Custom development or code modifications * Third-party integration development * Infrastructure setup (servers, databases, networking) * Training sessions (available separately) * Support for modified or forked versions Professional services for custom development, training, and dedicated implementation support are available separately. Contact [sales](https://documen.so/sales) for details. [Escalation Process](https://docs.documenso.com/docs/policies/support#escalation-process) ------------------------------------------------------------------------------------------ If your issue is not resolved through initial support channels: ### [Community support](https://docs.documenso.com/docs/policies/support#community-support-1) If you don't receive a response on Discord or GitHub within a reasonable time, try the other channel or provide additional details. ### [Email support](https://docs.documenso.com/docs/policies/support#email-support) Reply to your existing support thread with additional information. Avoid opening duplicate tickets. ### [Request escalation](https://docs.documenso.com/docs/policies/support#request-escalation) For urgent issues on paid plans, request escalation in your support email. ### [Enterprise customers](https://docs.documenso.com/docs/policies/support#enterprise-customers) Contact your dedicated support representative directly. For billing disputes or account issues, email [support@documenso.com](mailto:support@documenso.com) with your account details. [Security Issues](https://docs.documenso.com/docs/policies/support#security-issues) ------------------------------------------------------------------------------------ Do not report security vulnerabilities through public channels (GitHub Issues, Discord, etc.). ### [Email the security team](https://docs.documenso.com/docs/policies/support#email-the-security-team) Email [security@documenso.com](mailto:security@documenso.com) . ### [Include details](https://docs.documenso.com/docs/policies/support#include-details) Include a detailed description of the vulnerability. ### [Provide steps to reproduce](https://docs.documenso.com/docs/policies/support#provide-steps-to-reproduce) Provide steps to reproduce if possible. ### [Allow time for investigation](https://docs.documenso.com/docs/policies/support#allow-time-for-investigation) Allow time for investigation before public disclosure. Documenso follows responsible disclosure practices. Security researchers who report valid vulnerabilities responsibly will be acknowledged. [Contact](https://docs.documenso.com/docs/policies/support#contact) -------------------------------------------------------------------- | Purpose | Contact | | --- | --- | | General support | [support@documenso.com](mailto:support@documenso.com) | | Security issues | [security@documenso.com](mailto:security@documenso.com) | | Enterprise sales | [sales@documenso.com](https://documen.so/enterprise) | | Privacy requests | [privacy@documenso.com](mailto:privacy@documenso.com) | | Community | [Discord](https://documen.so/discord) | | Bug reports | [GitHub Issues](https://github.com/documenso/documenso/issues) | [Related](https://docs.documenso.com/docs/policies/support#related) -------------------------------------------------------------------- * [Troubleshooting](https://docs.documenso.com/docs/self-hosting/maintenance/troubleshooting) - Self-hosted issue resolution * [Self-Hosting](https://docs.documenso.com/docs/self-hosting) - Deployment and configuration guides * [Enterprise Edition](https://docs.documenso.com/docs/policies/enterprise-edition) - Commercial licensing options * [Privacy Policy](https://docs.documenso.com/docs/policies/privacy) - How Documenso handles your data [Security\ \ Security practices for Documenso Cloud and self-hosted deployments, along with our vulnerability disclosure process.](https://docs.documenso.com/docs/policies/security) ### On this page [Support Channels](https://docs.documenso.com/docs/policies/support#support-channels) [Community Support](https://docs.documenso.com/docs/policies/support#community-support) [Paid Support Tiers](https://docs.documenso.com/docs/policies/support#paid-support-tiers) [Self-Hosted Support](https://docs.documenso.com/docs/policies/support#self-hosted-support) [Response Times](https://docs.documenso.com/docs/policies/support#response-times) [What's Included](https://docs.documenso.com/docs/policies/support#whats-included) [Escalation Process](https://docs.documenso.com/docs/policies/support#escalation-process) [Community support](https://docs.documenso.com/docs/policies/support#community-support-1) [Email support](https://docs.documenso.com/docs/policies/support#email-support) [Request escalation](https://docs.documenso.com/docs/policies/support#request-escalation) [Enterprise customers](https://docs.documenso.com/docs/policies/support#enterprise-customers) [Security Issues](https://docs.documenso.com/docs/policies/support#security-issues) [Email the security team](https://docs.documenso.com/docs/policies/support#email-the-security-team) [Include details](https://docs.documenso.com/docs/policies/support#include-details) [Provide steps to reproduce](https://docs.documenso.com/docs/policies/support#provide-steps-to-reproduce) [Allow time for investigation](https://docs.documenso.com/docs/policies/support#allow-time-for-investigation) [Contact](https://docs.documenso.com/docs/policies/support#contact) [Related](https://docs.documenso.com/docs/policies/support#related) --- # Demo Environment | Documenso Docs Demo Environment ================ Use the demo environment to try out the Documenso platform and its features. Copy MarkdownOpen [Overview](https://docs.documenso.com/docs/developers/demo-environment#overview) --------------------------------------------------------------------------------- The demo (staging) environment is a sandbox environment that replicates the production environment. It has the same features and capabilities as the production environment, but is intended for development and testing purposes. You can use it to try out the Documenso platform and its features before committing to a paid plan. [How to Use the Demo Environment](https://docs.documenso.com/docs/developers/demo-environment#how-to-use-the-demo-environment) ------------------------------------------------------------------------------------------------------------------------------- ### [Navigate to the staging environment](https://docs.documenso.com/docs/developers/demo-environment#navigate-to-the-staging-environment) Go to the [staging environment](https://stg-app.documenso.com/) . ### [Create an account](https://docs.documenso.com/docs/developers/demo-environment#create-an-account) You need to create a new account for the demo environment. You can't use your production account. ### [Pick a paid plan](https://docs.documenso.com/docs/developers/demo-environment#pick-a-paid-plan) Choose the appropriate plan for your needs. You can also use the free plan but it's limited to 5 documents per month and up to 10 recipients per document. Whatever plan you choose, you can upgrade later. ### [Use a test card](https://docs.documenso.com/docs/developers/demo-environment#use-a-test-card) To upgrade to a paid plan, you can use a test card. Example: Card number: 4242 4242 4242 4242 Expiry date: 02/2030 (or any valid future date) CVV: 123 ### [Use the platform](https://docs.documenso.com/docs/developers/demo-environment#use-the-platform) You can then try out the platform and its features. ### [Issues, questions and feedback](https://docs.documenso.com/docs/developers/demo-environment#issues-questions-and-feedback) If you have any issues, questions or feedback, please reach out to us on the [Documenso Discord](https://documen.so/discord) or [GitHub](https://github.com/documenso/documenso/issues) . [Contributing Translations\ \ Learn how to contribute translations to Documenso and become part of our community.](https://docs.documenso.com/docs/developers/contributing/contributing-translations) [Concepts\ \ Foundational concepts behind document signing, recipient roles, field types, and certificates.](https://docs.documenso.com/docs/concepts) ### On this page [Overview](https://docs.documenso.com/docs/developers/demo-environment#overview) [How to Use the Demo Environment](https://docs.documenso.com/docs/developers/demo-environment#how-to-use-the-demo-environment) [Navigate to the staging environment](https://docs.documenso.com/docs/developers/demo-environment#navigate-to-the-staging-environment) [Create an account](https://docs.documenso.com/docs/developers/demo-environment#create-an-account) [Pick a paid plan](https://docs.documenso.com/docs/developers/demo-environment#pick-a-paid-plan) [Use a test card](https://docs.documenso.com/docs/developers/demo-environment#use-a-test-card) [Use the platform](https://docs.documenso.com/docs/developers/demo-environment#use-the-platform) [Issues, questions and feedback](https://docs.documenso.com/docs/developers/demo-environment#issues-questions-and-feedback) --- # Self-Hosting | Documenso Docs Self-Hosting ============ Deploy and manage your own Documenso instance for complete control over your data, compliance, and customization. Copy MarkdownOpen [Getting Started](https://docs.documenso.com/docs/self-hosting#getting-started) -------------------------------------------------------------------------------- [### Requirements\ \ System requirements and prerequisites.](https://docs.documenso.com/docs/self-hosting/getting-started/requirements) [### Quick Start\ \ Get running with Docker in 5 minutes.](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start) * * * [Deployment Options](https://docs.documenso.com/docs/self-hosting#deployment-options) -------------------------------------------------------------------------------------- Choose a deployment method based on your needs: [### Docker\ \ Single container with external database.](https://docs.documenso.com/docs/self-hosting/deployment/docker) [### Docker Compose\ \ Production-ready setup with all dependencies.](https://docs.documenso.com/docs/self-hosting/deployment/docker-compose) [### Railway\ \ One-click deployment on managed infrastructure.](https://docs.documenso.com/docs/self-hosting/deployment/railway) [### Kubernetes\ \ High availability for enterprise deployments.](https://docs.documenso.com/docs/self-hosting/deployment/kubernetes) * * * [Configuration](https://docs.documenso.com/docs/self-hosting#configuration) ---------------------------------------------------------------------------- [### Environment Variables\ \ Complete reference of all configuration options.](https://docs.documenso.com/docs/self-hosting/configuration/environment) [### Database\ \ PostgreSQL setup and connection.](https://docs.documenso.com/docs/self-hosting/configuration/database) [### Email\ \ SMTP configuration for notifications.](https://docs.documenso.com/docs/self-hosting/configuration/email) [### Storage\ \ S3-compatible file storage setup.](https://docs.documenso.com/docs/self-hosting/configuration/storage) [### Signing Certificate\ \ Digital signature certificate for documents.](https://docs.documenso.com/docs/self-hosting/configuration/signing-certificate) * * * [Maintenance](https://docs.documenso.com/docs/self-hosting#maintenance) ------------------------------------------------------------------------ [### Upgrades\ \ Upgrade to new versions safely.](https://docs.documenso.com/docs/self-hosting/maintenance/upgrades) [### Backups\ \ Backup strategies for your data.](https://docs.documenso.com/docs/self-hosting/maintenance/backups) [### Troubleshooting\ \ Common issues and solutions.](https://docs.documenso.com/docs/self-hosting/maintenance/troubleshooting) * * * [Quick Start](https://docs.documenso.com/docs/self-hosting#quick-start) ------------------------------------------------------------------------ Get Documenso running locally in under 5 minutes: git clone https://github.com/documenso/documenso.git cd documenso cp .env.example .env docker compose -f docker/development/compose.yml up -d Open [http://localhost:3000](http://localhost:3000/) to access your instance. See the [Quick Start guide](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start) for detailed instructions and next steps. * * * [Enterprise Edition](https://docs.documenso.com/docs/self-hosting#enterprise-edition) -------------------------------------------------------------------------------------- Self-hosted Documenso includes full core functionality under the AGPL-3.0 license. If you need enterprise features such as SSO, embed authoring white label, or 21 CFR Part 11 compliance, you can activate them with a license key. See [Enterprise Edition](https://docs.documenso.com/docs/policies/enterprise-edition) for details and [Licenses](https://docs.documenso.com/docs/policies/licenses) for a comparison. * * * [Looking for Something Else?](https://docs.documenso.com/docs/self-hosting#looking-for-something-else) ------------------------------------------------------------------------------------------------------- [### User Guide\ \ Learn how to use Documenso for document signing.](https://docs.documenso.com/docs/users) [### Developer Guide\ \ Integrate Documenso into your applications using the API.](https://docs.documenso.com/docs/developers) ### On this page [Getting Started](https://docs.documenso.com/docs/self-hosting#getting-started) [Deployment Options](https://docs.documenso.com/docs/self-hosting#deployment-options) [Configuration](https://docs.documenso.com/docs/self-hosting#configuration) [Maintenance](https://docs.documenso.com/docs/self-hosting#maintenance) [Quick Start](https://docs.documenso.com/docs/self-hosting#quick-start) [Enterprise Edition](https://docs.documenso.com/docs/self-hosting#enterprise-edition) [Looking for Something Else?](https://docs.documenso.com/docs/self-hosting#looking-for-something-else) --- # Contributing Translations | Documenso Docs [Contributing](https://docs.documenso.com/docs/developers/contributing) Contributing Translations ========================= Learn how to contribute translations to Documenso and become part of our community. Copy MarkdownOpen We are always open for help with translations! Currently we utilise AI to generate the initial translations for new languages, which are then improved over time by our awesome community. If you are looking for development notes on translations, you can find them [here](https://docs.documenso.com/docs/developers/local-development/translations) . Contributions are made through GitHub Pull Requests, so you will need a GitHub account to contribute. [Overview](https://docs.documenso.com/docs/developers/contributing/contributing-translations#overview) ------------------------------------------------------------------------------------------------------- We store our translations in PO files, which are located in our GitHub repository [here](https://github.com/documenso/documenso/tree/main/packages/lib/translations) . The translation files are organized into folders represented by their respective language codes (`en` for English, `de` for German, etc). Each PO file contains translations which look like this: #: apps/remix/app/(signing)/sign/[token]/no-longer-available.tsx:61 msgid "Want to send slick signing links like this one? <0>Check out Documenso." msgstr "Möchten Sie auffällige Signatur-Links wie diesen senden? <0>Überprüfen Sie Documenso." * `msgid`: The original text in English (never edit this manually) * `msgstr`: The translated text in the target language Notice the `<0>` tags? These represent HTML elements and must remain in both the `msgid` and `msgstr`. Make sure to translate the content between these tags while keeping the tags intact. [How to Contribute](https://docs.documenso.com/docs/developers/contributing/contributing-translations#how-to-contribute) ------------------------------------------------------------------------------------------------------------------------- ### [Updating Existing Translations](https://docs.documenso.com/docs/developers/contributing/contributing-translations#updating-existing-translations) Fork the repository Navigate to the appropriate language folder and open the PO file you want to update Make your changes, ensuring you follow the PO file format Commit your changes with a message such as `chore: update German translations` Create a Pull Request ### [Adding a New Language](https://docs.documenso.com/docs/developers/contributing/contributing-translations#adding-a-new-language) If you want to add translations for a language that doesn't exist yet: Create an issue in our GitHub repository requesting the addition of the new language Wait for our team to review and approve the request Once approved, we will set up the necessary files and kickstart the translations with AI to provide initial coverage [Need Help?](https://docs.documenso.com/docs/developers/contributing/contributing-translations#need-help) ---------------------------------------------------------------------------------------------------------- If you have any questions, hop into our [Discord](https://documen.so/discord) and ask us directly! Thank you for helping make Documenso more accessible to users around the world! [See Also](https://docs.documenso.com/docs/developers/contributing/contributing-translations#see-also) ------------------------------------------------------------------------------------------------------- * [Translations (Development)](https://docs.documenso.com/docs/developers/local-development/translations) - Technical guide to translations in code * [Contributing Guide](https://docs.documenso.com/docs/developers/contributing) - General contributing guidelines [Contributing to Documenso\ \ Learn how to contribute to Documenso and become part of our community.](https://docs.documenso.com/docs/developers/contributing) [Demo Environment\ \ Use the demo environment to try out the Documenso platform and its features.](https://docs.documenso.com/docs/developers/demo-environment) ### On this page [Overview](https://docs.documenso.com/docs/developers/contributing/contributing-translations#overview) [How to Contribute](https://docs.documenso.com/docs/developers/contributing/contributing-translations#how-to-contribute) [Updating Existing Translations](https://docs.documenso.com/docs/developers/contributing/contributing-translations#updating-existing-translations) [Adding a New Language](https://docs.documenso.com/docs/developers/contributing/contributing-translations#adding-a-new-language) [Need Help?](https://docs.documenso.com/docs/developers/contributing/contributing-translations#need-help) [See Also](https://docs.documenso.com/docs/developers/contributing/contributing-translations#see-also) --- # Contributing to Documenso | Documenso Docs Contributing to Documenso ========================= Learn how to contribute to Documenso and become part of our community. Copy MarkdownOpen [Overview](https://docs.documenso.com/docs/developers/contributing#overview) ----------------------------------------------------------------------------- If you plan to contribute to Documenso, please take a moment to feel awesome. People like you are what open source is about. Any contributions, no matter how big or small, are highly appreciated. This guide will help you get started with contributing to Documenso. [Before Getting Started](https://docs.documenso.com/docs/developers/contributing#before-getting-started) --------------------------------------------------------------------------------------------------------- ### [Check the existing issues and pull requests](https://docs.documenso.com/docs/developers/contributing#check-the-existing-issues-and-pull-requests) Search the existing [issues](https://github.com/documenso/documenso/issues) to see if someone else reported the same issue. Or, check the [existing PRs](https://github.com/documenso/documenso/pulls) to see if someone else is already working on the same thing. ### [Creating a new issue](https://docs.documenso.com/docs/developers/contributing#creating-a-new-issue) If there is no issue or PR for the problem you are facing, feel free to create a new issue. Make sure to provide as much detail as possible, including the steps to reproduce the issue. ### [Picking an existing issue](https://docs.documenso.com/docs/developers/contributing#picking-an-existing-issue) If you pick an existing issue, take into consideration the discussion on the issue. ### [Contributor license agreement](https://docs.documenso.com/docs/developers/contributing#contributor-license-agreement) Accept the [Contributor License Agreement](https://documen.so/cla) to ensure we can accept your contributions. [Taking Issues](https://docs.documenso.com/docs/developers/contributing#taking-issues) --------------------------------------------------------------------------------------- Before taking an issue, ensure that: * The issue has been assigned the public label. * The issue is clearly defined and understood. * No one has been assigned to the issue. * No one has expressed the intention to work on it. After that: 1. Comment on the issue with your intention to work on it. 2. Start working on the issue. Feel free to ask for help, clarification or guidance if needed. We are here to help you. [Developing](https://docs.documenso.com/docs/developers/contributing#developing) --------------------------------------------------------------------------------- The development branch is `main`, and all pull requests should be made against this branch. Here's how you can get started with developing: ### [Set up Documenso locally](https://docs.documenso.com/docs/developers/contributing#set-up-documenso-locally) To set up your local environment, check out the [local development](https://docs.documenso.com/docs/developers/local-development) guide. ### [Pick a task](https://docs.documenso.com/docs/developers/contributing#pick-a-task) Find an issue to work on or create a new one. > Before working on an issue, ensure that no one else is working on it. If no one is assigned to the issue, you can pick it up by leaving a comment and asking to assign it to you. Before creating a new issue, check the existing issues to see if someone else has already reported it. ### [Create a new branch](https://docs.documenso.com/docs/developers/contributing#create-a-new-branch) After you're assigned an issue, you can start working on it. Create a new branch for your feature or bug fix. When creating a branch, make sure that the branch name: * starts with the correct prefix: `feat/` for new features, `fix/` for bug fixes, etc. * includes the issue ID you are working on (if applicable). * is descriptive. git checkout -b feat/issue-id-your-branch-name ## Example git checkout -b feat/1234-add-share-button-to-articles In the pull request description, include `references #yyyy` or `fixes #yyyy` to link it to the issue you are working on. ### [Implement your changes](https://docs.documenso.com/docs/developers/contributing#implement-your-changes) Start working on the issue you picked up and implement the changes. Make sure to test your changes locally and ensure that they work as expected. ### [Open a pull request](https://docs.documenso.com/docs/developers/contributing#open-a-pull-request) After implementing your changes, open a pull request against the `main` branch. If you need help getting started, [join us on Discord](https://documen.so/discord) . [Building](https://docs.documenso.com/docs/developers/contributing#building) ----------------------------------------------------------------------------- Before pushing code or creating pull requests, please ensure you can successfully create a successful production build. You can build the project by running the following command in your terminal: npm run build Once the project builds successfully, you can push your code changes or create a pull request. Remember to run tests and perform any necessary checks before finalizing your changes. As a result, we can collaborate more effectively and maintain a high standard of code quality in our project. [See Also](https://docs.documenso.com/docs/developers/contributing#see-also) ----------------------------------------------------------------------------- * [Local Development](https://docs.documenso.com/docs/developers/local-development) - Set up your development environment * [Contributing Translations](https://docs.documenso.com/docs/developers/contributing/contributing-translations) - Help translate Documenso [Run in Gitpod\ \ Get started with Documenso in a ready-to-use Gitpod workspace in your browser.](https://docs.documenso.com/docs/developers/local-development/gitpod) [Contributing Translations\ \ Learn how to contribute translations to Documenso and become part of our community.](https://docs.documenso.com/docs/developers/contributing/contributing-translations) ### On this page [Overview](https://docs.documenso.com/docs/developers/contributing#overview) [Before Getting Started](https://docs.documenso.com/docs/developers/contributing#before-getting-started) [Check the existing issues and pull requests](https://docs.documenso.com/docs/developers/contributing#check-the-existing-issues-and-pull-requests) [Creating a new issue](https://docs.documenso.com/docs/developers/contributing#creating-a-new-issue) [Picking an existing issue](https://docs.documenso.com/docs/developers/contributing#picking-an-existing-issue) [Contributor license agreement](https://docs.documenso.com/docs/developers/contributing#contributor-license-agreement) [Taking Issues](https://docs.documenso.com/docs/developers/contributing#taking-issues) [Developing](https://docs.documenso.com/docs/developers/contributing#developing) [Set up Documenso locally](https://docs.documenso.com/docs/developers/contributing#set-up-documenso-locally) [Pick a task](https://docs.documenso.com/docs/developers/contributing#pick-a-task) [Create a new branch](https://docs.documenso.com/docs/developers/contributing#create-a-new-branch) [Implement your changes](https://docs.documenso.com/docs/developers/contributing#implement-your-changes) [Open a pull request](https://docs.documenso.com/docs/developers/contributing#open-a-pull-request) [Building](https://docs.documenso.com/docs/developers/contributing#building) [See Also](https://docs.documenso.com/docs/developers/contributing#see-also) --- # Developer Mode | Documenso Docs [API Reference](https://docs.documenso.com/docs/developers/api) Developer Mode ============== Advanced development tools for debugging field IDs, recipient IDs, coordinates and integrating with the Documenso API. Copy MarkdownOpen [Overview](https://docs.documenso.com/docs/developers/api/developer-mode#overview) ----------------------------------------------------------------------------------- Developer mode provides additional tools and features to help you integrate and debug Documenso. [Field Information](https://docs.documenso.com/docs/developers/api/developer-mode#field-information) ----------------------------------------------------------------------------------------------------- When enabled, developer mode displays the following information for each field: * **Field ID** - The unique identifier of the field * **Recipient ID** - The ID of the recipient assigned to the field * **Pos X / Pos Y** - The position of the field on the page * **Width / Height** - The dimensions of the field To enable developer mode, add the `devmode=true` query parameter to the editor URL. # Legacy editor https://app.documenso.com/t//documents//legacy_editor?devmode=true ![Field Coordinates Legacy Editor](https://docs.documenso.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffield-coordinates-legacy-editor.71fa4429.webp&w=3840&q=75) # New editor https://app.documenso.com/t//documents//edit?step=addFields&devmode=true ![Field Coordinates New Editor](https://docs.documenso.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Ffield-coordinates-new-editor.0ddfd52d.webp&w=3840&q=75) * * * [See Also](https://docs.documenso.com/docs/developers/api/developer-mode#see-also) ----------------------------------------------------------------------------------- * [Fields API](https://docs.documenso.com/docs/developers/api/fields) - Create and position fields via API * [Field Types](https://docs.documenso.com/docs/concepts/field-types) - Detailed field type reference [API Versioning\ \ Versioning information for the Documenso public API.](https://docs.documenso.com/docs/developers/api/versioning) [Webhooks\ \ Receive real-time notifications for document and template events.](https://docs.documenso.com/docs/developers/webhooks) ### On this page [Overview](https://docs.documenso.com/docs/developers/api/developer-mode#overview) [Field Information](https://docs.documenso.com/docs/developers/api/developer-mode#field-information) [See Also](https://docs.documenso.com/docs/developers/api/developer-mode#see-also) --- # Examples | Documenso Docs Examples ======== Common integration patterns and end-to-end workflows. Copy MarkdownOpen [### Common Workflows\ \ End-to-end examples for typical use cases.](https://docs.documenso.com/docs/developers/examples/common-workflows) [V2 Authoring\ \ Embed envelope creation and editing directly in your application.](https://docs.documenso.com/docs/developers/embedding/authoring/v2) [Common Workflows\ \ Complete code examples for common document signing workflows, with error handling that can be adapted for your specific use case.](https://docs.documenso.com/docs/developers/examples/common-workflows) --- # Getting Started | Documenso Docs Getting Started =============== Get your API key and make your first API call. Copy MarkdownOpen [### Authentication\ \ Generate an API key and authenticate your requests.](https://docs.documenso.com/docs/developers/getting-started/authentication) [### First API Call\ \ Create your first document via the API.](https://docs.documenso.com/docs/developers/getting-started/first-api-call) [Authentication\ \ Generate an API key and authenticate your requests.](https://docs.documenso.com/docs/developers/getting-started/authentication) --- # API Reference | Documenso Docs API Reference ============= Complete reference for the Documenso REST API. Copy MarkdownOpen The guides below cover common API patterns but may not reflect the latest endpoints or parameters. For an always up-to-date reference, see the [OpenAPI Reference](https://openapi.documenso.com/) . [Base URL](https://docs.documenso.com/docs/developers/api#base-url) -------------------------------------------------------------------- https://app.documenso.com/api/v2 For self-hosted instances, replace with your instance URL. * * * [Authentication](https://docs.documenso.com/docs/developers/api#authentication) -------------------------------------------------------------------------------- All requests require an API key in the `Authorization` header: Authorization: api_xxxxxxxxxxxxxxxx See [Authentication](https://docs.documenso.com/docs/developers/getting-started/authentication) for details. * * * [Endpoints](https://docs.documenso.com/docs/developers/api#endpoints) ---------------------------------------------------------------------- [### Documents\ \ Create, retrieve, update, and delete documents.](https://docs.documenso.com/docs/developers/api/documents) [### Recipients\ \ Manage document recipients and signers.](https://docs.documenso.com/docs/developers/api/recipients) [### Fields\ \ Add and configure signature fields.](https://docs.documenso.com/docs/developers/api/fields) [### Templates\ \ Work with document templates.](https://docs.documenso.com/docs/developers/api/templates) [### Teams\ \ Manage teams and team members.](https://docs.documenso.com/docs/developers/api/teams) * * * [See Also](https://docs.documenso.com/docs/developers/api#see-also) -------------------------------------------------------------------- * [First API Call](https://docs.documenso.com/docs/developers/getting-started/first-api-call) - Quick start example * [Webhooks](https://docs.documenso.com/docs/developers/webhooks) - Get notified about document events [First API Call\ \ Create and send a document for signing using the Documenso API, from uploading a PDF to adding recipients and distributing for signature.](https://docs.documenso.com/docs/developers/getting-started/first-api-call) [Documents API\ \ Create, manage, and send documents for signing via the API.](https://docs.documenso.com/docs/developers/api/documents) ### On this page [Base URL](https://docs.documenso.com/docs/developers/api#base-url) [Authentication](https://docs.documenso.com/docs/developers/api#authentication) [Endpoints](https://docs.documenso.com/docs/developers/api#endpoints) [See Also](https://docs.documenso.com/docs/developers/api#see-also) --- # API Versioning | Documenso Docs [API Reference](https://docs.documenso.com/docs/developers/api) API Versioning ============== Versioning information for the Documenso public API. Copy MarkdownOpen [Overview](https://docs.documenso.com/docs/developers/api/versioning#overview) ------------------------------------------------------------------------------- Documenso uses API versioning to manage changes to the public API. This allows us to introduce new features, fix bugs, and make other changes without breaking existing integrations. The current version of the API is `v2`. The API version is specified in the URL. For example, the base URL for the `v2` API is `https://app.documenso.com/api/v2`. We may make changes to the API without incrementing the version number. We will always try to avoid breaking changes, but in some cases, it may be necessary to make changes that are not backward compatible. In these cases, we will increment the version number and provide information about the changes in the release notes. Also, we may deprecate certain features or endpoints in the API. When we deprecate a feature or endpoint, we will provide information about the deprecation in the release notes and give a timeline for when the feature or endpoint will be removed. * * * [See Also](https://docs.documenso.com/docs/developers/api/versioning#see-also) ------------------------------------------------------------------------------- * [Authentication](https://docs.documenso.com/docs/developers/getting-started/authentication) - API authentication guide * [Rate Limits](https://docs.documenso.com/docs/developers/api/rate-limits) - API rate limit details [Rate Limits\ \ Learn about the rate limits for the Documenso Public API.](https://docs.documenso.com/docs/developers/api/rate-limits) [Developer Mode\ \ Advanced development tools for debugging field IDs, recipient IDs, coordinates and integrating with the Documenso API.](https://docs.documenso.com/docs/developers/api/developer-mode) ### On this page [Overview](https://docs.documenso.com/docs/developers/api/versioning#overview) [See Also](https://docs.documenso.com/docs/developers/api/versioning#see-also) --- # User Guide | Documenso Docs User Guide ========== Learn how to send documents for signing, create templates, and collaborate with your team. Copy MarkdownOpen [Getting Started](https://docs.documenso.com/docs/users#getting-started) ------------------------------------------------------------------------- New to Documenso? Start here to create your account and send your first document. [### Create an Account\ \ Sign up and configure your profile.](https://docs.documenso.com/docs/users/getting-started/create-account) [### Send Your First Document\ \ Upload a PDF, add recipients, place fields, and send for signing.](https://docs.documenso.com/docs/users/getting-started/send-first-document) * * * [Documents](https://docs.documenso.com/docs/users#documents) ------------------------------------------------------------- Upload, prepare, and send documents for electronic signatures. [### Upload and Prepare\ \ Upload your PDF and configure document settings.](https://docs.documenso.com/docs/users/documents/upload) [### Add Recipients\ \ Specify who needs to sign, approve, or view.](https://docs.documenso.com/docs/users/documents/add-recipients) [### Add Fields\ \ Place signature, text, date, and other fields.](https://docs.documenso.com/docs/users/documents/add-fields) [### Send and Track\ \ Send for signing and monitor progress.](https://docs.documenso.com/docs/users/documents/send) [### Direct Links\ \ Share signing links without email invitations.](https://docs.documenso.com/docs/users/documents/direct-links) * * * [Templates](https://docs.documenso.com/docs/users#templates) ------------------------------------------------------------- Create reusable templates for documents you send frequently. [### Create Templates\ \ Build templates from scratch or from existing documents.](https://docs.documenso.com/docs/users/templates/create) [### Use Templates\ \ Send documents using your saved templates.](https://docs.documenso.com/docs/users/templates/use) * * * [Organisations](https://docs.documenso.com/docs/users#organisations) --------------------------------------------------------------------- Collaborate with your organisation on document signing. [### About Organisations\ \ Learn about organisations and how they work.](https://docs.documenso.com/docs/users/organisations/overview) [### Create a Team\ \ Set up a team within your organisation.](https://docs.documenso.com/docs/users/organisations/create-team) [### Manage Members\ \ Invite members and assign roles.](https://docs.documenso.com/docs/users/organisations/members) [### Single Sign-On\ \ Configure SSO for your organisation.](https://docs.documenso.com/docs/users/organisations/single-sign-on) * * * [Settings](https://docs.documenso.com/docs/users#settings) ----------------------------------------------------------- Configure your account and security options. [### Profile\ \ Update your name, email, and signature.](https://docs.documenso.com/docs/users/settings/profile) [### Security\ \ Manage passwords, two-factor authentication, and passkeys.](https://docs.documenso.com/docs/users/settings/security) * * * [Prerequisites](https://docs.documenso.com/docs/users#prerequisites) --------------------------------------------------------------------- To follow this guide, you need a Documenso account. You can [create a free account](https://app.documenso.com/signup) or use a [self-hosted instance](https://docs.documenso.com/docs/self-hosting) . * * * [Looking for Something Else?](https://docs.documenso.com/docs/users#looking-for-something-else) ------------------------------------------------------------------------------------------------ [### Developer Documentation\ \ Integrate Documenso into your applications using the API.](https://docs.documenso.com/docs/developers) [### Self-Hosting Guide\ \ Deploy and run your own Documenso instance.](https://docs.documenso.com/docs/self-hosting) ### On this page [Getting Started](https://docs.documenso.com/docs/users#getting-started) [Documents](https://docs.documenso.com/docs/users#documents) [Templates](https://docs.documenso.com/docs/users#templates) [Organisations](https://docs.documenso.com/docs/users#organisations) [Settings](https://docs.documenso.com/docs/users#settings) [Prerequisites](https://docs.documenso.com/docs/users#prerequisites) [Looking for Something Else?](https://docs.documenso.com/docs/users#looking-for-something-else) --- # Rate Limits | Documenso Docs [API Reference](https://docs.documenso.com/docs/developers/api) Rate Limits =========== Learn about the rate limits for the Documenso Public API. Copy MarkdownOpen [Overview](https://docs.documenso.com/docs/developers/api/rate-limits#overview) -------------------------------------------------------------------------------- Documenso enforces rate limits on all API endpoints to ensure service stability. [HTTP Rate Limits](https://docs.documenso.com/docs/developers/api/rate-limits#http-rate-limits) ------------------------------------------------------------------------------------------------ **Limit:** 100 requests per minute per IP address **Response:** 429 Too Many Requests ### [Rate Limit Response](https://docs.documenso.com/docs/developers/api/rate-limits#rate-limit-response) { "error": "Too many requests, please try again later." } No rate limit headers are currently provided. When you receive a 429 response, wait at least 60 seconds before retrying. [Resource Limits](https://docs.documenso.com/docs/developers/api/rate-limits#resource-limits) ---------------------------------------------------------------------------------------------- Beyond HTTP rate limits, your account has usage limits based on your subscription plan. ### [Plan Limits](https://docs.documenso.com/docs/developers/api/rate-limits#plan-limits) | Resource | Free | Paid | Self-hosted | Enterprise | | --- | --- | --- | --- | --- | | Documents/month | 5 | Unlimited | Unlimited | Unlimited | | Total Recipients | 10 | Unlimited | Unlimited | Unlimited | | Direct Templates | 3 | Unlimited | Unlimited | Unlimited | ### [Error Response](https://docs.documenso.com/docs/developers/api/rate-limits#error-response) When you exceed a resource limit: { "error": "You have reached your document limit for this month. Please upgrade your plan.", "code": "LIMIT_EXCEEDED", "statusCode": 400 } [Error Codes](https://docs.documenso.com/docs/developers/api/rate-limits#error-codes) -------------------------------------------------------------------------------------- | Code | Status | Description | | --- | --- | --- | | `TOO_MANY_REQUESTS` | 429 | HTTP rate limit exceeded | | `LIMIT_EXCEEDED` | 400 | Resource usage limit exceeded | * * * [See Also](https://docs.documenso.com/docs/developers/api/rate-limits#see-also) -------------------------------------------------------------------------------- * [Authentication](https://docs.documenso.com/docs/developers/getting-started/authentication) - API authentication guide * [API Versioning](https://docs.documenso.com/docs/developers/api/versioning) - API version management * [First API Call](https://docs.documenso.com/docs/developers/getting-started/first-api-call) - Getting started with the API [Teams API\ \ Manage team resources, documents, and templates with team-scoped API tokens.](https://docs.documenso.com/docs/developers/api/teams) [API Versioning\ \ Versioning information for the Documenso public API.](https://docs.documenso.com/docs/developers/api/versioning) ### On this page [Overview](https://docs.documenso.com/docs/developers/api/rate-limits#overview) [HTTP Rate Limits](https://docs.documenso.com/docs/developers/api/rate-limits#http-rate-limits) [Rate Limit Response](https://docs.documenso.com/docs/developers/api/rate-limits#rate-limit-response) [Resource Limits](https://docs.documenso.com/docs/developers/api/rate-limits#resource-limits) [Plan Limits](https://docs.documenso.com/docs/developers/api/rate-limits#plan-limits) [Error Response](https://docs.documenso.com/docs/developers/api/rate-limits#error-response) [Error Codes](https://docs.documenso.com/docs/developers/api/rate-limits#error-codes) [See Also](https://docs.documenso.com/docs/developers/api/rate-limits#see-also) --- # Getting Started | Documenso Docs Getting Started =============== Requirements and quick start guide for self-hosting Documenso. Copy MarkdownOpen [### Requirements\ \ System requirements and prerequisites.](https://docs.documenso.com/docs/self-hosting/getting-started/requirements) [### Quick Start\ \ Deploy with Docker in 5 minutes.](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start) --- # CSS Variables | Documenso Docs [Embedding](https://docs.documenso.com/docs/developers/embedding) CSS Variables ============= Customize the appearance of embedded signing experiences with CSS variables and class targets. Copy MarkdownOpen Custom CSS and CSS variables are available on the [Platform Plan](https://documen.so/platform-cta-pricing) . [CSS Variables](https://docs.documenso.com/docs/developers/embedding/css-variables#css-variables) -------------------------------------------------------------------------------------------------- Use the `cssVars` prop on any embed component to override default colors, spacing, and more. ### [Colors](https://docs.documenso.com/docs/developers/embedding/css-variables#colors) | Variable | Description | | --- | --- | | `background` | Base background color | | `foreground` | Base text color | | `muted` | Muted/subtle background color | | `mutedForeground` | Muted/subtle text color | | `popover` | Popover/dropdown background color | | `popoverForeground` | Popover/dropdown text color | | `card` | Card background color | | `cardBorder` | Card border color | | `cardBorderTint` | Card border tint/highlight color | | `cardForeground` | Card text color | | `fieldCard` | Field card background color | | `fieldCardBorder` | Field card border color | | `fieldCardForeground` | Field card text color | | `widget` | Widget background color | | `widgetForeground` | Widget text color | | `border` | Default border color | | `input` | Input field border color | | `primary` | Primary action/button color | | `primaryForeground` | Primary action/button text color | | `secondary` | Secondary action/button color | | `secondaryForeground` | Secondary button text color | | `accent` | Accent/highlight color | | `accentForeground` | Accent/highlight text color | | `destructive` | Destructive/danger action color | | `destructiveForeground` | Destructive/danger text color | | `ring` | Focus ring color | | `warning` | Warning/alert color | | `envelopeEditorBackground` | Envelope editor background color. _V2 Envelope Editor only._ | ### [Spacing](https://docs.documenso.com/docs/developers/embedding/css-variables#spacing) | Variable | Description | | --- | --- | | `radius` | Border radius size (e.g. `0.5rem`) | ### [Framework Usage](https://docs.documenso.com/docs/developers/embedding/css-variables#framework-usage) Pass `cssVars` to any embed component. The syntax varies by framework: // React / Preact // Vue // Svelte // Solid ### [Color Formats](https://docs.documenso.com/docs/developers/embedding/css-variables#color-formats) Colors can be specified in any valid CSS format: * Hex: `#ff0000` * RGB: `rgb(255, 0, 0)` * HSL: `hsl(0, 100%, 50%)` * Named: `red` * * * [Custom CSS](https://docs.documenso.com/docs/developers/embedding/css-variables#custom-css) -------------------------------------------------------------------------------------------- Use the `css` prop to inject a CSS string for more targeted control: * * * [CSS Class Targets](https://docs.documenso.com/docs/developers/embedding/css-variables#css-class-targets) ---------------------------------------------------------------------------------------------------------- Specific parts of the embed can be targeted with CSS classes for granular styling. ### [Component Classes](https://docs.documenso.com/docs/developers/embedding/css-variables#component-classes) | Class | Description | | --- | --- | | `.embed--Root` | Main container for the embedded experience | | `.embed--DocumentContainer` | Container for the document and signing widget | | `.embed--DocumentViewer` | Container for the document viewer | | `.embed--DocumentWidget` | The signing widget container | | `.embed--DocumentWidgetContainer` | Outer container for the signing widget | | `.embed--DocumentWidgetHeader` | Header section of the signing widget | | `.embed--DocumentWidgetContent` | Main content area of the signing widget | | `.embed--DocumentWidgetForm` | Form section within the signing widget | | `.embed--DocumentWidgetFooter` | Footer section of the signing widget | | `.embed--WaitingForTurn` | Waiting screen when it is not the user's turn | | `.embed--DocumentCompleted` | Completion screen after signing | | `.field--FieldRootContainer` | Base container for document fields | ### [Field Data Attributes](https://docs.documenso.com/docs/developers/embedding/css-variables#field-data-attributes) Fields expose data attributes for state-based styling: | Attribute | Values | Description | | --- | --- | --- | | `[data-field-type]` | `SIGNATURE`, `TEXT`, `CHECKBOX`, `RADIO`, etc. | The type of field | | `[data-inserted]` | `true`, `false` | Whether the field has been filled | | `[data-validate]` | `true`, `false` | Whether the field is being validated | ### [Example](https://docs.documenso.com/docs/developers/embedding/css-variables#example) /* Style signature fields */ .field--FieldRootContainer[data-field-type='SIGNATURE'] { background-color: rgba(0, 0, 0, 0.02); } /* Style filled fields */ .field--FieldRootContainer[data-inserted='true'] { background-color: var(--primary); opacity: 0.2; } /* Custom widget styling */ .embed--DocumentWidget { background-color: #ffffff; box-shadow: 0 4px 6px -1px rgb(0 0 0 / 0.1); } ### [Additional Examples](https://docs.documenso.com/docs/developers/embedding/css-variables#additional-examples) /* Style all field containers with transitions */ .field--FieldRootContainer { transition: all 200ms ease; } /* Custom styles for the waiting screen */ .embed--WaitingForTurn { background-color: #f9fafb; padding: 2rem; } /* Responsive adjustments for the document container */ @media (min-width: 768px) { .embed--DocumentContainer { gap: 2rem; } } * * * [Best Practices](https://docs.documenso.com/docs/developers/embedding/css-variables#best-practices) ---------------------------------------------------------------------------------------------------- ### Maintain contrast ### Test dark mode ### Match your brand ### Consistent radius * * * [See Also](https://docs.documenso.com/docs/developers/embedding/css-variables#see-also) ---------------------------------------------------------------------------------------- * [Embedding Overview](https://docs.documenso.com/docs/developers/embedding) - Props reference and concepts * [React](https://docs.documenso.com/docs/developers/embedding/sdks/react) - React SDK usage * [Vue](https://docs.documenso.com/docs/developers/embedding/sdks/vue) - Vue SDK usage [Direct Links\ \ Share a URL or embed an iframe to let users sign documents without email invitations.](https://docs.documenso.com/docs/developers/embedding/direct-links) [Authoring\ \ Embed document, template, and envelope creation directly in your application.](https://docs.documenso.com/docs/developers/embedding/authoring) ### On this page [CSS Variables](https://docs.documenso.com/docs/developers/embedding/css-variables#css-variables) [Colors](https://docs.documenso.com/docs/developers/embedding/css-variables#colors) [Spacing](https://docs.documenso.com/docs/developers/embedding/css-variables#spacing) [Framework Usage](https://docs.documenso.com/docs/developers/embedding/css-variables#framework-usage) [Color Formats](https://docs.documenso.com/docs/developers/embedding/css-variables#color-formats) [Custom CSS](https://docs.documenso.com/docs/developers/embedding/css-variables#custom-css) [CSS Class Targets](https://docs.documenso.com/docs/developers/embedding/css-variables#css-class-targets) [Component Classes](https://docs.documenso.com/docs/developers/embedding/css-variables#component-classes) [Field Data Attributes](https://docs.documenso.com/docs/developers/embedding/css-variables#field-data-attributes) [Example](https://docs.documenso.com/docs/developers/embedding/css-variables#example) [Additional Examples](https://docs.documenso.com/docs/developers/embedding/css-variables#additional-examples) [Best Practices](https://docs.documenso.com/docs/developers/embedding/css-variables#best-practices) [See Also](https://docs.documenso.com/docs/developers/embedding/css-variables#see-also) --- # Maintenance | Documenso Docs Maintenance =========== Upgrade, backup, and troubleshoot your self-hosted Documenso instance. Copy MarkdownOpen [### Upgrades\ \ Upgrade to new versions safely.](https://docs.documenso.com/docs/self-hosting/maintenance/upgrades) [### Backups\ \ Backup strategies for your data.](https://docs.documenso.com/docs/self-hosting/maintenance/backups) [### Troubleshooting\ \ Common issues and solutions.](https://docs.documenso.com/docs/self-hosting/maintenance/troubleshooting) --- # Authentication | Documenso Docs [Getting Started](https://docs.documenso.com/docs/developers/getting-started) Authentication ============== Generate an API key and authenticate your requests. Copy MarkdownOpen [Prerequisites](https://docs.documenso.com/docs/developers/getting-started/authentication#prerequisites) --------------------------------------------------------------------------------------------------------- * A Documenso account (cloud or self-hosted) * A Documenso account on any plan (Free, Individual, Team, or Enterprise) Free accounts include API access with a limit of 5 documents per month. [Upgrade to a paid plan](https://documen.so/pricing) for higher limits. [Create an API Token](https://docs.documenso.com/docs/developers/getting-started/authentication#create-an-api-token) --------------------------------------------------------------------------------------------------------------------- ### [Open settings](https://docs.documenso.com/docs/developers/getting-started/authentication#open-settings) * Log in to your Documenso account * Click your avatar in the top right corner * Select **Settings** from the dropdown menu ![User dropdown menu](https://docs.documenso.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdocumenso-user-dropdown-menu.46e1ee8e.webp&w=3840&q=75) ### [Navigate to the API Tokens tab](https://docs.documenso.com/docs/developers/getting-started/authentication#navigate-to-the-api-tokens-tab) Go to **Settings** and open the **API Tokens** tab. ![API tokens page](https://docs.documenso.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fapi-tokens-page-documenso.d5b148a6.webp&w=3840&q=75) ### [Generate a new token](https://docs.documenso.com/docs/developers/getting-started/authentication#generate-a-new-token) * Click **Create Token** * Enter a descriptive name (e.g., `production-backend`, `zapier-integration`) * Select an expiration period: never expires, 7 days, 1 month, 3 months, 6 months, or 1 year * Click **Create Token** ### [Copy your token](https://docs.documenso.com/docs/developers/getting-started/authentication#copy-your-token) Your token is displayed once after creation. Copy it immediately and store it securely. ![API key display](https://docs.documenso.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fdocumenso-api-key-blurred.ba88c3f1.webp&w=3840&q=75) You cannot view the token again after leaving this page. If you lose it, you must create a new token. [Using Your Token](https://docs.documenso.com/docs/developers/getting-started/authentication#using-your-token) --------------------------------------------------------------------------------------------------------------- Include the token in the `Authorization` header of your HTTP requests. ### [cURL](https://docs.documenso.com/docs/developers/getting-started/authentication#curl) curl https://app.documenso.com/api/v2/documents \ -H "Authorization: api_xxxxxxxxxxxxxxxx" ### [JavaScript / TypeScript](https://docs.documenso.com/docs/developers/getting-started/authentication#javascript--typescript) const response = await fetch('https://app.documenso.com/api/v2/documents', { method: 'GET', headers: { Authorization: 'api_xxxxxxxxxxxxxxxx', }, }); const documents = await response.json(); ### [Using the TypeScript SDK](https://docs.documenso.com/docs/developers/getting-started/authentication#using-the-typescript-sdk) Documenso provides official SDKs that handle authentication for you: import { Documenso } from '@documenso/sdk-typescript'; const client = new Documenso({ apiKey: 'api_xxxxxxxxxxxxxxxx', }); const documents = await client.documents.find(); SDKs are available for [TypeScript](https://github.com/documenso/sdk-typescript) , [Python](https://github.com/documenso/sdk-python) , and [Go](https://github.com/documenso/sdk-go) . [API Base URLs](https://docs.documenso.com/docs/developers/getting-started/authentication#api-base-urls) --------------------------------------------------------------------------------------------------------- | Environment | Base URL | | --- | --- | | Production | `https://app.documenso.com/api/v2` | | Staging | `https://stg-app.documenso.com/api/v2` | | Self-hosted | `https://your-domain.com/api/v2` | API V1 is deprecated. Use V2 for all new integrations. V1 only works with legacy documents created before the envelope system. If you need V1 documentation for migration purposes, see the [V1 OpenAPI reference](https://app.documenso.com/api/v1/openapi) . The API is available on all plans, including Free (5 documents per month). [Fair Use](https://docs.documenso.com/docs/policies/fair-use) applies to all API usage. [Token Security](https://docs.documenso.com/docs/developers/getting-started/authentication#token-security) ----------------------------------------------------------------------------------------------------------- API tokens grant full access to your account. Follow these practices to keep them secure: * **Never commit tokens to version control.** Use environment variables instead. * **Use descriptive names.** Names like `zapier-prod` or `backend-staging` help you identify token usage. * **Set expiration dates.** Shorter expiration periods reduce risk if a token is compromised. * **Rotate tokens regularly.** Create new tokens and revoke old ones periodically. * **Use separate tokens per integration.** If one is compromised, you only need to revoke that specific token. * **Revoke unused tokens.** Delete tokens you no longer need from the API Tokens settings page. ### [Environment Variables](https://docs.documenso.com/docs/developers/getting-started/authentication#environment-variables) Store your token in an environment variable rather than hardcoding it: # .env (do not commit this file) DOCUMENSO_API_KEY=api_xxxxxxxxxxxxxxxx const client = new Documenso({ apiKey: process.env.DOCUMENSO_API_KEY, }); [Token Scope](https://docs.documenso.com/docs/developers/getting-started/authentication#token-scope) ----------------------------------------------------------------------------------------------------- API tokens have full access to your account, including: * Creating, reading, updating, and deleting documents * Managing recipients and fields * Accessing templates * Managing team resources (if the token owner has team access) There is currently no way to create tokens with limited scopes or permissions. [Revoking a Token](https://docs.documenso.com/docs/developers/getting-started/authentication#revoking-a-token) --------------------------------------------------------------------------------------------------------------- To revoke a token: Go to **Settings** > **API Tokens** Find the token you want to revoke Click the delete icon next to the token Confirm the deletion Revoked tokens stop working immediately. Any integrations using that token will receive `401 Unauthorized` errors. [Troubleshooting](https://docs.documenso.com/docs/developers/getting-started/authentication#troubleshooting) ------------------------------------------------------------------------------------------------------------- ### 401 Unauthorized — Missing or invalid token ### 401 Unauthorized — Expired token ### 403 Forbidden — Token doesn't have access to the resource [Next Steps](https://docs.documenso.com/docs/developers/getting-started/authentication#next-steps) --------------------------------------------------------------------------------------------------- * [Make your first API call](https://docs.documenso.com/docs/developers/getting-started/first-api-call) - Create a document via the API * [API Reference](https://docs.documenso.com/docs/developers/api) - Explore available endpoints [Getting Started\ \ Get your API key and make your first API call.](https://docs.documenso.com/docs/developers/getting-started) [First API Call\ \ Create and send a document for signing using the Documenso API, from uploading a PDF to adding recipients and distributing for signature.](https://docs.documenso.com/docs/developers/getting-started/first-api-call) ### On this page [Prerequisites](https://docs.documenso.com/docs/developers/getting-started/authentication#prerequisites) [Create an API Token](https://docs.documenso.com/docs/developers/getting-started/authentication#create-an-api-token) [Open settings](https://docs.documenso.com/docs/developers/getting-started/authentication#open-settings) [Navigate to the API Tokens tab](https://docs.documenso.com/docs/developers/getting-started/authentication#navigate-to-the-api-tokens-tab) [Generate a new token](https://docs.documenso.com/docs/developers/getting-started/authentication#generate-a-new-token) [Copy your token](https://docs.documenso.com/docs/developers/getting-started/authentication#copy-your-token) [Using Your Token](https://docs.documenso.com/docs/developers/getting-started/authentication#using-your-token) [cURL](https://docs.documenso.com/docs/developers/getting-started/authentication#curl) [JavaScript / TypeScript](https://docs.documenso.com/docs/developers/getting-started/authentication#javascript--typescript) [Using the TypeScript SDK](https://docs.documenso.com/docs/developers/getting-started/authentication#using-the-typescript-sdk) [API Base URLs](https://docs.documenso.com/docs/developers/getting-started/authentication#api-base-urls) [Token Security](https://docs.documenso.com/docs/developers/getting-started/authentication#token-security) [Environment Variables](https://docs.documenso.com/docs/developers/getting-started/authentication#environment-variables) [Token Scope](https://docs.documenso.com/docs/developers/getting-started/authentication#token-scope) [Revoking a Token](https://docs.documenso.com/docs/developers/getting-started/authentication#revoking-a-token) [Troubleshooting](https://docs.documenso.com/docs/developers/getting-started/authentication#troubleshooting) [Next Steps](https://docs.documenso.com/docs/developers/getting-started/authentication#next-steps) --- # Deployment | Documenso Docs Deployment ========== Deploy Documenso using Docker, Docker Compose, Railway, or Kubernetes. Copy MarkdownOpen | Method | Best For | Difficulty | | --- | --- | --- | | [Docker](https://docs.documenso.com/docs/self-hosting/deployment/docker) | Single container, external database | Easy | | [Docker Compose](https://docs.documenso.com/docs/self-hosting/deployment/docker-compose) | Self-contained setup, small teams | Easy | | [Railway](https://docs.documenso.com/docs/self-hosting/deployment/railway) | Quick deployment, managed | Very Easy | | [Kubernetes](https://docs.documenso.com/docs/self-hosting/deployment/kubernetes) | Enterprise, high availability | Advanced | [### Docker\ \ Single container with external database.](https://docs.documenso.com/docs/self-hosting/deployment/docker) [### Docker Compose\ \ Production-ready multi-container setup.](https://docs.documenso.com/docs/self-hosting/deployment/docker-compose) [### Railway\ \ One-click deployment on Railway.](https://docs.documenso.com/docs/self-hosting/deployment/railway) [### Kubernetes\ \ Scalable Kubernetes deployment.](https://docs.documenso.com/docs/self-hosting/deployment/kubernetes) [See Also](https://docs.documenso.com/docs/self-hosting/deployment#see-also) ----------------------------------------------------------------------------- * [Requirements](https://docs.documenso.com/docs/self-hosting/getting-started/requirements) - Check prerequisites first * [Configuration](https://docs.documenso.com/docs/self-hosting/configuration) - Configure your deployment ### On this page [See Also](https://docs.documenso.com/docs/self-hosting/deployment#see-also) --- # Run in Gitpod | Documenso Docs [Local Development](https://docs.documenso.com/docs/developers/local-development) Run in Gitpod ============= Get started with Documenso in a ready-to-use Gitpod workspace in your browser. Copy MarkdownOpen Click below to launch a ready-to-use Gitpod workspace in your browser. [![Open in Gitpod](https://gitpod.io/button/open-in-gitpod.svg)](https://gitpod.io/#https://github.com/documenso/documenso) [See Also](https://docs.documenso.com/docs/developers/local-development/gitpod#see-also) ----------------------------------------------------------------------------------------- * [Developer Quickstart](https://docs.documenso.com/docs/developers/local-development/quickstart) - Local Docker-based setup * [Manual Setup](https://docs.documenso.com/docs/developers/local-development/manual) - Manual setup without Docker [Translations\ \ Handling translations in code.](https://docs.documenso.com/docs/developers/local-development/translations) [Contributing to Documenso\ \ Learn how to contribute to Documenso and become part of our community.](https://docs.documenso.com/docs/developers/contributing) ### On this page [See Also](https://docs.documenso.com/docs/developers/local-development/gitpod#see-also) --- # Teams API | Documenso Docs [API Reference](https://docs.documenso.com/docs/developers/api) Teams API ========= Manage team resources, documents, and templates with team-scoped API tokens. Copy MarkdownOpen This guide may not reflect the latest endpoints or parameters. For an always up-to-date reference, see the [OpenAPI Reference](https://openapi.documenso.com/) . [Team Object](https://docs.documenso.com/docs/developers/api/teams#team-object) -------------------------------------------------------------------------------- A team object contains the following properties: | Property | Type | Description | | --- | --- | --- | | `id` | number | Unique team identifier | | `name` | string | Team display name | | `url` | string | Unique team URL slug | | `createdAt` | string | ISO 8601 timestamp | | `avatarImageId` | string \| null | ID of the team's avatar image | | `organisationId` | string | ID of the parent organisation | | `currentTeamRole` | string | Your role in the team: `ADMIN`, `MANAGER`, `MEMBER` | ### [Example Team Object](https://docs.documenso.com/docs/developers/api/teams#example-team-object) { "id": 123, "name": "Engineering", "url": "engineering", "createdAt": "2025-01-15T10:30:00.000Z", "avatarImageId": null, "organisationId": "org_abc123", "currentTeamRole": "ADMIN" } [Team-Scoped API Tokens](https://docs.documenso.com/docs/developers/api/teams#team-scoped-api-tokens) ------------------------------------------------------------------------------------------------------ API tokens in Documenso are always scoped to a specific team. When you create an API token, it is associated with the team you're currently working in. ### [How Team Scoping Works](https://docs.documenso.com/docs/developers/api/teams#how-team-scoping-works) * Each API token belongs to exactly one team * All API operations using that token automatically access that team's resources * Documents, templates, and other resources created via the API belong to the token's team * You cannot access resources from other teams with a single token ### [Creating Team-Scoped Tokens](https://docs.documenso.com/docs/developers/api/teams#creating-team-scoped-tokens) Navigate to your team's settings Go to **API Tokens** Click **Create Token** The token will be scoped to the current team To work with multiple teams via API, create separate tokens for each team. ### [Token Permissions](https://docs.documenso.com/docs/developers/api/teams#token-permissions) Your API token inherits permissions based on your role in the team: | Role | Permissions | | --- | --- | | `ADMIN` | Full access to all team resources and settings | | `MANAGER` | Create, edit, and delete documents and templates | | `MEMBER` | Create and manage own documents | [Working with Team Documents](https://docs.documenso.com/docs/developers/api/teams#working-with-team-documents) ---------------------------------------------------------------------------------------------------------------- When you use a team-scoped API token, all document operations are automatically scoped to that team. ### [Create a Team Document](https://docs.documenso.com/docs/developers/api/teams#create-a-team-document) Documents created with a team token belong to that team: curlTypeScript curl -X POST "https://app.documenso.com/api/v2/envelope/create" \ -H "Authorization: api_team_xxxxxxxxxxxxxxxx" \ -H "Content-Type: multipart/form-data" \ -F 'payload={ "type": "DOCUMENT", "title": "Team Contract", "recipients": [\ {\ "email": "signer@example.com",\ "name": "John Smith",\ "role": "SIGNER"\ }\ ] }' \ -F "files=@./contract.pdf;type=application/pdf" const TEAM_API_TOKEN = process.env.DOCUMENSO_TEAM_API_TOKEN; const form = new FormData(); const payload = { type: 'DOCUMENT', title: 'Team Contract', recipients: [\ {\ email: 'signer@example.com',\ name: 'John Smith',\ role: 'SIGNER',\ },\ ], }; form.append('payload', JSON.stringify(payload)); form.append('files', fs.createReadStream('./contract.pdf'), { contentType: 'application/pdf', }); const response = await fetch('https://app.documenso.com/api/v2/envelope/create', { method: 'POST', headers: { Authorization: TEAM_API_TOKEN, }, body: form, }); const { id } = await response.json(); console.log('Created team document:', id); ### [List Team Documents](https://docs.documenso.com/docs/developers/api/teams#list-team-documents) Retrieve all documents belonging to the team: curlTypeScript # List all team documents curl -X GET "https://app.documenso.com/api/v2/envelope" \ -H "Authorization: api_team_xxxxxxxxxxxxxxxx" # Filter by status curl -X GET "https://app.documenso.com/api/v2/envelope?status=PENDING" \ -H "Authorization: api_team_xxxxxxxxxxxxxxxx" const response = await fetch('https://app.documenso.com/api/v2/envelope', { method: 'GET', headers: { Authorization: TEAM_API_TOKEN, }, }); const { data, pagination } = await response.json(); console.log(`Found ${pagination.totalItems} team documents`); [Working with Team Templates](https://docs.documenso.com/docs/developers/api/teams#working-with-team-templates) ---------------------------------------------------------------------------------------------------------------- Templates created with a team token are shared across the team. ### [Create a Team Template](https://docs.documenso.com/docs/developers/api/teams#create-a-team-template) curlTypeScript curl -X POST "https://app.documenso.com/api/v2/template/create" \ -H "Authorization: api_team_xxxxxxxxxxxxxxxx" \ -H "Content-Type: multipart/form-data" \ -F 'payload={ "title": "NDA Template", "recipients": [\ {\ "email": "placeholder@example.com",\ "name": "Signer",\ "role": "SIGNER",\ "fields": [\ {\ "identifier": 0,\ "type": "SIGNATURE",\ "page": 1,\ "positionX": 10,\ "positionY": 80,\ "width": 30,\ "height": 5\ }\ ]\ }\ ] }' \ -F "files=@./nda-template.pdf;type=application/pdf" const form = new FormData(); const payload = { title: 'NDA Template', recipients: [\ {\ email: 'placeholder@example.com',\ name: 'Signer',\ role: 'SIGNER',\ fields: [\ {\ identifier: 0,\ type: 'SIGNATURE',\ page: 1,\ positionX: 10,\ positionY: 80,\ width: 30,\ height: 5,\ },\ ],\ },\ ], }; form.append('payload', JSON.stringify(payload)); form.append('files', fs.createReadStream('./nda-template.pdf'), { contentType: 'application/pdf', }); const response = await fetch('https://app.documenso.com/api/v2/template/create', { method: 'POST', headers: { Authorization: TEAM_API_TOKEN, }, body: form, }); const template = await response.json(); console.log('Created team template:', template.id); ### [List Team Templates](https://docs.documenso.com/docs/developers/api/teams#list-team-templates) curlTypeScript curl -X GET "https://app.documenso.com/api/v2/template" \ -H "Authorization: api_team_xxxxxxxxxxxxxxxx" const response = await fetch('https://app.documenso.com/api/v2/template', { method: 'GET', headers: { Authorization: TEAM_API_TOKEN, }, }); const { data } = await response.json(); console.log('Team templates:', data); [Team Member Roles](https://docs.documenso.com/docs/developers/api/teams#team-member-roles) -------------------------------------------------------------------------------------------- | Role | Description | | --- | --- | | `ADMIN` | Full control over team settings, members, and all resources | | `MANAGER` | Can manage documents, templates, and view team resources | | `MEMBER` | Can create and manage their own documents within the team | ### [Document Visibility](https://docs.documenso.com/docs/developers/api/teams#document-visibility) Team documents have visibility settings that control who can access them: | Visibility | Description | | --- | --- | | `EVERYONE` | All team members can view the document | | `MANAGER_AND_ABOVE` | Only managers and admins can view | | `ADMIN` | Only admins can view | Set visibility when creating a document: const payload = { type: 'DOCUMENT', title: 'Confidential Agreement', visibility: 'ADMIN', // Only team admins can view recipients: [...], }; [Multi-Team Workflow](https://docs.documenso.com/docs/developers/api/teams#multi-team-workflow) ------------------------------------------------------------------------------------------------ To work with multiple teams, create and manage separate API tokens for each team. ### [Example: Sync Documents Across Teams](https://docs.documenso.com/docs/developers/api/teams#example-sync-documents-across-teams) // Tokens for different teams const SALES_TEAM_TOKEN = process.env.SALES_TEAM_API_TOKEN; const LEGAL_TEAM_TOKEN = process.env.LEGAL_TEAM_API_TOKEN; // Get pending documents from sales team const salesResponse = await fetch('https://app.documenso.com/api/v2/envelope?status=PENDING', { headers: { Authorization: SALES_TEAM_TOKEN }, }); const salesDocs = await salesResponse.json(); // Get completed documents from legal team const legalResponse = await fetch('https://app.documenso.com/api/v2/envelope?status=COMPLETED', { headers: { Authorization: LEGAL_TEAM_TOKEN }, }); const legalDocs = await legalResponse.json(); console.log(`Sales team: ${salesDocs.pagination.totalItems} pending`); console.log(`Legal team: ${legalDocs.pagination.totalItems} completed`); [Error Responses](https://docs.documenso.com/docs/developers/api/teams#error-responses) ---------------------------------------------------------------------------------------- | Status | Description | | --- | --- | | `401` | Invalid or expired API token | | `403` | Token doesn't have permission for this operation | | `404` | Resource not found or not accessible by this team | ### [Example Error Response](https://docs.documenso.com/docs/developers/api/teams#example-error-response) { "message": "You do not have permission to access this resource" } API tokens can only access resources belonging to their associated team. Attempting to access resources from another team returns a 403 or 404 error. [See Also](https://docs.documenso.com/docs/developers/api/teams#see-also) -------------------------------------------------------------------------- * [Documents API](https://docs.documenso.com/docs/developers/api/documents) - Create and manage documents * [Templates API](https://docs.documenso.com/docs/developers/api/templates) - Work with document templates * [Authentication](https://docs.documenso.com/docs/developers/getting-started/authentication) - Create and manage API tokens [Templates API\ \ Create documents from reusable templates via API.](https://docs.documenso.com/docs/developers/api/templates) [Rate Limits\ \ Learn about the rate limits for the Documenso Public API.](https://docs.documenso.com/docs/developers/api/rate-limits) ### On this page [Team Object](https://docs.documenso.com/docs/developers/api/teams#team-object) [Example Team Object](https://docs.documenso.com/docs/developers/api/teams#example-team-object) [Team-Scoped API Tokens](https://docs.documenso.com/docs/developers/api/teams#team-scoped-api-tokens) [How Team Scoping Works](https://docs.documenso.com/docs/developers/api/teams#how-team-scoping-works) [Creating Team-Scoped Tokens](https://docs.documenso.com/docs/developers/api/teams#creating-team-scoped-tokens) [Token Permissions](https://docs.documenso.com/docs/developers/api/teams#token-permissions) [Working with Team Documents](https://docs.documenso.com/docs/developers/api/teams#working-with-team-documents) [Create a Team Document](https://docs.documenso.com/docs/developers/api/teams#create-a-team-document) [List Team Documents](https://docs.documenso.com/docs/developers/api/teams#list-team-documents) [Working with Team Templates](https://docs.documenso.com/docs/developers/api/teams#working-with-team-templates) [Create a Team Template](https://docs.documenso.com/docs/developers/api/teams#create-a-team-template) [List Team Templates](https://docs.documenso.com/docs/developers/api/teams#list-team-templates) [Team Member Roles](https://docs.documenso.com/docs/developers/api/teams#team-member-roles) [Document Visibility](https://docs.documenso.com/docs/developers/api/teams#document-visibility) [Multi-Team Workflow](https://docs.documenso.com/docs/developers/api/teams#multi-team-workflow) [Example: Sync Documents Across Teams](https://docs.documenso.com/docs/developers/api/teams#example-sync-documents-across-teams) [Error Responses](https://docs.documenso.com/docs/developers/api/teams#error-responses) [Example Error Response](https://docs.documenso.com/docs/developers/api/teams#example-error-response) [See Also](https://docs.documenso.com/docs/developers/api/teams#see-also) --- # Developer Quickstart | Documenso Docs [Local Development](https://docs.documenso.com/docs/developers/local-development) Developer Quickstart ==================== Quickly set up Documenso on your machine for local development with Docker and Docker Compose. Copy MarkdownOpen [Quickstart](https://docs.documenso.com/docs/developers/local-development/quickstart#quickstart) ------------------------------------------------------------------------------------------------- **Note**: This guide assumes that you have both [docker](https://docs.docker.com/get-docker/) and [docker-compose](https://docs.docker.com/compose/) installed on your machine. Want to get up and running quickly? Follow these steps: ### [Fork Documenso](https://docs.documenso.com/docs/developers/local-development/quickstart#fork-documenso) Fork the [Documenso repository](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/about-forks) to your GitHub account. ### [Clone repository](https://docs.documenso.com/docs/developers/local-development/quickstart#clone-repository) After forking the repository, clone it to your local device by using the following command: git clone https://github.com//documenso ### [Set up environment variables](https://docs.documenso.com/docs/developers/local-development/quickstart#set-up-environment-variables) Set up your environment variables in the `.env` file using the `.env.example` file as a reference. Alternatively, you can run `cp .env.example .env` to get started with our handpicked defaults. ### [Start database and mail server](https://docs.documenso.com/docs/developers/local-development/quickstart#start-database-and-mail-server) Run `npm run dx` in the root directory. This will spin up a Postgres database and inbucket mailserver in a docker container. ### [Start the application](https://docs.documenso.com/docs/developers/local-development/quickstart#start-the-application) Run `npm run dev` in the root directory to start the application. ### [(Optional) Fasten the Process](https://docs.documenso.com/docs/developers/local-development/quickstart#optional-fasten-the-process) Want it even faster? Just use: npm run d ### [Access Points for the Project](https://docs.documenso.com/docs/developers/local-development/quickstart#access-points-for-the-project) You can access the following services: * Main application - [http://localhost:3000](http://localhost:3000/) * Incoming Mail Access - [http://localhost:9000](http://localhost:9000/) * Database Connection Details: * Port: 54320 * Connection: Use your favorite database client to connect to the database. * S3 Storage Dashboard - [http://localhost:9001](http://localhost:9001/) [See Also](https://docs.documenso.com/docs/developers/local-development/quickstart#see-also) --------------------------------------------------------------------------------------------- * [Manual Setup](https://docs.documenso.com/docs/developers/local-development/manual) - Set up without Docker * [Signing Certificate](https://docs.documenso.com/docs/developers/local-development/signing-certificate) - Create a certificate for local development [Local Development\ \ Learn how to set up Documenso for local development.](https://docs.documenso.com/docs/developers/local-development) [Manual Setup\ \ Manually set up Documenso on your machine for local development.](https://docs.documenso.com/docs/developers/local-development/manual) ### On this page [Quickstart](https://docs.documenso.com/docs/developers/local-development/quickstart#quickstart) [Fork Documenso](https://docs.documenso.com/docs/developers/local-development/quickstart#fork-documenso) [Clone repository](https://docs.documenso.com/docs/developers/local-development/quickstart#clone-repository) [Set up environment variables](https://docs.documenso.com/docs/developers/local-development/quickstart#set-up-environment-variables) [Start database and mail server](https://docs.documenso.com/docs/developers/local-development/quickstart#start-database-and-mail-server) [Start the application](https://docs.documenso.com/docs/developers/local-development/quickstart#start-the-application) [(Optional) Fasten the Process](https://docs.documenso.com/docs/developers/local-development/quickstart#optional-fasten-the-process) [Access Points for the Project](https://docs.documenso.com/docs/developers/local-development/quickstart#access-points-for-the-project) [See Also](https://docs.documenso.com/docs/developers/local-development/quickstart#see-also) --- # Webhooks | Documenso Docs Webhooks ======== Receive real-time notifications for document and template events. Copy MarkdownOpen [How Webhooks Work](https://docs.documenso.com/docs/developers/webhooks#how-webhooks-work) ------------------------------------------------------------------------------------------- 1. You configure a webhook URL in Documenso 2. When an event occurs, Documenso sends an HTTP POST to your URL 3. Your application processes the event and responds with 200 OK Documenso supports webhook events for the full document lifecycle (created, sent, opened, signed, completed, rejected, cancelled) as well as template events (created, updated, deleted, used). * * * [Getting Started](https://docs.documenso.com/docs/developers/webhooks#getting-started) --------------------------------------------------------------------------------------- [### Setup\ \ Configure webhook endpoints.](https://docs.documenso.com/docs/developers/webhooks/setup) [### Events\ \ Available webhook event types.](https://docs.documenso.com/docs/developers/webhooks/events) [### Verification\ \ Verify webhook signatures for security.](https://docs.documenso.com/docs/developers/webhooks/verification) * * * [Example Payload](https://docs.documenso.com/docs/developers/webhooks#example-payload) --------------------------------------------------------------------------------------- { "event": "DOCUMENT_COMPLETED", "payload": { "id": 123, "title": "Contract", "status": "COMPLETED", "completedAt": "2024-01-15T10:30:00.000Z", "recipients": [\ {\ "id": 1,\ "email": "signer@example.com",\ "signingStatus": "SIGNED"\ }\ ] }, "createdAt": "2024-01-15T10:30:00.000Z", "webhookEndpoint": "https://your-endpoint.com/webhook" } * * * [See Also](https://docs.documenso.com/docs/developers/webhooks#see-also) ------------------------------------------------------------------------- * [Document Lifecycle](https://docs.documenso.com/docs/concepts/document-lifecycle) - Understanding document statuses [Developer Mode\ \ Advanced development tools for debugging field IDs, recipient IDs, coordinates and integrating with the Documenso API.](https://docs.documenso.com/docs/developers/api/developer-mode) [Webhook Setup\ \ Configure webhooks to receive real-time notifications about document events.](https://docs.documenso.com/docs/developers/webhooks/setup) ### On this page [How Webhooks Work](https://docs.documenso.com/docs/developers/webhooks#how-webhooks-work) [Getting Started](https://docs.documenso.com/docs/developers/webhooks#getting-started) [Example Payload](https://docs.documenso.com/docs/developers/webhooks#example-payload) [See Also](https://docs.documenso.com/docs/developers/webhooks#see-also) --- # Manual Deployment | Documenso Docs [Deployment](https://docs.documenso.com/docs/self-hosting/deployment) Manual Deployment ================= Deploy Documenso on a Linux server without Docker using Node.js and systemd. Copy MarkdownOpen This guide is a community contribution and may not always reflect the latest changes. If you encounter issues, please refer to the [Docker](https://docs.documenso.com/docs/self-hosting/deployment/docker) or [Docker Compose](https://docs.documenso.com/docs/self-hosting/deployment/docker-compose) guides which are actively maintained. [Prerequisites](https://docs.documenso.com/docs/self-hosting/deployment/manual#prerequisites) ---------------------------------------------------------------------------------------------- * Node.js 20 or later * npm * PostgreSQL 14 or later * A Linux server (for systemd service setup) [Install and Build](https://docs.documenso.com/docs/self-hosting/deployment/manual#install-and-build) ------------------------------------------------------------------------------------------------------ ### [Clone the repository](https://docs.documenso.com/docs/self-hosting/deployment/manual#clone-the-repository) git clone https://github.com/documenso/documenso.git ### [Configure environment variables](https://docs.documenso.com/docs/self-hosting/deployment/manual#configure-environment-variables) Navigate to the `documenso` folder and create a `.env` file: cp .env.example .env Open the `.env` file and configure the required variables: NEXTAUTH_SECRET="your-secret-here" NEXT_PRIVATE_ENCRYPTION_KEY="your-encryption-key-min-32-chars" NEXT_PRIVATE_ENCRYPTION_SECONDARY_KEY="your-secondary-key-min-32-chars" NEXT_PUBLIC_WEBAPP_URL="https://your-domain.com" NEXT_PRIVATE_INTERNAL_WEBAPP_URL="http://localhost:3000" NEXT_PRIVATE_DATABASE_URL="postgresql://user:password@localhost:5432/documenso" NEXT_PRIVATE_DIRECT_DATABASE_URL="postgresql://user:password@localhost:5432/documenso" NEXT_PRIVATE_SMTP_FROM_NAME="Documenso" NEXT_PRIVATE_SMTP_FROM_ADDRESS="noreply@your-domain.com" If you use a reverse proxy in front of Documenso, set `NEXT_PUBLIC_WEBAPP_URL` to the public URL that users will access. ### [Install dependencies and build](https://docs.documenso.com/docs/self-hosting/deployment/manual#install-dependencies-and-build) npm ci npm run build npm run prisma:migrate-deploy ### [Start the application](https://docs.documenso.com/docs/self-hosting/deployment/manual#start-the-application) npm run start The server starts on `localhost:3000` by default. To use a different port, set the `PORT` environment variable in your `.env` file: PORT=3500 [Run as a systemd Service](https://docs.documenso.com/docs/self-hosting/deployment/manual#run-as-a-systemd-service) -------------------------------------------------------------------------------------------------------------------- Create a service file to run Documenso as a background service on Linux: # /etc/systemd/system/documenso.service [Unit] Description=Documenso After=network.target [Service] Type=simple User=www-data WorkingDirectory=/var/www/documenso EnvironmentFile=/var/www/documenso/.env ExecStart=/usr/bin/node apps/remix/build/server/main.js TimeoutSec=15 Restart=always [Install] WantedBy=multi-user.target The `EnvironmentFile` directive loads your `.env` file, so configuration (including `PORT`) is managed in one place. Alternatively, you can set environment variables directly in the service file with `Environment=` directives. Enable and start the service: sudo systemctl enable documenso sudo systemctl start documenso [Reverse Proxy with Nginx](https://docs.documenso.com/docs/self-hosting/deployment/manual#reverse-proxy-with-nginx) -------------------------------------------------------------------------------------------------------------------- A minimal Nginx configuration for proxying to Documenso: server { listen 80; server_name your-domain.com; location / { proxy_pass http://localhost:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_cache_bypass $http_upgrade; } } For production, configure SSL termination with Let's Encrypt or your preferred certificate provider. * * * [See Also](https://docs.documenso.com/docs/self-hosting/deployment/manual#see-also) ------------------------------------------------------------------------------------ * [Docker Deployment](https://docs.documenso.com/docs/self-hosting/deployment/docker) - Deploy using a standalone Docker container * [Docker Compose](https://docs.documenso.com/docs/self-hosting/deployment/docker-compose) - Deploy with Docker Compose * [Environment Variables](https://docs.documenso.com/docs/self-hosting/configuration/environment) - All configuration options * [Signing Certificate](https://docs.documenso.com/docs/self-hosting/configuration/signing-certificate) - Configure document signing certificates ### On this page [Prerequisites](https://docs.documenso.com/docs/self-hosting/deployment/manual#prerequisites) [Install and Build](https://docs.documenso.com/docs/self-hosting/deployment/manual#install-and-build) [Clone the repository](https://docs.documenso.com/docs/self-hosting/deployment/manual#clone-the-repository) [Configure environment variables](https://docs.documenso.com/docs/self-hosting/deployment/manual#configure-environment-variables) [Install dependencies and build](https://docs.documenso.com/docs/self-hosting/deployment/manual#install-dependencies-and-build) [Start the application](https://docs.documenso.com/docs/self-hosting/deployment/manual#start-the-application) [Run as a systemd Service](https://docs.documenso.com/docs/self-hosting/deployment/manual#run-as-a-systemd-service) [Reverse Proxy with Nginx](https://docs.documenso.com/docs/self-hosting/deployment/manual#reverse-proxy-with-nginx) [See Also](https://docs.documenso.com/docs/self-hosting/deployment/manual#see-also) --- # Manual Setup | Documenso Docs [Local Development](https://docs.documenso.com/docs/developers/local-development) Manual Setup ============ Manually set up Documenso on your machine for local development. Copy MarkdownOpen [Manual Setup](https://docs.documenso.com/docs/developers/local-development/manual#manual-setup) ================================================================================================= Follow these steps to set up Documenso on your local machine: ### [Fork Documenso](https://docs.documenso.com/docs/developers/local-development/manual#fork-documenso) Fork the [Documenso repository](https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/working-with-forks/about-forks) to your GitHub account. ### [Clone repository](https://docs.documenso.com/docs/developers/local-development/manual#clone-repository) After forking the repository, clone it to your local device by using the following command: git clone https://github.com//documenso ### [Install dependencies](https://docs.documenso.com/docs/developers/local-development/manual#install-dependencies) Run `npm i` in the root directory to install the dependencies required for the project. ### [Set up environment variables](https://docs.documenso.com/docs/developers/local-development/manual#set-up-environment-variables) Set up the following environment variables in the `.env` file: NEXTAUTH_SECRET NEXT_PUBLIC_WEBAPP_URL NEXT_PRIVATE_DATABASE_URL NEXT_PRIVATE_DIRECT_DATABASE_URL NEXT_PRIVATE_SMTP_FROM_NAME NEXT_PRIVATE_SMTP_FROM_ADDRESS Alternatively, you can run `cp .env.example .env` to get started with our handpicked defaults. See the [Environment Variables](https://docs.documenso.com/docs/self-hosting/configuration/environment) page for more information. ### [Create database schema](https://docs.documenso.com/docs/developers/local-development/manual#create-database-schema) Create the database schema by running the following command: npm run prisma:migrate-dev ### [Optional: seed the database](https://docs.documenso.com/docs/developers/local-development/manual#optional-seed-the-database) Seed the database with test data by running the following command: npm run prisma:seed -w @documenso/prisma ### [Start the application](https://docs.documenso.com/docs/developers/local-development/manual#start-the-application) Run `npm run dev` in the root directory to start the application. ### [Access the application](https://docs.documenso.com/docs/developers/local-development/manual#access-the-application) Access the Documenso application by visiting `http://localhost:3000` in your web browser. Optional: Create your signing certificate. To generate your own using these steps and a Linux Terminal or Windows Subsystem for Linux (WSL), see **[Create your signing certificate](https://docs.documenso.com/docs/developers/local-development/signing-certificate) **. [See Also](https://docs.documenso.com/docs/developers/local-development/manual#see-also) ----------------------------------------------------------------------------------------- * [Developer Quickstart](https://docs.documenso.com/docs/developers/local-development/quickstart) - Quick Docker-based setup * [Signing Certificate](https://docs.documenso.com/docs/developers/local-development/signing-certificate) - Create a signing certificate [Developer Quickstart\ \ Quickly set up Documenso on your machine for local development with Docker and Docker Compose.](https://docs.documenso.com/docs/developers/local-development/quickstart) [Signing Certificate\ \ Learn how to create a free, self-signed certificate for local development.](https://docs.documenso.com/docs/developers/local-development/signing-certificate) ### On this page [Manual Setup](https://docs.documenso.com/docs/developers/local-development/manual#manual-setup) [Fork Documenso](https://docs.documenso.com/docs/developers/local-development/manual#fork-documenso) [Clone repository](https://docs.documenso.com/docs/developers/local-development/manual#clone-repository) [Install dependencies](https://docs.documenso.com/docs/developers/local-development/manual#install-dependencies) [Set up environment variables](https://docs.documenso.com/docs/developers/local-development/manual#set-up-environment-variables) [Create database schema](https://docs.documenso.com/docs/developers/local-development/manual#create-database-schema) [Optional: seed the database](https://docs.documenso.com/docs/developers/local-development/manual#optional-seed-the-database) [Start the application](https://docs.documenso.com/docs/developers/local-development/manual#start-the-application) [Access the application](https://docs.documenso.com/docs/developers/local-development/manual#access-the-application) [See Also](https://docs.documenso.com/docs/developers/local-development/manual#see-also) --- # Quick Start | Documenso Docs [Getting Started](https://docs.documenso.com/docs/self-hosting/getting-started) Quick Start =========== Get Documenso running locally in minutes with Docker Compose. Copy MarkdownOpen [Limitations](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#limitations) ---------------------------------------------------------------------------------------------------- This quick start setup is for local development and testing only: * No HTTPS (not suitable for production) * No email delivery (emails are logged to console) * Uses a local PostgreSQL database * No signing certificate configured (documents will be signed with a generated certificate) * Single-node setup (no high availability) For production deployments, see [Docker Compose Deployment](https://docs.documenso.com/docs/self-hosting/deployment/docker-compose) . [Prerequisites](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#prerequisites) -------------------------------------------------------------------------------------------------------- * [Docker](https://docs.docker.com/get-docker/) installed and running * [Docker Compose](https://docs.docker.com/compose/install/) v2.0 or later * At least 2GB of available RAM Verify your installation: docker --version docker compose version [Quick Start](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#quick-start) ---------------------------------------------------------------------------------------------------- ### [Clone the repository](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#clone-the-repository) git clone https://github.com/documenso/documenso.git cd documenso ### [Create the environment file](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#create-the-environment-file) Copy the example environment file: cp .env.example .env The default values work for local development. No changes are required. ### [Start Documenso](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#start-documenso) docker compose -f docker/development/compose.yml up -d This pulls the required images and starts the containers. The first run takes a few minutes. ### [Access the application](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#access-the-application) Open [http://localhost:3000](http://localhost:3000/) in your browser. [Create Your First Account](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#create-your-first-account) -------------------------------------------------------------------------------------------------------------------------------- ### [Sign up](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#sign-up) Click **Sign Up** on the login page and enter your email address and password. ### [Verify your email](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#verify-your-email) In development mode, emails are logged to the console instead of being sent. Check the Docker logs for the verification link: docker compose -f docker/development/compose.yml logs -f Copy the verification link from the logs and open it in your browser. ### [Log in](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#log-in) Log in with your credentials. ### [Granting Admin Access](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#granting-admin-access) All accounts created through signup are regular user accounts. To grant admin access, update the user's role directly in the database: docker compose -f docker/development/compose.yml exec database \ psql -U documenso -d documenso -c "UPDATE \"User\" SET roles = '{ADMIN}' WHERE email = 'your@email.com';" [What's Included](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#whats-included) ----------------------------------------------------------------------------------------------------------- The quick start setup runs the following containers: | Container | Purpose | Port | | --- | --- | --- | | `documenso` | Main application | 3000 | | `database` | PostgreSQL database | 54320 | | `maildev` | Local email testing server | 2500 | | `minio` | S3-compatible storage (optional) | 9000 | [Useful Commands](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#useful-commands) ------------------------------------------------------------------------------------------------------------ **View logs:** docker compose -f docker/development/compose.yml logs -f **Stop containers:** docker compose -f docker/development/compose.yml down **Stop and remove all data:** docker compose -f docker/development/compose.yml down -v **Rebuild after changes:** docker compose -f docker/development/compose.yml up -d --build [Troubleshooting](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#troubleshooting) ------------------------------------------------------------------------------------------------------------ ### Port 3000 already in use ### Container fails to start ### Cannot access localhost:3000 * * * [See Also](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#see-also) ---------------------------------------------------------------------------------------------- * [Docker Compose Deployment](https://docs.documenso.com/docs/self-hosting/deployment/docker-compose) - Production setup with PostgreSQL and email * [Environment Variables](https://docs.documenso.com/docs/self-hosting/configuration/environment) - Configure all available options * [Signing Certificate](https://docs.documenso.com/docs/self-hosting/configuration/signing-certificate) - Set up document signing * [Email Configuration](https://docs.documenso.com/docs/self-hosting/configuration/email) - Configure SMTP for production ### On this page [Limitations](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#limitations) [Prerequisites](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#prerequisites) [Quick Start](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#quick-start) [Clone the repository](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#clone-the-repository) [Create the environment file](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#create-the-environment-file) [Start Documenso](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#start-documenso) [Access the application](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#access-the-application) [Create Your First Account](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#create-your-first-account) [Sign up](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#sign-up) [Verify your email](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#verify-your-email) [Log in](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#log-in) [Granting Admin Access](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#granting-admin-access) [What's Included](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#whats-included) [Useful Commands](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#useful-commands) [Troubleshooting](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#troubleshooting) [See Also](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start#see-also) --- # Requirements | Documenso Docs [Getting Started](https://docs.documenso.com/docs/self-hosting/getting-started) Requirements ============ System requirements and prerequisites for self-hosting Documenso. Copy MarkdownOpen [What You Need](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#what-you-need) --------------------------------------------------------------------------------------------------------- Documenso requires the following external services: | Service | Purpose | Minimum Version | | --- | --- | --- | | PostgreSQL | Primary database | 14+ | | SMTP server | Sending emails to recipients | Any | | Reverse proxy | SSL termination, routing | Any | ### [PostgreSQL Database](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#postgresql-database) Documenso uses PostgreSQL for all data storage including documents, users, and audit logs. You cannot use MySQL, SQLite, or other databases. Documenso requires two connection strings: * **Pooled connection** (`NEXT_PRIVATE_DATABASE_URL`) - For general application queries * **Direct connection** (`NEXT_PRIVATE_DIRECT_DATABASE_URL`) - For migrations and operations that require a direct connection If you're not using a connection pooler (like PgBouncer), both can point to the same database URL. ### [Email Server](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#email-server) Documenso sends transactional emails for: * Document signing requests * Signing reminders * Completion notifications * Password resets and verification Supported transports: | Transport | Use Case | | --- | --- | | `smtp-auth` | Standard SMTP with username/password | | `smtp-api` | SMTP with API key authentication | | `resend` | Resend.com API | | `mailchannels` | MailChannels API | Without a working email configuration, recipients cannot receive signing requests. Configure email before going to production. ### [Reverse Proxy](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#reverse-proxy) For production deployments, place Documenso behind a reverse proxy such as: * nginx * Caddy * Traefik * HAProxy * Cloud load balancers (AWS ALB, GCP Load Balancer, etc.) The reverse proxy handles SSL/TLS termination and forwards requests to Documenso on port 3000. * * * [Optional Services](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#optional-services) ----------------------------------------------------------------------------------------------------------------- These services are not required but improve functionality or scalability: | Service | Purpose | | --- | --- | | S3-compatible storage | Store documents externally (recommended) | ### [Document Storage](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#document-storage) By default, Documenso stores documents in the PostgreSQL database. For production deployments with significant document volume, use S3-compatible storage: * Amazon S3 * MinIO * Cloudflare R2 * DigitalOcean Spaces * Any S3-compatible provider See [Storage Configuration](https://docs.documenso.com/docs/self-hosting/configuration/storage) for setup details. ### [Background Jobs](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#background-jobs) Documenso processes background jobs (email delivery, document processing) using a PostgreSQL-based queue by default. No additional services are required: the job queue is built into the application and uses your existing database. For production deployments that need higher throughput or more reliable job processing, Documenso supports [BullMQ](https://docs.bullmq.io/) as an alternative provider. BullMQ requires a **Redis** instance (v6.2+). Set `NEXT_PRIVATE_JOBS_PROVIDER=bullmq` and configure `NEXT_PRIVATE_REDIS_URL`. For managed/cloud deployments, [Inngest](https://www.inngest.com/) is also supported as a job provider. Set `NEXT_PRIVATE_JOBS_PROVIDER=inngest` and configure `INNGEST_EVENT_KEY` and `INNGEST_SIGNING_KEY`. See [Background Jobs Configuration](https://docs.documenso.com/docs/self-hosting/configuration/background-jobs) for full details. * * * [Hardware Requirements](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#hardware-requirements) ------------------------------------------------------------------------------------------------------------------------- ### [Minimum (Testing/Development)](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#minimum-testingdevelopment) | Resource | Requirement | | --- | --- | | CPU | 1 core | | RAM | 1 GB | | Storage | 10 GB | ### [Recommended (Production)](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#recommended-production) | Resource | Requirement | | --- | --- | | CPU | 2+ cores | | RAM | 2+ GB | | Storage | 20+ GB | Storage requirements depend on document volume. If using external S3 storage, local storage needs are minimal. If storing documents in the database, plan for growth accordingly. * * * [Build Requirements](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#build-requirements) ------------------------------------------------------------------------------------------------------------------- If building from source (not using Docker images): | Requirement | Version | | --- | --- | | Node.js | 18+ | | npm | 8+ | * * * [Supported Platforms](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#supported-platforms) --------------------------------------------------------------------------------------------------------------------- Documenso runs on: * **Linux** - Any modern distribution (Ubuntu, Debian, CentOS, Alpine) * **Docker** - Official images available on DockerHub and GitHub Container Registry * **Kubernetes** - Helm charts and manifests available * **PaaS providers** - Railway, Render, Koyeb (one-click deploys available) * * * [What's NOT Supported](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#whats-not-supported) ---------------------------------------------------------------------------------------------------------------------- The following configurations are not supported and may not work correctly. | Configuration | Reason | | --- | --- | | Windows native | Use Docker or WSL2 instead | | MySQL/MariaDB | PostgreSQL-specific features required | | SQLite | Not suitable for production workloads | | MongoDB | Relational database required | | Node.js < 18 | Modern JavaScript features required | * * * [Checklist](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#checklist) ------------------------------------------------------------------------------------------------- Before proceeding to deployment, confirm you have: * [ ] PostgreSQL 14+ database accessible * [ ] SMTP credentials or email provider API key * [ ] Signing certificate (`.p12`) for document signing — see [Tips](https://docs.documenso.com/docs/self-hosting/getting-started/tips) * [ ] Domain name for your Documenso instance * [ ] SSL certificate (or reverse proxy that handles SSL) * [ ] Server meeting minimum hardware requirements * * * [See Also](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#see-also) ----------------------------------------------------------------------------------------------- * [Quick Start](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start) - Deploy Documenso with Docker in 5 minutes * [Docker Compose](https://docs.documenso.com/docs/self-hosting/deployment/docker-compose) - Production setup with Docker Compose * [Environment Variables](https://docs.documenso.com/docs/self-hosting/configuration/environment) - Full configuration reference ### On this page [What You Need](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#what-you-need) [PostgreSQL Database](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#postgresql-database) [Email Server](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#email-server) [Reverse Proxy](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#reverse-proxy) [Optional Services](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#optional-services) [Document Storage](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#document-storage) [Background Jobs](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#background-jobs) [Hardware Requirements](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#hardware-requirements) [Minimum (Testing/Development)](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#minimum-testingdevelopment) [Recommended (Production)](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#recommended-production) [Build Requirements](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#build-requirements) [Supported Platforms](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#supported-platforms) [What's NOT Supported](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#whats-not-supported) [Checklist](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#checklist) [See Also](https://docs.documenso.com/docs/self-hosting/getting-started/requirements#see-also) --- # Configuration | Documenso Docs Configuration ============= Configure your self-hosted Documenso instance with environment variables, database, email, storage, and signing. Copy MarkdownOpen [### Environment Variables\ \ Complete reference of all configuration options.](https://docs.documenso.com/docs/self-hosting/configuration/environment) [### Database\ \ PostgreSQL setup and configuration.](https://docs.documenso.com/docs/self-hosting/configuration/database) [### Email\ \ SMTP and email delivery configuration.](https://docs.documenso.com/docs/self-hosting/configuration/email) [### Storage\ \ File storage with S3 or compatible services.](https://docs.documenso.com/docs/self-hosting/configuration/storage) [### Signing Certificate\ \ Digital signature certificate setup.](https://docs.documenso.com/docs/self-hosting/configuration/signing-certificate) [Required Configuration](https://docs.documenso.com/docs/self-hosting/configuration#required-configuration) ------------------------------------------------------------------------------------------------------------ At minimum, you need to configure: 1. **Database** - PostgreSQL connection 2. **Email** - SMTP for sending notifications 3. **Base URL** - Your instance's public URL * * * [See Also](https://docs.documenso.com/docs/self-hosting/configuration#see-also) -------------------------------------------------------------------------------- * [Quick Start](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start) - Get running first, configure later * [Troubleshooting](https://docs.documenso.com/docs/self-hosting/maintenance/troubleshooting) - Common configuration issues ### On this page [Required Configuration](https://docs.documenso.com/docs/self-hosting/configuration#required-configuration) [See Also](https://docs.documenso.com/docs/self-hosting/configuration#see-also) --- # Signing Certificate | Documenso Docs [Local Development](https://docs.documenso.com/docs/developers/local-development) Signing Certificate =================== Learn how to create a free, self-signed certificate for local development. Copy MarkdownOpen [Create Your Signing Certificate](https://docs.documenso.com/docs/developers/local-development/signing-certificate#create-your-signing-certificate) ==================================================================================================================================================== Digitally signing documents requires a signing certificate in `.p12` format. You can either purchase one or create a free self-signed certificate. Follow the steps below to create a free, self-signed certificate for local development. These steps should be run on a UNIX based system, otherwise you may run into an error. ### [Generate private key](https://docs.documenso.com/docs/developers/local-development/signing-certificate#generate-private-key) Generate a private key using OpenSSL by running the following command: openssl genrsa -out private.key 2048 This command generates a 2048-bit RSA key. ### [Generate self-signed certificate](https://docs.documenso.com/docs/developers/local-development/signing-certificate#generate-self-signed-certificate) Using the private key, generate a self-signed certificate by running the following command: openssl req -new -x509 -key private.key -out certificate.crt -days 365 You will be prompted to enter some information, such as the certificate's Common Name (CN). Ensure that you provide the correct details. The `—days` parameter specifies the certificate's validity period. ### [Create `p12` certificate](https://docs.documenso.com/docs/developers/local-development/signing-certificate#create-p12-certificate) Combine the private key and the self-signed certificate to create a `.p12` certificate. Use the following command: openssl pkcs12 -export -out certificate.p12 -inkey private.key -in certificate.crt -legacy When running the application in Docker, you may encounter permission issues when attempting to sign documents using your certificate (.p12) file. This happens because the application runs as a non-root user inside the container and needs read access to the certificate. To resolve this, you'll need to update the certificate file permissions to allow the container user 1001, which runs NextJS, to read it: sudo chown 1001 certificate.p12 ### [`p12` certificate password](https://docs.documenso.com/docs/developers/local-development/signing-certificate#p12-certificate-password) When you create the `.p12` certificate, you will be prompted to enter a password. Enter a strong password and keep it secure. Remember this password, as it will be required when using the certificate. Note that for local development, the password can be left empty. ### [Add certificate to the project](https://docs.documenso.com/docs/developers/local-development/signing-certificate#add-certificate-to-the-project) Use the `NEXT_PRIVATE_SIGNING_LOCAL_FILE_PATH` environment variable to point at the certificate you created. Details about environment variables associated with certificates can be found [here](https://docs.documenso.com/docs/self-hosting/configuration/signing-certificate) . [See Also](https://docs.documenso.com/docs/developers/local-development/signing-certificate#see-also) ------------------------------------------------------------------------------------------------------ * [Signing Certificates (Self-Hosting)](https://docs.documenso.com/docs/self-hosting/configuration/signing-certificate) - Production certificate configuration * [Signing Certificates (Concepts)](https://docs.documenso.com/docs/concepts/signing-certificates) - How digital signing works [Manual Setup\ \ Manually set up Documenso on your machine for local development.](https://docs.documenso.com/docs/developers/local-development/manual) [Translations\ \ Handling translations in code.](https://docs.documenso.com/docs/developers/local-development/translations) ### On this page [Create Your Signing Certificate](https://docs.documenso.com/docs/developers/local-development/signing-certificate#create-your-signing-certificate) [Generate private key](https://docs.documenso.com/docs/developers/local-development/signing-certificate#generate-private-key) [Generate self-signed certificate](https://docs.documenso.com/docs/developers/local-development/signing-certificate#generate-self-signed-certificate) [Create `p12` certificate](https://docs.documenso.com/docs/developers/local-development/signing-certificate#create-p12-certificate) [`p12` certificate password](https://docs.documenso.com/docs/developers/local-development/signing-certificate#p12-certificate-password) [Add certificate to the project](https://docs.documenso.com/docs/developers/local-development/signing-certificate#add-certificate-to-the-project) [See Also](https://docs.documenso.com/docs/developers/local-development/signing-certificate#see-also) --- # Translations | Documenso Docs [Local Development](https://docs.documenso.com/docs/developers/local-development) Translations ============ Handling translations in code. Copy MarkdownOpen [Overview](https://docs.documenso.com/docs/developers/local-development/translations#overview) ----------------------------------------------------------------------------------------------- Documenso uses the following stack to handle translations: * [Lingui](https://lingui.dev/) - React i10n library * [Crowdin](https://crowdin.com/) - Handles syncing translations * [OpenAI](https://openai.com/) - Provides AI translations Additional reading can be found in the [Lingui documentation](https://lingui.dev/introduction) . [Quick Guide](https://docs.documenso.com/docs/developers/local-development/translations#quick-guide) ----------------------------------------------------------------------------------------------------- If you require more in-depth information, please see the [Lingui documentation](https://lingui.dev/introduction) . ### [HTML](https://docs.documenso.com/docs/developers/local-development/translations#html) Wrap all text to translate in **``** tags exported from **@lingui/react/macro**.

Title

For text that is broken into elements, but represent a whole sentence, you must wrap it in a Trans tag so ensure the full message is extracted correctly.

This is one full sentence

### [Constants outside of react components](https://docs.documenso.com/docs/developers/local-development/translations#constants-outside-of-react-components) import { msg } from '@lingui/core/macro'; import { useLingui } from '@lingui/react'; import { Trans } from '@lingui/react/macro'; // Wrap text in msg`text to translate` when it's in a constant here, or another file/package. export const CONSTANT_WITH_MSG = { foo: msg`Hello`, bar: msg`World`, }; export const SomeComponent = () => { const { _ } = useLingui(); return (
{/* This will render the correct translated text. */}

{_(CONSTANT_WITH_MSG.foo)}

); }; ### [Plurals](https://docs.documenso.com/docs/developers/local-development/translations#plurals) Lingui provides a Plural component to make it easy. See full documentation [here.](https://lingui.dev/ref/macro#plural-1) // Basic usage. ### [Dates](https://docs.documenso.com/docs/developers/local-development/translations#dates) Lingui provides a [DateTime instance](https://lingui.dev/ref/core#i18n.date) with the configured locale. import { Trans } from '@lingui/macro'; import { useLingui } from '@lingui/react'; export const SomeComponent = () => { const { i18n } = useLingui(); return The current date is {i18n.date(new Date(), { dateStyle: 'short' })}; }; [See Also](https://docs.documenso.com/docs/developers/local-development/translations#see-also) ----------------------------------------------------------------------------------------------- * [Contributing Translations](https://docs.documenso.com/docs/developers/contributing/contributing-translations) - Help translate Documenso [Signing Certificate\ \ Learn how to create a free, self-signed certificate for local development.](https://docs.documenso.com/docs/developers/local-development/signing-certificate) [Run in Gitpod\ \ Get started with Documenso in a ready-to-use Gitpod workspace in your browser.](https://docs.documenso.com/docs/developers/local-development/gitpod) ### On this page [Overview](https://docs.documenso.com/docs/developers/local-development/translations#overview) [Quick Guide](https://docs.documenso.com/docs/developers/local-development/translations#quick-guide) [HTML](https://docs.documenso.com/docs/developers/local-development/translations#html) [Constants outside of react components](https://docs.documenso.com/docs/developers/local-development/translations#constants-outside-of-react-components) [Plurals](https://docs.documenso.com/docs/developers/local-development/translations#plurals) [Dates](https://docs.documenso.com/docs/developers/local-development/translations#dates) [See Also](https://docs.documenso.com/docs/developers/local-development/translations#see-also) --- # Telemetry | Documenso Docs [Configuration](https://docs.documenso.com/docs/self-hosting/configuration) Telemetry ========= Learn about the telemetry data that Documenso collects from self-hosted instances. Copy MarkdownOpen [Overview](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#overview) ------------------------------------------------------------------------------------------ Documenso collects anonymous telemetry data from self-hosted instances to help us understand how the software is being used and make improvements to the product. This telemetry is enabled by default, but you can easily disable it if you prefer. [What We Collect](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#what-we-collect) -------------------------------------------------------------------------------------------------------- We collect minimal, privacy-preserving information that helps us understand the health and adoption of self-hosted installations: * **App Version**: The version of Documenso you are running. This helps us understand which versions are in use and prioritize support for older versions. * **Installation ID**: A unique identifier for your installation. This is stored in your database and helps us count distinct installations without knowing who you are. * **Node ID**: A unique identifier for each server or container instance. This is stored in your operating system's temporary directory and helps us understand deployment patterns (for example, how many instances are running in a cluster). ### [What We Don't Collect](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#what-we-dont-collect) We do **not** collect any of the following: * Personal information about you or your users * Document contents or file names * User email addresses or names * Usage patterns or feature usage statistics * Server logs or error messages * Any data that could identify your organisation or users [Why We Collect Telemetry](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#why-we-collect-telemetry) -------------------------------------------------------------------------------------------------------------------------- The telemetry data we collect serves several important purposes: ### Product Improvement ### Support Planning ### Feature Development ### Community Health All of this is done anonymously and in aggregate. We cannot identify you, your organisation, or your users from the telemetry data we collect. [Events We Track](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#events-we-track) -------------------------------------------------------------------------------------------------------- We track two simple events: Server StartupServer Heartbeat Captured once when your server starts. This tells us when installations are first set up or restarted. Captured every hour while your server is running. This helps us understand how many active installations exist and their uptime patterns. [How to Disable Telemetry](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#how-to-disable-telemetry) -------------------------------------------------------------------------------------------------------------------------- If you prefer not to send telemetry data, you can disable it by setting an environment variable. ### [Using Environment Variables](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#using-environment-variables) Add the following to your environment configuration: DOCUMENSO_DISABLE_TELEMETRY=true ### [Docker](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#docker) If you're using Docker, you can set this in your `docker-compose.yml`: services: app: environment: - DOCUMENSO_DISABLE_TELEMETRY=true Or pass it when running a container: docker run -e DOCUMENSO_DISABLE_TELEMETRY=true ... ### [After Disabling](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#after-disabling) Once you set `DOCUMENSO_DISABLE_TELEMETRY=true` and restart your server, no telemetry data will be sent. The telemetry client will not initialize, and no network requests will be made to our telemetry servers. If you previously had telemetry enabled, the installation ID stored in your database will remain, but it will no longer be used or sent anywhere. [Questions or Concerns](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#questions-or-concerns) -------------------------------------------------------------------------------------------------------------------- If you have questions about our telemetry practices or concerns about privacy, please reach out to us. We're committed to transparency and respect your choice to disable telemetry if you prefer. * * * [See Also](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#see-also) ------------------------------------------------------------------------------------------ * [Environment Variables](https://docs.documenso.com/docs/self-hosting/configuration/environment) - All configuration options * [Quick Start](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start) - Get started with self-hosting ### On this page [Overview](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#overview) [What We Collect](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#what-we-collect) [What We Don't Collect](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#what-we-dont-collect) [Why We Collect Telemetry](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#why-we-collect-telemetry) [Events We Track](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#events-we-track) [How to Disable Telemetry](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#how-to-disable-telemetry) [Using Environment Variables](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#using-environment-variables) [Docker](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#docker) [After Disabling](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#after-disabling) [Questions or Concerns](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#questions-or-concerns) [See Also](https://docs.documenso.com/docs/self-hosting/configuration/telemetry#see-also) --- # Tips & Common Pitfalls | Documenso Docs [Getting Started](https://docs.documenso.com/docs/self-hosting/getting-started) Tips & Common Pitfalls ====================== Practical advice for running Documenso in production. Copy MarkdownOpen [Always Configure a Signing Certificate](https://docs.documenso.com/docs/self-hosting/getting-started/tips#always-configure-a-signing-certificate) --------------------------------------------------------------------------------------------------------------------------------------------------- This is the single most common issue when self-hosting Documenso. Without a signing certificate, the application starts normally but document signing fails. Documenso does **not** bundle a [signing certificate](https://docs.documenso.com/docs/self-hosting/configuration/signing-certificate) in the Docker image. You must provide one yourself using one of two methods: ### [Volume Mount (Recommended)](https://docs.documenso.com/docs/self-hosting/getting-started/tips#volume-mount-recommended) Mount your `.p12` certificate file into the container at the default path: docker run -d \ -v /path/to/your/cert.p12:/opt/documenso/cert.p12:ro \ -e NEXT_PRIVATE_SIGNING_PASSPHRASE="your-certificate-password" \ documenso/documenso:latest The default certificate path inside the container is `/opt/documenso/cert.p12`. You can change this with `NEXT_PRIVATE_SIGNING_LOCAL_FILE_PATH`. ### [Base64 Environment Variable](https://docs.documenso.com/docs/self-hosting/getting-started/tips#base64-environment-variable) For platforms that don't support volume mounts (Railway, Render, etc.), encode the certificate and pass it as an environment variable: # Encode the certificate (no line breaks) base64 -w 0 certificate.p12 # Linux base64 -i certificate.p12 # macOS Then set: NEXT_PRIVATE_SIGNING_LOCAL_FILE_CONTENTS= NEXT_PRIVATE_SIGNING_PASSPHRASE=your-certificate-password `NEXT_PRIVATE_SIGNING_LOCAL_FILE_CONTENTS` takes precedence over `NEXT_PRIVATE_SIGNING_LOCAL_FILE_PATH` if both are set. ### [Verify Your Certificate](https://docs.documenso.com/docs/self-hosting/getting-started/tips#verify-your-certificate) After starting Documenso, check the certificate status endpoint: curl http://localhost:3000/api/certificate-status The startup script also checks for the certificate and prints a warning if it's missing. * * * [Certificate Password is Required](https://docs.documenso.com/docs/self-hosting/getting-started/tips#certificate-password-is-required) --------------------------------------------------------------------------------------------------------------------------------------- Certificates without a password cause signing to fail with: Error: Failed to get private key bags Always set a password when creating your `.p12` certificate. When using OpenSSL, set the password during the export step and provide it to Documenso via `NEXT_PRIVATE_SIGNING_PASSPHRASE`. * * * [Use the Health Check Endpoints](https://docs.documenso.com/docs/self-hosting/getting-started/tips#use-the-health-check-endpoints) ----------------------------------------------------------------------------------------------------------------------------------- Documenso exposes two endpoints for monitoring: | Endpoint | Purpose | | --- | --- | | `/api/health` | Returns 200 if the application is up | | `/api/certificate-status` | Detailed signing certificate status | Use `/api/health` for container orchestration health checks (Docker, Kubernetes). Use `/api/certificate-status` to debug signing issues. It reports whether a certificate is configured, its type, and any errors. * * * [Pin Your Docker Image Version](https://docs.documenso.com/docs/self-hosting/getting-started/tips#pin-your-docker-image-version) --------------------------------------------------------------------------------------------------------------------------------- Use a specific version tag in production: # Good — predictable, reproducible docker pull documenso/documenso:1.8.0 # Risky — may pull breaking changes docker pull documenso/documenso:latest Check the [GitHub releases](https://github.com/documenso/documenso/releases) page for available versions. * * * [Migrations Run Automatically on Startup](https://docs.documenso.com/docs/self-hosting/getting-started/tips#migrations-run-automatically-on-startup) ----------------------------------------------------------------------------------------------------------------------------------------------------- The Docker container runs `prisma migrate deploy` every time it starts. This means: * **Upgrades are simple**: pull the new image, restart the container, and migrations apply automatically. * **Always back up your database before upgrading**: if a migration fails, you need a way to restore. * **First startup takes longer**: the initial migration creates all tables. * * * [Set Internal Webapp URL for Background Jobs](https://docs.documenso.com/docs/self-hosting/getting-started/tips#set-internal-webapp-url-for-background-jobs) ------------------------------------------------------------------------------------------------------------------------------------------------------------- Background jobs work by Documenso sending HTTP requests to itself. If your reverse proxy or network setup causes issues with the app reaching its own public URL, set the internal URL: NEXT_PRIVATE_INTERNAL_WEBAPP_URL=http://localhost:3000 This tells the job system to use the internal address instead of `NEXT_PUBLIC_WEBAPP_URL` for self-requests. * * * [Database Storage vs S3](https://docs.documenso.com/docs/self-hosting/getting-started/tips#database-storage-vs-s3) ------------------------------------------------------------------------------------------------------------------- Documents are stored in PostgreSQL by default (`NEXT_PUBLIC_UPLOAD_TRANSPORT=database`). This works well for small-to-medium deployments and keeps your infrastructure simple. For high-volume deployments, switch to S3-compatible storage to keep your database lean: NEXT_PUBLIC_UPLOAD_TRANSPORT=s3 NEXT_PRIVATE_UPLOAD_BUCKET=documenso-documents NEXT_PRIVATE_UPLOAD_REGION=us-east-1 NEXT_PRIVATE_UPLOAD_ACCESS_KEY_ID=your-key NEXT_PRIVATE_UPLOAD_SECRET_ACCESS_KEY=your-secret Any S3-compatible provider works: AWS S3, MinIO, Cloudflare R2, DigitalOcean Spaces. See [Storage Configuration](https://docs.documenso.com/docs/self-hosting/configuration/storage) for full setup details. * * * [Background Jobs](https://docs.documenso.com/docs/self-hosting/getting-started/tips#background-jobs) ----------------------------------------------------------------------------------------------------- Documenso uses a PostgreSQL-based job queue by default (`local` provider). No Redis or external message broker is required for basic deployments. For production workloads, consider switching to **Inngest** (managed) or **BullMQ** (self-hosted with Redis) for better reliability and throughput. See [Background Jobs Configuration](https://docs.documenso.com/docs/self-hosting/configuration/background-jobs) for setup instructions and provider comparison. * * * [Docker File Permissions](https://docs.documenso.com/docs/self-hosting/getting-started/tips#docker-file-permissions) --------------------------------------------------------------------------------------------------------------------- The Documenso container runs as a non-root user (UID 1001). If you mount files into the container (certificates, configuration), ensure they're readable: # On the host, before mounting chmod 644 cert.p12 chown 1001:1001 cert.p12 If you see `EACCES: permission denied` errors, this is almost always the cause. * * * [See Also](https://docs.documenso.com/docs/self-hosting/getting-started/tips#see-also) --------------------------------------------------------------------------------------- * [Requirements](https://docs.documenso.com/docs/self-hosting/getting-started/requirements) - What you need before deploying * [Quick Start](https://docs.documenso.com/docs/self-hosting/getting-started/quick-start) - Get running in 5 minutes * [Signing Certificate](https://docs.documenso.com/docs/self-hosting/configuration/signing-certificate) - Full certificate setup guide * [Troubleshooting](https://docs.documenso.com/docs/self-hosting/maintenance/troubleshooting) - Detailed error resolution ### On this page [Always Configure a Signing Certificate](https://docs.documenso.com/docs/self-hosting/getting-started/tips#always-configure-a-signing-certificate) [Volume Mount (Recommended)](https://docs.documenso.com/docs/self-hosting/getting-started/tips#volume-mount-recommended) [Base64 Environment Variable](https://docs.documenso.com/docs/self-hosting/getting-started/tips#base64-environment-variable) [Verify Your Certificate](https://docs.documenso.com/docs/self-hosting/getting-started/tips#verify-your-certificate) [Certificate Password is Required](https://docs.documenso.com/docs/self-hosting/getting-started/tips#certificate-password-is-required) [Use the Health Check Endpoints](https://docs.documenso.com/docs/self-hosting/getting-started/tips#use-the-health-check-endpoints) [Pin Your Docker Image Version](https://docs.documenso.com/docs/self-hosting/getting-started/tips#pin-your-docker-image-version) [Migrations Run Automatically on Startup](https://docs.documenso.com/docs/self-hosting/getting-started/tips#migrations-run-automatically-on-startup) [Set Internal Webapp URL for Background Jobs](https://docs.documenso.com/docs/self-hosting/getting-started/tips#set-internal-webapp-url-for-background-jobs) [Database Storage vs S3](https://docs.documenso.com/docs/self-hosting/getting-started/tips#database-storage-vs-s3) [Background Jobs](https://docs.documenso.com/docs/self-hosting/getting-started/tips#background-jobs) [Docker File Permissions](https://docs.documenso.com/docs/self-hosting/getting-started/tips#docker-file-permissions) [See Also](https://docs.documenso.com/docs/self-hosting/getting-started/tips#see-also) --- # Webhook Verification | Documenso Docs [Webhooks](https://docs.documenso.com/docs/developers/webhooks) Webhook Verification ==================== Verify webhook signatures for security. Copy MarkdownOpen [Overview](https://docs.documenso.com/docs/developers/webhooks/verification#overview) -------------------------------------------------------------------------------------- Verifying webhook requests ensures that incoming payloads originate from Documenso and have not been tampered with. Without verification, attackers could forge requests to your endpoint and trigger unintended actions. [How Documenso Signs Webhooks](https://docs.documenso.com/docs/developers/webhooks/verification#how-documenso-signs-webhooks) ------------------------------------------------------------------------------------------------------------------------------ When you configure a webhook with a secret, Documenso includes that secret in every webhook request via the `X-Documenso-Secret` header. Your server should compare this header value against your stored secret to authenticate the request. POST /your-webhook-endpoint HTTP/1.1 Host: your-server.com Content-Type: application/json X-Documenso-Secret: your_webhook_secret_here {"event": "DOCUMENT_COMPLETED", "payload": {...}} [Signature Header Format](https://docs.documenso.com/docs/developers/webhooks/verification#signature-header-format) -------------------------------------------------------------------------------------------------------------------- | Header | Description | | --- | --- | | `X-Documenso-Secret` | The secret key you configured when creating the webhook | The header contains your webhook secret as a plain string. If you did not configure a secret, the header will be an empty string. [Verification Steps](https://docs.documenso.com/docs/developers/webhooks/verification#verification-steps) ---------------------------------------------------------------------------------------------------------- Extract the `X-Documenso-Secret` header from the incoming request Compare it against your stored webhook secret using a constant-time comparison Reject the request if the values do not match Process the webhook payload if verification succeeds Always use constant-time string comparison to prevent timing attacks. Standard equality operators (`===` or `==`) can leak information about the secret through response time variations. [Code Examples](https://docs.documenso.com/docs/developers/webhooks/verification#code-examples) ------------------------------------------------------------------------------------------------ Node.js (Express)Python (Flask) const express = require('express'); const crypto = require('crypto'); const app = express(); app.use(express.json()); const WEBHOOK_SECRET = process.env.DOCUMENSO_WEBHOOK_SECRET; function verifyWebhookSignature(receivedSecret, expectedSecret) { if (!expectedSecret) { // No secret configured, skip verification // Not recommended for production return true; } if (!receivedSecret) { return false; } // Use constant-time comparison to prevent timing attacks try { return crypto.timingSafeEqual( Buffer.from(receivedSecret), Buffer.from(expectedSecret), ); } catch { return false; } } app.post('/webhooks/documenso', (req, res) => { const receivedSecret = req.headers['x-documenso-secret']; if (!verifyWebhookSignature(receivedSecret, WEBHOOK_SECRET)) { console.error('Webhook verification failed'); return res.status(401).json({ error: 'Invalid signature' }); } // Signature verified, process the webhook const { event, payload } = req.body; console.log(`Verified webhook: ${event}`); // Process the event... res.status(200).json({ received: true }); }); app.listen(3000, () => { console.log('Webhook server running on port 3000'); }); import hmac import os from flask import Flask, request, jsonify app = Flask(__name__) WEBHOOK_SECRET = os.environ.get('DOCUMENSO_WEBHOOK_SECRET') def verify_webhook_signature(received_secret, expected_secret): """Verify the webhook signature using constant-time comparison.""" if not expected_secret: # No secret configured, skip verification # Not recommended for production return True if not received_secret: return False # Use constant-time comparison to prevent timing attacks return hmac.compare_digest(received_secret, expected_secret) @app.route('/webhooks/documenso', methods=['POST']) def handle_webhook(): received_secret = request.headers.get('X-Documenso-Secret', '') if not verify_webhook_signature(received_secret, WEBHOOK_SECRET): print('Webhook verification failed') return jsonify({'error': 'Invalid signature'}), 401 # Signature verified, process the webhook data = request.get_json() event = data.get('event') payload = data.get('payload') print(f'Verified webhook: {event}') # Process the event... return jsonify({'received': True}), 200 if __name__ == '__main__': app.run(port=3000) [Handling Verification Failures](https://docs.documenso.com/docs/developers/webhooks/verification#handling-verification-failures) ---------------------------------------------------------------------------------------------------------------------------------- When verification fails, follow these practices: | Action | Description | | --- | --- | | Return 401 status | Respond with `401 Unauthorized` to indicate authentication failure | | Log the attempt | Record failed attempts for security monitoring | | Do not process | Never process the payload if verification fails | | Do not leak details | Avoid exposing information about why verification failed | app.post('/webhooks/documenso', (req, res) => { const receivedSecret = req.headers['x-documenso-secret']; if (!verifyWebhookSignature(receivedSecret, WEBHOOK_SECRET)) { // Log for monitoring but don't expose details console.error('Webhook verification failed', { timestamp: new Date().toISOString(), ip: req.ip, }); // Generic error response return res.status(401).json({ error: 'Unauthorized' }); } // Continue processing... }); ### [Common Verification Issues](https://docs.documenso.com/docs/developers/webhooks/verification#common-verification-issues) | Issue | Cause | Solution | | --- | --- | --- | | Secret mismatch | Webhook secret changed or misconfigured | Verify the secret in your environment matches the one in Documenso | | Empty header | Webhook created without a secret | Add a secret to the webhook configuration in Documenso | | Encoding issues | String encoding mismatch | Ensure both secrets use the same encoding (UTF-8) | [Security Best Practices](https://docs.documenso.com/docs/developers/webhooks/verification#security-best-practices) -------------------------------------------------------------------------------------------------------------------- ### Use strong secrets ### Store secrets securely ### Rotate secrets periodically ### Validate payload structure ### Use HTTPS ### Implement rate limiting [See Also](https://docs.documenso.com/docs/developers/webhooks/verification#see-also) -------------------------------------------------------------------------------------- * [Webhook Setup](https://docs.documenso.com/docs/developers/webhooks/setup) - Configure webhook endpoints and secrets * [Webhook Events](https://docs.documenso.com/docs/developers/webhooks/events) - Event types and payload structure [Webhook Events\ \ Reference for all webhook event types and payloads.](https://docs.documenso.com/docs/developers/webhooks/events) [Embedding\ \ Embed document signing experiences directly in your application using official SDKs.](https://docs.documenso.com/docs/developers/embedding) ### On this page [Overview](https://docs.documenso.com/docs/developers/webhooks/verification#overview) [How Documenso Signs Webhooks](https://docs.documenso.com/docs/developers/webhooks/verification#how-documenso-signs-webhooks) [Signature Header Format](https://docs.documenso.com/docs/developers/webhooks/verification#signature-header-format) [Verification Steps](https://docs.documenso.com/docs/developers/webhooks/verification#verification-steps) [Code Examples](https://docs.documenso.com/docs/developers/webhooks/verification#code-examples) [Handling Verification Failures](https://docs.documenso.com/docs/developers/webhooks/verification#handling-verification-failures) [Common Verification Issues](https://docs.documenso.com/docs/developers/webhooks/verification#common-verification-issues) [Security Best Practices](https://docs.documenso.com/docs/developers/webhooks/verification#security-best-practices) [See Also](https://docs.documenso.com/docs/developers/webhooks/verification#see-also) --- # Direct Links | Documenso Docs [Embedding](https://docs.documenso.com/docs/developers/embedding) Direct Links ============ Share a URL or embed an iframe to let users sign documents without email invitations. Copy MarkdownOpen [What Are Direct Links?](https://docs.documenso.com/docs/developers/embedding/direct-links#what-are-direct-links) ------------------------------------------------------------------------------------------------------------------ Direct links are unique URLs tied to a template that allow anyone to: View and sign a document without receiving an email invitation Enter their own name and email address Complete signature fields and submit the document When someone uses a direct link, Documenso creates a new document from the template with that person as the signer. ### [When to Use Direct Links](https://docs.documenso.com/docs/developers/embedding/direct-links#when-to-use-direct-links) * Collecting signatures from unknown recipients (forms, waivers, petitions) * Embedding signing in your website or application * Self-service contracts where customers initiate signing * Public-facing agreements that anyone can sign ### [Limitations](https://docs.documenso.com/docs/developers/embedding/direct-links#limitations) * Only work with templates, not individual documents * Each link is tied to one recipient role in the template * Recipients enter their own information (you cannot prefill recipient details) [Creating Direct Link Templates](https://docs.documenso.com/docs/developers/embedding/direct-links#creating-direct-link-templates) ----------------------------------------------------------------------------------------------------------------------------------- Before embedding, you need a template with direct links enabled. ### [Via the Dashboard](https://docs.documenso.com/docs/developers/embedding/direct-links#via-the-dashboard) Go to **Templates** and create or select a template ![Team templates](https://docs.documenso.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fteam-templates.b848cffe.png&w=3840&q=75) Click the three-dot menu and select **Direct link** Click **Enable direct link signing** Choose which recipient in your template will use the direct link ![Enable direct link](https://docs.documenso.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fenable-direct-link.2c802762.png&w=3840&q=75) Copy the generated URL ### [Via the API](https://docs.documenso.com/docs/developers/embedding/direct-links#via-the-api) Create a direct link for an existing template: curlTypeScript # Create direct link for template curl -X POST "https://app.documenso.com/api/v2/template/direct/create" \ -H "Authorization: api_xxxxxxxxxxxxxxxx" \ -H "Content-Type: application/json" \ -d '{ "templateId": 123, "directRecipientId": 1 }' const API_TOKEN = process.env.DOCUMENSO_API_TOKEN; const BASE_URL = 'https://app.documenso.com/api/v2'; const response = await fetch(`${BASE_URL}/template/direct/create`, { method: 'POST', headers: { Authorization: API_TOKEN, 'Content-Type': 'application/json', }, body: JSON.stringify({ templateId: 123, directRecipientId: 1, // Optional: specific recipient to use }), }); const directLink = await response.json(); console.log('Direct link token:', directLink.token); // URL: https://app.documenso.com/d/{token} ### [Response](https://docs.documenso.com/docs/developers/embedding/direct-links#response) { "id": 456, "token": "abc123xyz", "templateId": 123, "directTemplateRecipientId": 1, "enabled": true, "createdAt": "2025-01-15T10:00:00.000Z" } The direct link URL format is: https://app.documenso.com/d/{token} ![Copy recipient token](https://docs.documenso.com/_next/image?url=%2F_next%2Fstatic%2Fmedia%2Fcopy-recipient-token.8a409222.png&w=3840&q=75) * * * [Embedding in an iframe](https://docs.documenso.com/docs/developers/embedding/direct-links#embedding-in-an-iframe) ------------------------------------------------------------------------------------------------------------------- Embed the signing experience directly in your application using an iframe. ### [Basic iframe Embedding](https://docs.documenso.com/docs/developers/embedding/direct-links#basic-iframe-embedding) ### [Responsive iframe](https://docs.documenso.com/docs/developers/embedding/direct-links#responsive-iframe)
### [React Component Example](https://docs.documenso.com/docs/developers/embedding/direct-links#react-component-example) function DocumentSigner({ token }: { token: string }) { return (