Authentication and Authorization

What's the right OAuth flow for your app?

All requests to Signeasy APIs are authenticated with an API key, which is an OAuth access token. This guide helps you choose the appropriate OAuth authentication and authorization flow based on the type of integration you are developing.

There are two kinds of apps or integrations that are possible with Signeasy.

1. Single User Application

A single user app or integration usually has only one Signeasy account being used and different users sign or send documents via that one account.

You would be developing a single user app if,

  1. You are using Embedded Signing, to get your own users to sign documents on your website or mobile app.
  2. You want to hold all data and documents in a single Signeasy account.
  3. You want to use a single Signeasy account throughout your organization.

If you are building a single user application, Client credentials flow of authorization is convenient.

2. Multi User Application

A multi-user app or integration has multiple Signeasy users using your app to manage or use Signeasy on your platform.

You would be developing a multi-user app, if,

  1. You are building a Signeasy integration on a CRM like Salesforce, Quickbooks, or Xero.
  2. You want to different team members in the organization to have their own Signeasy accounts, and they manage and send documents for signature themselves.
  3. You want to sandbox user data & documents into individual accounts.

If multiple Signeasy users would be using your integration or app, you would have to use the Authorization code flow for API authentication to seek each of their permission to let them authorize your app on their behalf to access to their resources.