Back to Blog
PDF Signing APIeSignature APIDevelopersAutomation

PDF Signing API: Complete Guide for Developers (With Real Examples)

PDFSignify TeamMarch 10, 202613 min read

If you're searching for a PDF signing API, you're probably building something that needs documents to be digitally signed: contracts, invoices, compliance documents, or legal agreements. But before you choose a tool, it's worth understanding that not all "PDF signing" is the same — and the right API depends entirely on what kind of signing you actually need.

eSignature vs. Digital Signature: A Critical Distinction

Most "signing APIs" on the market are eSignature platforms. They manage signer workflows: you upload a document, specify signers by email, and the platform sends notifications, tracks who signed, and stores the documents. These are great for contracts and agreements that need human approval.

A digital signature API is fundamentally different. It applies a cryptographic signature to a PDF using a digital certificate (.pfx or .p12 file). This embeds a tamper-proof seal into the document itself. If anyone modifies the PDF after signing, the signature becomes invalid. This is the standard required by many governments, financial institutions, and regulated industries.

When Do You Need a Digital Signature API?

  • Regulatory compliance requiring certificate-based signatures (eIDAS, PAdES)
  • Automated document signing in CI/CD or backend pipelines
  • Signing generated PDFs (invoices, reports, certificates) at scale
  • Tamper-proof document integrity verification
  • Government or legal document submission
  • Internal document workflows where no human signer is involved

How PDFSignify Works

PDFSignify is a certificate-based digital signing API. The entire workflow is synchronous and stateless: you send a PDF and a digital certificate, and you receive the signed PDF back in the same HTTP response. There are no stored documents, no signer emails, no webhooks, and no workflow management.

  • You provide a .pfx or .p12 digital certificate
  • You send the PDF and certificate to the API via multipart/form-data
  • The API applies a cryptographic digital signature
  • You receive the signed PDF as binary data in the response
  • Your files are never stored on PDFSignify servers

Authentication

PDFSignify uses two simple HTTP headers for authentication: AccessKey and SecretKey. There are no OAuth flows, no Bearer tokens, and no session management. Include both headers on every request.

bash
curl -X POST https://api.pdfsignify.com/api/v1/sign-pdf \
  -H "AccessKey: YOUR_ACCESS_KEY" \
  -H "SecretKey: YOUR_SECRET_KEY" \
  -F "[email protected]" \
  -F "certificatePassword=my_password" \
  -F "[email protected]" \
  --output signed.pdf

The Three API Endpoints

PDFSignify exposes three focused endpoints. Each accepts multipart/form-data and requires the AccessKey and SecretKey headers.

1. Sign PDF — POST /api/v1/sign-pdf

The primary endpoint. Send a PDF, a digital certificate, and the certificate password. Optionally customize the signature appearance, position, and metadata. The response is the signed PDF as binary data.

2. Set PDF Metadata — POST /api/v1/set-pdf-metadata

Update a PDF's metadata (author, title, subject, keywords, creator, producer, dates) without signing it. Useful for stamping organizational information onto documents before archiving.

3. Check Certificate Password — POST /api/v1/check-certificate-password

Verify that a certificate file and password combination is valid before attempting to sign. Returns a JSON response with the validation result.

Complete JavaScript Example: Signing a PDF

javascript
import axios from "axios";
import * as fs from "fs";
import FormData from "form-data";

async function signPdf() {
  const formData = new FormData();

  formData.append("certificate", fs.readFileSync("certificate.pfx"), {
    filename: "certificate.pfx",
    contentType: "application/x-pkcs12"
  });
  formData.append("certificatePassword", "your_cert_password");
  formData.append("pdf", fs.readFileSync("document.pdf"), {
    filename: "document.pdf",
    contentType: "application/pdf"
  });

  // Optional: customize signature appearance
  formData.append("signatureMessage", "Digitally signed by ACME Corp");
  formData.append("signaturePageAppearance", "-1");
  formData.append("signatureHeight", "100");
  formData.append("signatureWidth", "150");
  formData.append("signatureXPosition", "180");
  formData.append("signatureYPosition", "100");

  // Optional: set PDF metadata
  formData.append("pdfMetadataAuthor", "ACME Corporation");
  formData.append("pdfMetadataTitle", "Signed Agreement");

  const response = await axios.post(
    "https://api.pdfsignify.com/api/v1/sign-pdf",
    formData,
    {
      headers: {
        ...formData.getHeaders(),
        "AccessKey": "YOUR_ACCESS_KEY",
        "SecretKey": "YOUR_SECRET_KEY"
      },
      responseType: "arraybuffer"
    }
  );

  fs.writeFileSync("signed-document.pdf", response.data);
  console.log("PDF signed successfully!");
}

signPdf();

Real Use Cases for Certificate-Based Signing

  • Invoicing platforms that auto-sign every generated invoice
  • Government portals requiring PAdES-compliant signatures
  • Legal document management systems
  • Healthcare systems signing patient records and reports
  • Financial institutions signing statements and disclosures
  • Build pipelines that sign release artifacts

Key Features to Evaluate in a PDF Signing API

  • Certificate support — does it accept standard .pfx/.p12 files?
  • Synchronous response — do you get the signed PDF immediately?
  • No file storage — are your documents kept on third-party servers?
  • Signature customization — can you control position, size, and appearance?
  • Metadata control — can you set PDF metadata during signing?
  • Simple authentication — how complex is the auth setup?

Common Mistakes When Choosing a PDF Signing API

  • Confusing eSignature (workflow-based) with digital signature (certificate-based)
  • Choosing an API that stores your documents when you need stateless processing
  • Over-engineering with webhooks and polling when a synchronous API would suffice
  • Using an enterprise platform with complex OAuth when simple API keys would work
  • Not verifying certificate compatibility before committing to a provider

Why PDFSignify Is Built for Developers

PDFSignify was designed with one goal: make it as easy as possible to digitally sign PDFs from code. There's no dashboard to configure workflows in, no email templates to set up, and no complex state machines to manage. You make an API call with your files and credentials, and you get a signed PDF back. It integrates into any language or framework that can make HTTP requests.

Final Thoughts

If you need certificate-based digital signatures — the kind that embed cryptographic proof into the PDF itself — then you need a purpose-built API, not a general-purpose eSignature platform. PDFSignify gives you exactly that: a simple, synchronous, stateless API for signing PDFs with your own digital certificate.

The best PDF signing API is the one that does exactly what you need and nothing more.