How do I integrate the Digital Signature API?

Send an authenticated POST request with the document and the signatory's DSC token reference to the /v1/sign endpoint. The API returns the signed, timestamped file. Any language that can make an HTTPS request can integrate it.

Can I sign documents using a USB token (eToken)?

Yes. The API is built around hardware DSC tokens so the private key never leaves the device. Indian CA-issued Class 2, Class 3 and organisational certificates are supported.

Home / Digital Signature API

REST · DSC · IT Act 2000

The Digital Signature API for any stack.

Add legally valid Digital Signature Certificate signing to your application with one REST endpoint. Sign PDF, Word, Excel and text files using Indian CA-issued USB tokens — the private key never leaves the hardware.

Get API access → See pricing

SHA256withRSARFC 3161 timestampAudit logged

POST /v1/sign

# Sign a PDF with a DSC USB token
POST https://api.amnoy.in/v1/sign
Authorization: Bearer $AMNOY_KEY
Content-Type: multipart/form-data

document   = contract.pdf
format     = pdf
token      = ETKN-4471
reason     = "Approved by finance"
location   = "Mumbai, IN"

# → 200 OK · signed & sealed
{
  "status":      "signed",
  "algorithm":   "SHA256withRSA",
  "certificate": "O=…, Class 3, Indian CA",
  "timestamp":   "2026-06-16T11:04:22Z",
  "file_url":    ".../contract-signed.pdf"
}

What you can sign

One API, every document type your business produces.

Each endpoint embeds the signature in the file's native container, so a signed PDF opens with a green verified badge and a signed DOCX validates inside Word.

PDF Digital Signature API

Embed a PAdES-style digital signature directly into the PDF. Ideal for contracts, agreements, invoices, certificates and government filings that must verify in any PDF reader.

Word Document Signing API

Sign DOCX files so the signature validates natively in Microsoft Word. Perfect for legal drafts, HR letters, board resolutions and policy documents.

Excel Document Signing API

Apply DSC signatures to XLSX workbooks — useful for financial statements, reconciliation sheets, audit schedules and regulatory returns.

Text & raw-hash Signing API

Sign plain text or a pre-computed hash for custom workflows — message signing, tokenised payloads, blockchain anchors or your own document container.

Capabilities

Everything a regulated signing flow needs.

USB token support

Hardware-held keys via eToken / smart card. The signing key never touches your servers or ours.

Indian CA DSC

Works with certificates from licensed Certifying Authorities — Class 2, Class 3 and organisational DSCs.

REST integration

Predictable JSON, idempotent requests, clear error codes. No SDK lock-in required.

Secure authentication

Bearer API keys, IP allow-listing and per-key scopes keep signing access tightly controlled.

Audit logging

Every signature is recorded with signatory, certificate, hash and timestamp for a complete evidence trail.

Trusted timestamps

RFC 3161 timestamps from a TSA prove when each document was signed, independent of system clocks.

High performance

Built to sustain bulk signing — queue thousands of documents without blocking your application.

Reasons & metadata

Attach signing reason, location and custom fields that travel with the signature.

Verification endpoint

Validate any signed file against the issuing CA chain — confirm integrity and signatory in one call.

Works with your tools

Supported technologies

If your framework can make an HTTPS request, it can sign documents. We provide copy-paste examples for the stacks our customers use most, and a sandbox to test against before you go live.

PHPLaravelJavaSpring Boot ASP.NET.NET CorePythonDjango FlaskNode.jsReactAngularVue.js

examples

# PHP / Laravel
$res = Http::withToken($key)
  ->attach('document', $pdf, 'contract.pdf')
  ->post('https://api.amnoy.in/v1/sign', [
      'format' => 'pdf',
      'token'  => 'ETKN-4471',
  ]);

# Python / Django
r = requests.post(
    "https://api.amnoy.in/v1/sign",
    headers={"Authorization": f"Bearer {key}"},
    files={"document": open("contract.pdf","rb")},
    data={"format":"pdf", "token":"ETKN-4471"},
)

Integration questions

Frequently asked

How do I integrate the API?

Send an authenticated POST to /v1/sign with the document and the signatory's DSC token reference. The response contains the signed, timestamped file. Any language that speaks HTTPS works — start in our sandbox, then switch the key to go live.

Is the signature legally valid?

Yes — signatures use Digital Signature Certificates from licensed Indian Certifying Authorities and conform to the IT Act, 2000.

Where is the private key stored?

On the signatory's hardware USB token. The key is never exported, never sent over the network, and never stored by Amnoy.

Can I verify a signed file later?

Yes. The verification endpoint validates integrity and the certificate chain back to the issuing CA, and returns the signatory and timestamp.

Start signing in your sandbox today.

Get an API key, a test token and integration help for your framework. Most teams have a working proof of concept the same day.

Get API access →View pricing