Skip to main content
POST
/
signature_request
/
{signature_request_id}
/
signing-session
Create Signing Session
curl --request POST \
  --url https://api.luminpdf.com/v1/signature_request/{signature_request_id}/signing-session \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: <api-key>' \
  --data '
{
  "signer_email": "[email protected]"
}
'
{
  "sign_url": "https://sign.luminpdf.com/embed?session=8647b08b...",
  "signer_email": "[email protected]",
  "expires_at": 1927510980694,
  "status": "NEED_TO_SIGN"
}
This endpoint requires the following scope:sign:requests

Authorizations

X-API-Key
string
header
required

Provide your API key in the X-API-Key header, e.g., X-API-Key: YOUR_API_KEY.

Path Parameters

signature_request_id
string
required

ID of an existing signature request that was created via the public API (/signature_request/send or /signature_request/send-from-template).

Body

application/json
signer_email
string
required

Email address of the recipient this session is being issued for. Must be a recipient (signer/viewer) already attached to the signature request.

expiry
integer
default:900000

How long the returned sign_url remains valid, in milliseconds from issue time.

Default: 900000 (15 minutes)

Accepted range: 3000003600000 (5 minutes – 1 hour, inclusive). Shorter values are intended for security-sensitive host apps.

Required range: 300000 <= x <= 3600000

Response

Embedded-signing session created successfully.

sign_url
string
required

Short-lived URL the Embed Signing SDK loads into its iframe. Includes a single-use session token bound to signature_request_id and signer_email.

signer_email
string
required

Echoes the recipient this session was issued for.

expires_at
integer
required

Absolute expiry of sign_url. After this time the SDK will receive an expire event and the URL must be re-issued.

status
enum<string>
required

Current signing status of the recipient at issue time.

Available options:
NEED_TO_SIGN,
WAITING_FOR_OTHERS