Authentication

Authentication and Authorization

All requests, with the exception of the subscriptions, require an access_token.

To create an application for a live environment go to your profile page http://app.quicklysign.com/app/#profile and click applications as shown below.

For sandbox environment go to your profile page http://sandbox.quicklysign.com/app/#profile and click applications as shown below.

Watch our WALKTHROUGH DEMO for this process here Creating your access token

2066

Create a new application and copy the client id and client secret.

2542

An access_token is generated by calling /access_tokens with user’s api key, application client_id and application client_secret.

Api Keys are needed for accessing and writing to specific user's documents list.

To get an api_key for an existing user, the user must go to your profile page http://app.quicklysign.com/app/#profile and copy the api key under advanced settings.

1906

Create access token

Creates an access token for the given api_key, client_id and client_secret.

📘

NB: This is intended to be used on server side only.

client_secret should never be shared.
This approach will be replaced with OAuth in a later version of the api. For now, access_token is used to ease the transition to oauth usage in later versions of the api.

POST /access_tokens

POST /v1/access_tokens HTTP/1.1
Host: sandboxapi.quicklysign.com
Content-Type: application/json
Cache-Control: no-cache
{
  "client_id":"<client_id>",
  "client_secret":"<client_secret>",
  "api_key":"<api_key>"
}
curl -X POST -H "Content-Type: application/json" -H "Cache-Control: no-cache" -d '{
  "client_id":"<client_id>",
  "client_secret":"<client_secret>",
  "api_key":"<api_key>"
}' 'https://sandboxapi.quicklysign.com/v0/access_tokens'
{
  "status": {
    "status_code": 200
  },
  "data": {
    "access_token": "<access_token>"
  }
}

Using an access_token for requests

When using the access token in request, you will need to add the "access_token" header to your request with your access token as value.
e.g. "access_token: <your_access_token>"

GET /v1/documents

GET /v1/documents HTTP/1.1
Host: sandboxapi.quicklysign.com
Content-Type: application/json
Cache-Control: no-cache
access_token: <access_token>
curl https://sandboxapi.quicklysign.com/v1/documents
	-H "Content-Type: application/json" 
  	-H "Cache-Control: no-cache"
  	-H "access_token: <access_token>"

If the token is invalid you will receive the following response:

{
  "status": {
    "status_code": 401,
    "errors": [
      {
        "message": "A valid access_token is required",
        "code": "invalid_access_token"
      }
    ]
  },
  "data": {}
}

A list of error codes can be found here: https://quicklysign.readme.io/docs/constants#error-codes