Skip to content

Guide

The simplest integration. eSigKit signatures are static HTML hosted on a CDN (cdn.esigkit.com) — embedding one is just an <img> or an <iframe>.

The stable URL

For most use cases, point at the public 301-redirect endpoint:

<img src="https://api.esigkit.com/v1/users/{userId}/signature" />

The endpoint 301s to the latest versioned CDN URL. Cached for 24 hours at the edge — versioning the target URL ({orgId}/{userId}.{version}.html) means re-rendering doesn’t require cache invalidation. The cache key changes automatically.

Embedding the rendered HTML directly

If you need the HTML inline (e.g., a server-rendered email template), fetch and inline:

<!-- Server-side fetch the rendered HTML and inline -->
<div id="signature">
  <!-- contents fetched from https://cdn.esigkit.com/signatures/{orgId}/{userId}.{version}.html -->
</div>
// Server-side example
const url = `https://cdn.esigkit.com/signatures/${orgId}/${userId}.${version}.html`;
const html = await fetch(url).then((r) => r.text());
// inline `html` into your template

Status checking (dashboard widgets)

For a “is this signature live?” indicator without rendering the full thing:

const status = await fetch(
  `https://api.esigkit.com/v1/users/${userId}/signature/status`
).then((r) => r.json());

console.log(status.status); // 'live' | 'paused' | 'never_rendered' | 'not_found'

Cached for 30 seconds at the edge — polling once a minute from a dashboard costs effectively nothing.

Common pitfalls

  • Don’t embed the versioned URL directly in long-lived integrations — it becomes stale every time you re-render. Use the redirect endpoint.
  • Don’t add query strings to the redirect URL — they’re not honored and can pollute analytics if proxied.
  • Don’t try to hot-link the signature image into a website background. It’s an HTML document, not an image. Use <iframe> or fetch + inline.

Iframe pattern

If you want CSS isolation:

<iframe
  src="https://api.esigkit.com/v1/users/{userId}/signature"
  width="600"
  height="120"
  style="border:0;"
  title="Email signature preview"
></iframe>

The Content-Security-Policy header on the served HTML allows iframe embed from any origin. Use this in dashboards / preview surfaces where you want the signature to float visually inside your own UI but not inherit its CSS.