Resources/The Agent API Atlas/Legal/Adobe Acrobat Sign

Everything an AI agent can do with the Adobe Acrobat Sign API.

A reference guide for building AI agents: every method, how to authenticate, and the permissions each one needs.

Endpoints24

API versionv6

Last updated23 June 2026

Orientation

How the Adobe Acrobat Sign API works.

The Adobe Acrobat Sign API is how an app or AI agent works with a signing account: uploading a document, sending an agreement out for signature, fetching a signer's link, downloading the signed file, or reusing a library template. Access is granted through an OAuth access token, and each token carries scopes that name an area and an operation plus a modifier that limits its reach to the signed-in user, their group, or the whole account. A state change emits an event that Acrobat Sign can deliver to a registered endpoint.

24Endpoints

6Capability groups

14Read

10Write

11Permissions

Authentication

Acrobat Sign authenticates calls with an OAuth 2.0 access token sent as a Bearer token. An app sends the user through Adobe's authorization page, requests a set of scopes, and exchanges the returned code for an access token and a refresh token. An access token is short-lived and is refreshed with the refresh token.

Permissions

Each scope is an area and an operation, like agreement_read, agreement_write, library_read, widget_write, user_read, or webhook_write, followed by a modifier that sets its reach: self for the signed-in user, group for their group, or account for the whole account. The scopes requested at authorization must match those enabled on the application exactly, and a call missing the needed scope is refused.

Versioning

The REST API is on major version v6, reached under /api/rest/v6 after looking up the account's correct host with the baseUris call. v6 keeps resource IDs stable across callers and over time, and dated changes ship through the API release notes rather than a new version number.

Data model

Sending a document is a two-step flow: upload the file once to transientDocuments to get a short-lived id, then reference that id when creating an agreement, a widget (web form), or a library template. An agreement moves through states like OUT_FOR_SIGNATURE and SIGNED, and a state change can fire a webhook event.

Connect & authenticate

Connection & authentication methods.

How an app or AI agent connects to Adobe Acrobat Sign determines what it can reach. There is a route for making calls and a route for receiving events, and each is governed by the access token behind it and the OAuth scopes that token carries.

Ways to connect

REST API

The REST API v6 lives under /api/rest/v6 on the account's regional host, which an app discovers with the baseUris call before making requests. It takes JSON request bodies, except for file upload which uses multipart form data, returns JSON, and pages lists with a cursor. A call authenticates with an OAuth 2.0 Bearer access token whose scopes set what it can reach.

Best forConnecting an app or AI agent to Adobe Acrobat Sign.

Governed byThe access token and the OAuth scopes it carries.

Docs ↗

Webhooks

Acrobat Sign POSTs a JSON event to an HTTPS endpoint registered through the webhookEndpoints API or the admin console. The receiver proves ownership by echoing back the X-AdobeSign-ClientId header value, in a response header or a JSON field, and returning a 2XX status. OAuth 2.0 webhookEndpoints can be scoped to a single application or to the whole account.

Best forReceiving Acrobat Sign events at an app or AI agent.

Governed byThe client-ID verification handshake and the webhook scopes.

Docs ↗

Authentication

OAuth 2.0 (authorization code)

An app sends the user to Adobe's authorization page with the scopes it needs, receives an authorization code on the redirect, and exchanges it for an access token and a refresh token. The access token is short-lived and sent as a Bearer token; the refresh token is used to obtain a new access token without sending the user through again. The scopes requested must match those enabled on the application exactly.

TokenOAuth 2.0 Bearer access token (with refresh token)

Best forApps and AI agents acting for a user, group, or account with scoped access.

Docs ↗

Capability map

What an AI agent can do in Adobe Acrobat Sign.

The Adobe Acrobat Sign API is split into areas an agent can act on, like agreements, the documents uploaded to send them, reusable library templates, web forms, and the people and webhooks an account manages. Each area has its own methods and its own scope, and a write in some areas sends a document out for legally binding signature.

Agreements

8 endpoints

Methods for creating, reading, downloading, and cancelling agreements sent for signature.

A write here sends a document out for legally binding signature or cancels one in progress.

View endpoints →

Transient documents

1 endpoint

Method for uploading a source file to reference when creating an agreement, web form, or template.

A write here uploads a file that is then sent for signature.

View endpoints →

Library templates

3 endpoints

Methods for creating and reading reusable library templates.

A write here creates a reusable template available to others in the account.

View endpoints →

Web forms (widgets)

3 endpoints

Methods for creating and reading web forms that collect signatures from a hosted page.

A write here publishes a form anyone with the link can sign.

View endpoints →

Webhooks

5 endpoints

Methods for registering, reading, updating, and deleting webhook endpoints for event delivery.

A write here changes where the account's signing events are sent.

View endpoints →

Users & groups

4 endpoints

Methods for reading and managing the users and groups in an account.

A write here changes a person's account membership or role.

View endpoints →

Endpoint reference

Every Adobe Acrobat Sign API method.

Filter by method, access, or permission, or search any path. Select a row for version detail, rate limits, the related webhook event, and the source.

Hide deprecated

Method	Endpoint	What it does	Access	Permission	Version
Agreements Methods for creating, reading, downloading, and cancelling agreements sent for signature.8
POST	`/api/rest/v6/agreements`	Create an agreement, optionally sending it out for signature, and return the agreementId.	write	`agreement_write`	Current
References a transientDocumentId, library template, or another agreement as the file source. Sending for signature is the core write. Acts onagreement Permission (capability)`agreement_write` VersionAvailable since the API’s base version Webhook event`AGREEMENT_CREATED` Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/api/rest/v6/agreements`	Retrieve agreements for the user, paginated and filterable by group.	read	`agreement_read`	Current
Served from a microservice since May 2025 with a maximum page size of 500. Acts onagreement Permission (capability)`agreement_read` VersionAvailable since the API’s base version Webhook eventNone Rate limitMax page size 500 SourceOfficial documentation ↗
GET	`/api/rest/v6/agreements/{agreementId}`	Retrieve the current status and details of an agreement.	read	`agreement_read`	Current
Read-only. Acts onagreement Permission (capability)`agreement_read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/api/rest/v6/agreements/{agreementId}/signingUrls`	Retrieve the signing URL for each participant once the agreement is ready to sign.	read	`agreement_read`	Current
Available only after the agreement is out for signature; clients poll this endpoint for the URL. Acts onagreement Permission (capability)`agreement_read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/api/rest/v6/agreements/{agreementId}/documents`	Retrieve the IDs of the documents that make up an agreement.	read	`agreement_read`	Current
Read-only. Use GET /agreements/{agreementId}/combinedDocument to download the signed PDF. Acts onagreement Permission (capability)`agreement_read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
PUT	`/api/rest/v6/agreements/{agreementId}/state`	Transition an agreement's state, including cancelling (recalling) one that is out for signature.	write	`agreement_write`	Current
Setting state to CANCELLED recalls the agreement and ends the signing process. Acts onagreement Permission (capability)`agreement_write` VersionAvailable since the API’s base version Webhook event`AGREEMENT_RECALLED` Rate limitStandard limits apply SourceOfficial documentation ↗
POST	`/api/rest/v6/agreements/{agreementId}/reminders`	Create a reminder on specified participants of an agreement.	write	`agreement_write`	Current
A reminder can be created for any participant at any time before their action. Acts onreminder Permission (capability)`agreement_write` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/api/rest/v6/agreements/{agreementId}/formData`	Retrieve the data entered into an agreement's form fields, as CSV.	read	`agreement_read`	Current
Read-only; returns the merged field data collected from signers. Acts onagreement Permission (capability)`agreement_read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
Transient documents Method for uploading a source file to reference when creating an agreement, web form, or template.1
POST	`/api/rest/v6/transientDocuments`	Upload a source file and obtain a transientDocumentId, valid for 7 days, to reference when creating an agreement, web form, or template.	write	`agreement_write`	Current
Takes multipart form data. The agreement_write scope (with a self, group, or account modifier) covers upload; the id expires after 7 days. Acts ontransientDocument Permission (capability)`agreement_write` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
Library templates Methods for creating and reading reusable library templates.3
POST	`/api/rest/v6/libraryDocuments`	Create a reusable library template placed in the user's library.	write	`library_write`	Current
References a transientDocumentId as the file source. Acts onlibraryDocument Permission (capability)`library_write` VersionAvailable since the API’s base version Webhook event`LIBRARY_DOCUMENT_CREATED` Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/api/rest/v6/libraryDocuments`	Retrieve the library templates available to a user.	read	`library_read`	Current
Read-only. Acts onlibraryDocument Permission (capability)`library_read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/api/rest/v6/libraryDocuments/{libraryDocumentId}`	Retrieve the details of a library template.	read	`library_read`	Current
Read-only. Acts onlibraryDocument Permission (capability)`library_read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
Web forms (widgets) Methods for creating and reading web forms that collect signatures from a hosted page.3
POST	`/api/rest/v6/widgets`	Create a web form (widget) that collects signatures from a hosted page, and return the widgetId.	write	`widget_write`	Current
References a transientDocumentId or library template as the file source. Acts onwidget Permission (capability)`widget_write` VersionAvailable since the API’s base version Webhook event`WIDGET_CREATED` Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/api/rest/v6/widgets`	Retrieve all web forms (widgets) for a user.	read	`widget_read`	Current
Read-only. Acts onwidget Permission (capability)`widget_read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/api/rest/v6/widgets/{widgetId}/agreements`	List the agreements created from a web form (widget).	read	`widget_read`	Current
Read-only. Acts onwidget Permission (capability)`widget_read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
Webhooks Methods for registering, reading, updating, and deleting webhook endpoints for event delivery.5
POST	`/api/rest/v6/webhookEndpoints`	Register a webhook endpoint to receive events, scoped to an application or, if applicationIDs is omitted, to the whole account.	write	`webhook_write`	Current
On registration the endpoint must pass the X-AdobeSign-ClientId verification handshake. Acts onwebhookEndpoint Permission (capability)`webhook_write` VersionIntroduced 2024-01-01 Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/api/rest/v6/webhookEndpoints`	List the active webhook endpoints.	read	`webhook_read`	Current
Read-only; returns paginated results. Acts onwebhookEndpoint Permission (capability)`webhook_read` VersionIntroduced 2024-01-01 Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/api/rest/v6/webhookEndpoints/{webhookEndpointId}`	Retrieve a specific webhook endpoint.	read	`webhook_read`	Current
Read-only. Acts onwebhookEndpoint Permission (capability)`webhook_read` VersionIntroduced 2024-01-01 Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
PUT	`/api/rest/v6/webhookEndpoints/{webhookEndpointId}`	Update a webhook endpoint.	write	`webhook_write`	Current
Returns an empty 204 on success. Acts onwebhookEndpoint Permission (capability)`webhook_write` VersionIntroduced 2024-01-01 Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
DELETE	`/api/rest/v6/webhookEndpoints/{webhookEndpointId}`	Delete a webhook endpoint so it stops receiving events.	write	`webhook_retention`	Current
Deletion requires the webhook_retention scope rather than webhook_write. Acts onwebhookEndpoint Permission (capability)`webhook_retention` VersionIntroduced 2024-01-01 Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
Users & groups Methods for reading and managing the users and groups in an account.4
GET	`/api/rest/v6/users`	Retrieve all the users in an account.	read	`user_read`	Current
Read-only; paginated. Acts onuser Permission (capability)`user_read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/api/rest/v6/users/{userId}`	Retrieve detailed information about a user in the caller's account.	read	`user_read`	Current
Read-only. Acts onuser Permission (capability)`user_read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
PUT	`/api/rest/v6/users/{userId}`	Update a user's details.	write	`user_write`	Current
A separate PUT /users/{userId}/state activates or deactivates a user. Acts onuser Permission (capability)`user_write` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗
GET	`/api/rest/v6/groups`	Retrieve all the groups in an account.	read	`user_read`	Current
Read-only; groups are read with the user_read scope. Acts ongroup Permission (capability)`user_read` VersionAvailable since the API’s base version Webhook eventNone Rate limitStandard limits apply SourceOfficial documentation ↗

No endpoints match those filters.

Webhooks

Webhook events.

Adobe Acrobat Sign can notify an app when something happens to an agreement, a web form, or a library template, like an agreement being created or every signer completing their action. It POSTs a JSON event to a registered endpoint, so an integration learns about activity without polling.

Event	What it signals	Triggered by
`AGREEMENT_CREATED`	An agreement was created, for example when a document is sent out for signature.	`/api/rest/v6/agreements`
`AGREEMENT_ACTION_COMPLETED`	A participant completed their required action on an agreement, like signing or approving.	`/api/rest/v6/agreements`
`AGREEMENT_WORKFLOW_COMPLETED`	Every participant has completed their action and the agreement is fully signed and finished.	`/api/rest/v6/agreements`
`AGREEMENT_RECALLED`	An agreement was cancelled (recalled) before completion, ending the signing process.	`/api/rest/v6/agreements/{agreementId}/state`
`AGREEMENT_REJECTED`	A participant declined to sign, rejecting the agreement.	`/api/rest/v6/agreements`
`AGREEMENT_EXPIRED`	An agreement reached its deadline without being completed and expired.	`/api/rest/v6/agreements`
`LIBRARY_DOCUMENT_CREATED`	A reusable library template was created.	`/api/rest/v6/libraryDocuments`
`WIDGET_CREATED`	A web form (widget) was created.	`/api/rest/v6/widgets`

No events match that search.

Rate limits & pagination

Rate limits, pagination & request size.

Adobe Acrobat Sign limits how fast an app can call, by a throttling model that varies with the account's service tier and the cost of each endpoint.

Request rate

Acrobat Sign meters requests with a throttling model rather than a fixed published number. The threshold depends on the account's service plan (small business, business, or enterprise) and on how resource-intensive each endpoint is, so different endpoints throttle at different rates. Going over returns HTTP 429 with a body coded THROTTLING_TOO_MANY_REQUESTS and a retryAfter value, plus a Retry-After header naming the seconds to wait. The guidance is to wait that long and retry with exponential backoff. A May 2025 change tightened throttling rules and the 429 behaviour, and an October 2025 change applied a minimum polling interval to GET endpoints used to check status.

Pagination

List endpoints page with a cursor and a client-set pageSize. A response returns a page of results plus a cursor for the next page, which is passed back on the following call until no further cursor is returned. As of May 2025 the GET /agreements list is served from a microservice with a maximum page size of 500.

Request size

A transient document is stored for 7 days, after which its id can no longer be referenced. GET endpoints that report status are subject to a minimum polling interval, so a status loop must respect the recommended wait between calls rather than poll continuously.

Errors

Status codes & error handling.

The status codes an agent should handle, and what to do about each.

Status	Code	Meaning	What to do
400	`BAD_REQUEST / MISSING_REQUIRED_PARAM`	The request was malformed or a required parameter is missing or invalid, for example an unknown transientDocumentId in fileInfos.	Read the message field, fix the request body or parameters, and resend. The request is not retryable as-is.
401	`UNAUTHORIZED / INVALID_ACCESS_TOKEN`	No valid access token was provided, or the token has expired.	Refresh the access token with the refresh token, or restart the OAuth flow, then resend.
403	`PERMISSION_DENIED / INVALID_OAUTH_SCOPE`	The token lacks the scope this call needs, or the caller is not allowed to act on the resource, for example a scope with a self modifier reaching another user's data.	Enable and request the needed scope with the right modifier (self, group, or account), or act as a permitted user.
404	`INVALID_AGREEMENT_ID / RESOURCE_NOT_FOUND`	The requested object does not exist or is not visible to this token, account, or scope modifier.	Verify the resource ID and confirm the token's scope reaches it.
429	`THROTTLING_TOO_MANY_REQUESTS`	Too many requests arrived too quickly for the account's tier and the endpoint's cost.	Wait the seconds given in the Retry-After header or retryAfter field, then retry with exponential backoff.
500	`MISC_SERVER_ERROR`	An error on the Acrobat Sign side. It is rare.	Retry with backoff, and contact Adobe support if it persists.

Versioning & freshness

Version history.

Adobe Acrobat Sign carries one current major REST version, v6, and ships dated changes to it through API release notes rather than minting a new version string for each addition.

Version history

What changed, and when

Latest versionv6

v6Current version

Current major REST version (v6)

v6 is the current major version of the Acrobat Sign REST API, reached under /api/rest/v6 after a baseUris lookup. It added pagination across resources with a client-set page size, made resource-intensive operations asynchronous, and made resource IDs stable across callers and over time. Adobe ships dated additions through the API release notes rather than minting a new version string.

What changed

Pagination added across resources with a client-configurable page size.
Resource-intensive operations made asynchronous to improve response times.
Resource IDs made consistent across all API callers and stable over time.
Reminder and agreement-note APIs introduced.

2025-11

November 2025 release

Additive changes to webhooks and polling.

What changed

New webhook event added for SMS delivery failures.
Polling threshold reinforced on GET endpoints used to retrieve status.

2025-10

October 2025 release

A minimum polling interval was applied to GET endpoints.

What changed

All GET API endpoints subject to a minimum polling interval to discourage continuous polling.

2025-06

June 2025 release

OAuth 2.0 reach extended and a webhook payload field scheduled for removal.

What changed

OAuth 2.0 capabilities extended to group-level administrators.
webhookNotificationApplicableUsers parameter scheduled for removal from webhook payloads.

2025-05

May 2025 release

Throttling rules tightened and the agreements list moved to a microservice.

What changed

New throttling rules applied, returning HTTP 429 with retry guidance.
GET /agreements now served from a microservice with a maximum page size of 500.

2024-01

January 2024 release

OAuth 2.0 webhooks and the webhookEndpoints APIs launched.

What changed

OAuth 2.0 support announced for customer applications.
WebhookEndpoint APIs launched, configurable at account and application level.
New webhook events added, including AGREEMENT_EMAIL_OTP_AUTHENTICATED.

Build against v6 and track the API release notes for new fields, webhooks, and limits.

Acrobat Sign API release notes ↗

Questions

Adobe Acrobat Sign API, answered.

Why do I have to upload a document before creating an agreement?+

Acrobat Sign separates the file from the agreement. A file is first uploaded to POST /transientDocuments, which returns a transientDocumentId valid for 7 days. That id is then passed in the fileInfos of a POST /agreements, POST /widgets, or POST /libraryDocuments call as the file source. The transient document is the raw source file, like a PDF or DOCX, held temporarily on Adobe's servers.

What do the self, group, and account scope modifiers mean?+

Every scope ends in a modifier that sets how far it reaches. The self modifier limits a scope to the signed-in user's own data, group limits it to the user's group, and account grants access across the whole account. So agreement_read:self reads only that user's agreements, while agreement_read:account reads every agreement in the account. The scopes requested at authorization must match those enabled on the application exactly.

How do I get the link a signer uses?+

After an agreement is created and reaches a signable state, an app polls GET /agreements/{agreementId}/signingUrls to fetch the current signing URL for each participant. The agreement has to be out for signature before a URL is available, so a newly created agreement may need a short wait before the call returns one.

How do I verify a webhook really came from Acrobat Sign?+

Acrobat Sign runs an intent check when a webhook is registered and on every delivery. Each request includes an X-AdobeSign-ClientId header carrying the application ID that created the webhook. The receiver must echo that exact value back, either in an X-AdobeSign-ClientId response header or as an xAdobeSignClientId field in a JSON body, and return a 2XX status, or the delivery is treated as failed.

How does the REST API handle rate limits?+

When an app sends too many requests, Acrobat Sign returns HTTP 429 with a body coded THROTTLING_TOO_MANY_REQUESTS and a retryAfter value, plus a Retry-After header. The threshold is not a single fixed number: it varies with the account's service tier and with how resource-intensive the endpoint is. The recommended pattern is to wait the Retry-After duration and retry with exponential backoff.

Which version of the API should I build against?+

Build against v6, the current major REST version, reached under /api/rest/v6. Before calling, an app looks up the correct regional host for the account with the baseUris call, because accounts are distributed across shards. v6 keeps resource IDs stable across callers and over time, and Adobe ships dated additions through the API release notes rather than a new version number.

What is Bollard AI?

Control what every AI agent can do in Adobe Acrobat Sign.

Bollard AI sits between a team's AI agents and Adobe Acrobat Sign. Grant each agent exactly the access it needs, read or write, area by area, and every call is checked and logged.

Set read, write, or full access per agent, never a shared Acrobat Sign token.
Denied by default, so an agent reaches only what has been explicitly allowed.
Every call recorded in plain English: who, what, where, and the decision.

Control Adobe Acrobat Sign access in Bollard Browse all APIs →

Adobe Acrobat Sign

Contracts Agent

View agreements ResourceOffReadFull use

Send for signature ActionOffReadFull use

Library templates ResourceOffReadFull use

Webhooks ResourceOffReadFull use

Per-agent access, set in Bollard AI, not in Acrobat Sign

How the Adobe Acrobat Sign API works.

Connection & authentication methods.

REST API

Webhooks

OAuth 2.0 (authorization code)

What an AI agent can do in Adobe Acrobat Sign.

Agreements

Transient documents

Library templates

Web forms (widgets)

Webhooks

Users & groups

Every Adobe Acrobat Sign API method.

Agreements

Transient documents

Library templates

Web forms (widgets)

Webhooks

Users & groups

Webhook events.

Rate limits, pagination & request size.

Request rate

Pagination

Request size

Status codes & error handling.

Version history.

What changed, and when

Adobe Acrobat Sign API, answered.

More legal API guides for agents

Dropbox Sign

PandaDoc

Ironclad

DocuSign

Control what every AI agent can do in Adobe Acrobat Sign.