Supersign
Sign InGet Started

Enterprise-Grade Features

Everything you need for legally compliant, secure, and scalable e-signatures. No artificial limits. No hidden fees. Full control.

Get Started FreeAPI Docs

PKI Security

RSA 4096-bit encryption with PKCS#7 digital signatures

RFC 3161 Timestamps

Cryptographic proof of signature time via TSA

Audit Trails

Immutable logs for legal compliance and forensics

Multi-Party Signing

Sequential and parallel signing workflows

Template Library

Pre-built templates for common documents

Mobile Signing

Native iOS and Android support with biometric auth

API Access

Full REST API for custom integrations

Webhooks

Real-time notifications for signature events

Custom Branding

White-label support with custom domains

Document Storage

Encrypted storage with S3-compatible backends

Advanced Fields

Text, checkboxes, dates, signatures, and initials

Email Notifications

Automatic reminders and status updates

Technical Deep Dives

Public Key Infrastructure (PKI)

Industry-standard cryptographic security for electronic signatures

Supersign uses RSA 4096-bit encryption with PKCS#7 digital signatures to ensure document integrity and non-repudiation. Every signature is cryptographically bound to the signer and the document.

// Signature verification process
1. Hash document (SHA-256)
2. Decrypt signature with public key
3. Compare hashes → Document unchanged ✓
  • RSA 4096-bit key pairs (strongest commercial standard)
  • PKCS#7 signature format (RFC 5652)
  • SHA-256 hashing algorithm
  • Certificate chain validation
  • Hardware Security Module (HSM) support for self-hosted deployments

RFC 3161 Timestamp Authority

Cryptographic proof of when a document was signed

Every signature includes a timestamp from an RFC 3161-compliant Timestamp Authority (TSA). This proves the document existed at a specific moment in time, crucial for legal validity.

// TSA timestamp process
1. Hash signed document
2. Send to TSA with timestamp request
3. TSA returns signed timestamp token
4. Embed token in signature
  • RFC 3161 compliant timestamp tokens
  • Independent third-party TSA (Managed Cloud) or self-hosted TSA
  • Permanent proof of signature time
  • Resistant to clock manipulation
  • Admissible in legal proceedings

Immutable Audit Trails

Complete forensic record of every document action

Supersign maintains a tamper-evident audit trail for every document, capturing every view, signature, and modification. Essential for compliance and dispute resolution.

Captured Events:
  • Document creation and upload
  • Email sent and delivered
  • Document viewed (with IP address)
  • Field interactions
  • Signature applied (with geolocation)
  • Document completed
  • PDF downloaded
  • Cryptographically signed event logs
  • Tamper-evident storage
  • ISO 8601 timestamps for all events
  • IP address and geolocation tracking
  • Device fingerprinting
  • Exportable as PDF summary or JSON

RESTful API

Full programmatic access to all platform features

Build custom workflows and integrations with our comprehensive REST API. Available on all tiers, including self-hosted.

// Create signature request
POST /api/v1/envelopes
{
  "document": "base64_pdf_data",
  "recipients": [
    {
      "name": "Jane Doe",
      "email": "jane@example.com",
      "role": "signer"
    }
  ],
  "fields": [
    {
      "type": "signature",
      "page": 1,
      "x": 100,
      "y": 500
    }
  ]
}
  • RESTful design with JSON payloads
  • OAuth 2.0 and API key authentication
  • Webhooks for real-time events
  • Rate limiting and retry logic
  • Comprehensive OpenAPI specification
  • Official SDKs (TypeScript, Python, Go)
View API Documentation

Security & Infrastructure

Data Encryption

  • • AES-256 encryption at rest
  • • TLS 1.3 for data in transit
  • • Encrypted backups
  • • HSM support for key storage

Storage Options

  • • S3-compatible object storage
  • • PostgreSQL for metadata
  • • Geographic redundancy
  • • Automatic backups

Performance

  • • Global CDN for document delivery
  • • Sub-second signature validation
  • • Horizontal scaling support
  • • 99.9% uptime SLA (Managed Cloud)

Deployment Options

  • • Docker/Kubernetes ready
  • • Cloud-agnostic architecture
  • • Air-gapped deployment support
  • • One-click updates

Ready to Get Started?

Deploy Supersign today and start collecting legally binding signatures in minutes.

Start Free TrialView on GitHub