> ## Documentation Index
> Fetch the complete documentation index at: https://docs.signsealship.com/llms.txt
> Use this file to discover all available pages before exploring further.

# SignSealShip API overview and reference

> Overview of the SignSealShip partner API: seal executed PDFs as Proof Passports, run Verified Closing Rooms, seal Closing Passports, and get signed webhooks.

The SignSealShip API lets your platform seal executed documents with real, independently checkable evidence, bundle a deal's orders into one live-status Verified Closing Room, and roll a room's cryptographic facts into a versioned, sealed Closing Passport. Everything a counterparty needs to verify is public — no SignSealShip account required on their side.

## Base URL

All paths in this reference are relative to:

```text Base URL theme={null}
https://signsealship.com
```

Requests and responses are JSON with camelCase field names unless an endpoint says otherwise (file uploads are multipart; sealed PDFs stream back as `application/pdf`). Timestamps are ISO 8601 with a UTC offset.

## Endpoints

### Partner access

| Method | Path                   | Auth   | Rate limit    | Purpose                                                                |
| ------ | ---------------------- | ------ | ------------- | ---------------------------------------------------------------------- |
| POST   | `/api/partner/request` | Public | 5/hour per IP | Request a partner API key ([details](/api-reference/partner-requests)) |

### Proof Passport

| Method | Path                                   | Auth                 | Rate limit    | Purpose                                                                   |
| ------ | -------------------------------------- | -------------------- | ------------- | ------------------------------------------------------------------------- |
| POST   | `/api/passport/seal`                   | Partner key          | 12/min per IP | Seal an executed PDF ([details](/api-reference/proof-passport))           |
| GET    | `/api/passport/{id}`                   | Partner key          | —             | Fetch one of your passports                                               |
| POST   | `/api/passport/webhooks`               | Partner key          | —             | Register a `passport.sealed` webhook ([details](/api-reference/webhooks)) |
| GET    | `/api/passport/verify/{code}`          | Public (verify code) | 12/min per IP | Verify a sealed passport                                                  |
| GET    | `/api/passport/verify/{code}/document` | Public (verify code) | 12/min per IP | Download the sealed PDF                                                   |

### Closing Rooms

| Method | Path                                       | Auth               | Rate limit     | Purpose                                                    |
| ------ | ------------------------------------------ | ------------------ | -------------- | ---------------------------------------------------------- |
| POST   | `/api/rooms`                               | Partner key        | 60/min per key | Create a room ([details](/api-reference/rooms))            |
| GET    | `/api/rooms`                               | Partner key        | 60/min per key | List your rooms                                            |
| POST   | `/api/rooms/{roomCode}/orders`             | Partner key        | 60/min per key | Attach an order by its public code                         |
| DELETE | `/api/rooms/{roomCode}/orders/{orderCode}` | Partner key        | 60/min per key | Detach an order                                            |
| POST   | `/api/rooms/{roomCode}/rotate`             | Partner key        | 60/min per key | Reissue the room's bearer link                             |
| GET    | `/api/rooms/{roomCode}`                    | Public (room code) | 30/min per IP  | Live room view — progress, order cards, activity, passport |

### Closing Passports

| Method | Path                                | Auth                 | Rate limit     | Purpose                                                                     |
| ------ | ----------------------------------- | -------------------- | -------------- | --------------------------------------------------------------------------- |
| POST   | `/api/rooms/{roomCode}/passport`    | Partner key          | 60/min per key | Seal the room's next passport version ([details](/api-reference/passports)) |
| GET    | `/api/verify/room/{verifyCode}`     | Public (verify code) | 30/min per IP  | Verify a Closing Passport — manifest, hashes, chain status                  |
| GET    | `/api/verify/room/{verifyCode}/pdf` | Public (verify code) | 30/min per IP  | Download the sealed passport certificate                                    |

### Webhook management

| Method | Path                         | Auth              | Rate limit          | Purpose                                                          |
| ------ | ---------------------------- | ----------------- | ------------------- | ---------------------------------------------------------------- |
| GET    | `/api/partner/webhooks`      | Dashboard session | 120/min per session | List webhook subscriptions ([details](/api-reference/webhooks))  |
| POST   | `/api/partner/webhooks`      | Dashboard session | 120/min per session | Create a subscription — the signing secret is shown exactly once |
| DELETE | `/api/partner/webhooks/{id}` | Dashboard session | 120/min per session | Delete a subscription                                            |

<Note>
  The partner dashboard also exposes session-authenticated mirrors of the room
  routes (`/api/partner/rooms/...`) for firms that operate rooms from the UI.
  They call the same underlying service and return the same shapes as the
  partner-key routes documented on the [rooms page](/api-reference/rooms).
</Note>

## Conventions

* **Bearer codes, not accounts.** Public reads are authorized by possession of an unguessable code — a room code, an order code, or a verify code. Whoever holds the code can read; treat every code like a credential.
* **Errors** are JSON: `{"error": "human-readable message"}` with a 4xx status. Public verification surfaces return the same generic `{"verdict": "unknown"}` 404 for malformed, unknown, and missing codes — nothing to enumerate.
* **Rate limiting** returns `429 Too Many Requests`. Limits are listed per endpoint above and on the [authentication page](/api-reference/authentication).
* **Honesty by design.** Responses never claim evidence that is not held: evidence badges distinguish **SEALED** (verifiable artifact hash on record) from **RECORDED** (platform attestation only), and every Closing Passport manifest carries an explicit coverage statement of what it does and does not prove. See the [evidence model](/evidence-model).

## Explore the reference

<Columns cols={2}>
  <Card title="Authentication" icon="key" href="/api-reference/authentication">
    Partner API keys, how keys are issued and rotated, and every rate limit.
  </Card>

  <Card title="Partner access requests" icon="door-open" href="/api-reference/partner-requests">
    Request a trial key self-serve — instant issue or human review.
  </Card>

  <Card title="Closing Rooms" icon="landmark" href="/api-reference/rooms">
    Create rooms, attach orders, rotate links, and read the live room view.
  </Card>

  <Card title="Closing Passports" icon="stamp" href="/api-reference/passports">
    Versioned, sealed evidence manifests with a verifiable hash chain.
  </Card>

  <Card title="Proof Passport" icon="file-check" href="/api-reference/proof-passport">
    Seal any executed PDF and get a public verification URL back.
  </Card>

  <Card title="Webhooks" icon="webhook" href="/api-reference/webhooks">
    Signed event deliveries and how to verify them.
  </Card>
</Columns>
