Skip to main content
Every partner endpoint is authenticated with a bearer API key in the Authorization header. Public verification endpoints need no key at all — possession of the verify, room, or order code is the authorization.

Partner API keys

Partner keys start with sss_pk_ followed by 256 bits of random entropy in a lowercase base32 alphabet. The prefix makes a leaked key recognizable in logs and secret scanners. Send the key on every partner request:
Authenticated request
curl https://signsealship.com/api/rooms \
  -H "Authorization: Bearer sss_pk_your_key"
A missing, malformed, revoked, or unknown key gets the same response:
401 Unauthorized
{ "error": "A valid partner API key is required." }
Your key is shown to you exactly once, when it is issued. SignSealShip stores only its SHA-256 hash — a database compromise never yields a usable key, but it also means a lost key cannot be recovered, only replaced. Keep it in a secrets manager, never in client-side code or a repository.

How keys are issued

1

Request access

Submit POST /api/partner/request (or the form at https://signsealship.com/partner) with your firm name, work email, and intended use case.
2

Screening

A business email domain plus a coherent, on-topic use case is issued a trial key instantly. Anything else is reviewed by a human — you get an email either way.
3

Receive your key by email

The raw key is emailed to the work email you submitted, once. Trial keys start on the trial tier (5 active rooms) and can be upgraded.
Keys can also be issued directly by SignSealShip for teams onboarding by hand.

Key rotation

There is no self-serve key rotation endpoint today. To rotate a key — routinely, or because you suspect it leaked — contact SignSealShip and a replacement is issued and the old key deactivated. Until then:
  • Treat the key like a password: server-side only, one secrets-manager entry, no copies in tickets or chat.
  • If you suspect a leak, contact SignSealShip immediately; deactivation is immediate once actioned.
  • Room links have their own self-serve rotation: POST /api/rooms/{roomCode}/rotate reissues a room’s bearer code without touching your API key.
Webhook signing secrets follow the same one-time-display model as API keys: shown once at creation, stored only as a hash. To rotate one, create a new subscription and delete the old — see webhooks.

Rate limits

Requests over a limit are rejected with 429 Too Many Requests. Back off and retry after the window resets (fixed one-minute windows unless noted).
PolicyLimitKeyed byApplies to
partner-write60 per minutePartner keyAll Closing Room and Closing Passport partner routes
public-read30 per minuteIPPublic room view and Closing Passport verification
partner-request5 per hourIPPOST /api/partner/request
public-write12 per minuteIPPOST /api/passport/seal and the public Proof Passport verify endpoints
partner-portal120 per minuteDashboard sessionSession-authenticated /api/partner/... dashboard routes, including webhook CRUD
The public room view aggregates live status across every attached order, so it carries a tighter per-IP budget than partner writes. Poll it no more than once every few seconds per room — the page SignSealShip ships refreshes every 15 seconds.