Skip to main content

Concepts

Process lifecycle

A signing process moves through four states:

StateMeaning
CREATEDThe process exists and files can still be attached.
PENDINGThe process was released and is waiting for signatures.
COMPLETEDAll required signatures were collected.
EXPIREDThe process did not complete before expiry.

Core services

Create and prepare

MethodEndpointMinimum statePurpose
POST/api/process-Create a new signing process.
POST/api/process/{processId}/attachCREATEDAttach a PDF document.
POST/api/process/{processId}/setupCREATEDHand the process to the Swisscom UI for manual setup.
POST/api/process/{processId}/releaseCREATEDRelease a fully prepared process without manual UI interaction.
POST/api/process/{processId}/open/{personId}PENDINGGenerate a signer-specific URL for direct access.

Read and monitor

MethodEndpointMinimum statePurpose
GET/api/process/{processId}CREATEDRetrieve the full process payload.
GET/api/process/{processId}/statusCREATEDRead the current lifecycle state.
GET/api/process/{processId}/file/{fileId}CREATED / COMPLETEDDownload originals or signed output.
GET/api/process/{processId}/recordCREATEDFetch the audit record trail.

Process authorization

Swisscom distinguishes between initiators and invitees when deciding whether a person may access a process.

For initiators, access is first resolved through direct ownership, then organization or team membership, and then verified contact attributes such as email address or mobile number. If none of those checks applies, the platform falls back to a one-time code flow.

For invitees, the normal path is a verified email or mobile number match, with the same code-based fallback if no verified attribute can be used.