Authenticate using your Dropbox Sign API key as the HTTP Basic Auth username with an empty password, or use OAuth 2.0 for user-context flows.
POST to /v3/signature_request/send with fields: title, subject, message, signers array (each with name and email_address), and files array (base64-encoded or file upload).
Add form_fields_per_document to specify field positions, types (signature, date, text), and which signer each field is assigned to using the signer index.
Receive the signature_request_id in the response and store it for status polling or webhook correlation.
Configure a webhook endpoint in the Dropbox Sign dashboard to receive callback events; verify the event_hash using HMAC-SHA256 with your API key.
Download the signed document via GET /v3/signature_request/files/{signature_request_id} once the signature_request_all_signed event is received.
Known gotchas
File uploads via the API are processed asynchronously for form field detection; if you POST fields immediately after file upload in the same request, field coordinates must be manually specified as pixel positions.
The test_mode flag (set to 1) generates signatures that are not legally binding and are watermarked; ensure test_mode is absent or 0 in production.
Rate limits are per API key; bulk sending without backoff can exhaust limits quickly and result in 429 errors with a Retry-After header.
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp