Authenticate with Adobe Acrobat Sign using OAuth 2.0 authorization code flow, obtaining a token with the webhook_read and webhook_write scopes
POST to the /webhooks endpoint with a JSON body specifying the webhookSubscriptionEvents array (e.g., AGREEMENT_ALL or specific events), the webhookUrlInfo target URL, and the scope (ACCOUNT, GROUP, USER, or RESOURCE level)
In the webhook receiver, respond to the initial verification GET request by echoing the X-AdobeSign-ClientId header value in a X-AdobeSign-ClientId response header to complete the subscription challenge
For subsequent POST event deliveries, extract the X-AdobeSign-ClientId header and compare it to the expected client ID registered in your OAuth application to verify the source
Parse the webhook payload JSON to extract the agreement ID, event type, and participant set state, then call the Agreements GET endpoint to retrieve current agreement details if needed
Known gotchas
Adobe Acrobat Sign webhook verification uses client ID matching rather than HMAC signing; there is no payload-level cryptographic signature, so network-level TLS and client ID validation are the primary integrity controls
Webhook subscriptions are scoped at creation time; an ACCOUNT-scoped webhook receives events for all users in the account, which can produce extremely high event volumes in large organizations
Adobe Acrobat Sign requires the receiver endpoint to respond within a short timeout window during both the verification handshake and event delivery; slow receivers will fail the verification and subsequent deliveries will be retried with exponential backoff up to a maximum attempt count before the subscription is disabled
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp