Recommended integration workflow

Backend (partner platform)

1. Generate the PDF in your platform.
2. Request an access token.
3. Create the contract (upload PDF) → obtain contract_id.
4. Add signing parties.
5. Send invitations.
6. Poll GET /contracts/{id} until contract.status becomes signed (or all parties have signed_at set).
7. Download the final stamped artifact using signed_download.php?token=....

Recipient signing

Recipients open a tokenized URL:
https://firmato.eu/sign/public/sign.php?token=...

The signing UI enforces OTP and (if configured) handwritten signature capture, storing events and evidence in the existing DB tables.

Final stamped download

Once fully signed, the platform generates a stamped PDF (with report/audit trail) via:
https://firmato.eu/sign/public/signed_download.php?token=...

This endpoint returns HTTP 403 if the document is not fully signed yet.