Embedded Templates Walkthrough

Embedded templates allow your users to create and edit templates on your site in an iFrame using hellosign-embedded, HelloSign's official client-side library. Templates are used to make frequently-used documents easier to send for signatures and share with others. They're also a powerful tool for automating workflows and using pre-filled data in your signature requests.

Preliminary

Please complete the steps below before following along with the content.

  1. Create an API app (login required)
Important
The API app domain name specifies where the iFrame can be opened. Embedded Template creation will only be possible on pages from this domain and its subdomains. However, you can use skipDomainVerification to embed requests created using test_mode.
  1. Save your API app's Client ID and API Key, which you'll need to use this feature.

Try HelloSign Embedded

To get a feel for how our HelloSign Embedded library works, you can use our Embedded Testing Tool to quickly test any of our Embedded flows without having to write a single line of JavaScript.

You can request a sample document, or use the custom claim_url or edit_url that you'll generate in the Server Side section below.

Server Side

Allowing your site users to create a template involves first creating a template draft. This draft will be displayed on your site in an embedded iFrame, allowing the user to edit and finalize the template. Note that templates created via the embedded template process will only be accessible through the API.

Creating a Template

  1. Create a template draft by POSTing an API request to https://api.hellosign.com/v3/template/create_embedded_draft with the following parameters:

    curlphpjavapythonrubynodejsdotnet
    Copy
    Copied
    curl 'https://api.hellosign.com/v3/template/create_embedded_draft' \
        -u 'SIGN_IN_AND_CREATE_API_KEY_FIRST:' \
        -F 'test_mode=1' \
        -F 'client_id=YOUR_CLIENT_ID' \
        -F 'file[0]=@NDA.pdf' \
        -F 'title=Test Template' \
        -F 'subject=Please sign this document' \
        -F 'message=For your approval.' \
        -F 'signer_roles[0][name]=Client' \
        -F 'signer_roles[0][order]=0' \
        -F 'signer_roles[1][name]=Witness' \
        -F 'signer_roles[1][order]=1' \
        -F 'cc_roles[0]=Manager' \
        -F 'merge_fields=[{"name":"Full Name","type":"text"},{"name":"Is Registered?","type":"checkbox"}]' \
        -F 'field_options={"date_format": "DD - MM - YYYY"}'
    Copy
    Copied
    $client = new HelloSign\Client('SIGN_IN_AND_CREATE_API_KEY_FIRST');
    $client_id = 'YOUR_CLIENT_ID';
    
    $request = new HelloSign\Template();
    $request->enableTestMode();
    $request->setClientId($client_id);
    $request->addFile($path_to_nda_pdf);
    $request->setTitle('Test Title');
    $request->setSubject('Test Subject');
    $request->setMessage('Test Message');
    $request->addSignerRole('Test Role', 1);
    $request->addSignerRole('Test Role 2', 2);
    $request->addCCRole('Test CC Role');
    $request->addMergeField('Test Merge', 'text');
    $request->addMergeField('Test Merge 2', 'checkbox');
    
    $response = $client->createEmbeddedDraft($request);
    
    $new_template_id = $response->getId();
    $edit_url = $response->getEditUrl();
    $is_embedded_draft = $response->isEmbeddedDraft();
    Copy
    Copied
    TemplateDraft draft = new TemplateDraft();
    draft.setTestMode(true);
    draft.setTitle("NDA Template");
    draft.addSignerRole("Client");
    draft.addCCRole("Lawyer");
    draft.addFile(getTestFile("nda.pdf"));
    
    EmbeddedRequest eReq = new EmbeddedRequest(clientId, draft);
    HelloSignClient client = new HelloSignClient("SIGN_IN_AND_CREATE_API_KEY_FIRST");
    TemplateDraft t = client.createEmbeddedTemplateDraft(eReq);
    Copy
    Copied
    client = HSClient(api_key='SIGN_IN_AND_CREATE_API_KEY_FIRST')
    
    files = ["/docs/nda.pdf"]
    signer_roles = [
        {'name': 'Baltar', 'order': 1},
        {'name': 'Madame President', 'order': 2},
        {'name': 'Lee Adama', 'order': 3},
    ]
    cc_roles = ['Deck Chief', 'Admiral','Starbuck']
    merge_fields = [{'name':'mymerge', 'type':'text'}]
    
    template_draft = client.create_embedded_template_draft(
        client_id='YOUR_CLIENT_ID',
        signer_roles=signer_roles,
        test_mode=True,
        files=files,
        title='Battlestar Test Draft',
        subject='There are cylons onboard',
        message='Halp',
        cc_roles=cc_roles,
        merge_fields=merge_fields
    )
    
    template_id = template_draft.template_id
    Copy
    Copied
    client = HelloSign::Client.new :api_key => 'SIGN_IN_AND_CREATE_API_KEY_FIRST'
    request = client.create_embedded_template_draft(
        :test_mode => 1,
        :client_id => 'YOUR_CLIENT_ID',
        :files => ['nda.docx'],
        :title => 'Test Title',
        :subject => 'Test Subject',
        :message => 'Test Message',
        :signer_roles => [
            {
                :name => 'Test Role',
                :order => 1
            },
            {
                :name => 'Test Role 2',
                :order => 2
            }
        ],
        :cc_roles => ['Test CC Role'],
        :merge_fields => '[{"name":"Test Merge","type":"text"},{"name":"Test Merge 2","type":"text"}]'
    )
    
    new_template_id = request.data['template_id']
    edit_url = request.data['edit_url']
    is_embedded_draft = request.data['is_embedded_draft']
    Copy
    Copied
    const hellosign = require('hellosign-sdk')({ key: 'SIGN_IN_AND_CREATE_API_KEY_FIRST' });
    
    const opts = {
      test_mode: 1,
      clientId: 'YOUR_CLIENT_ID',
      title: 'embedded draft test',
      subject: 'embedded draft test',
      message: 'embedded draft test',
      signer_roles: [
        {
          name: 'Manager',
          order: 0
        },
        {
          name: 'Employee',
          order: 1
        }
      ],
      files: ['NDA.pdf']
    };
    
    const results = hellosign.template.createEmbeddedDraft(opts).then((res) => {
      // handle response
    }).catch((err) => {
      // handle error
    });
    Copy
    Copied
    var client = new Client("SIGN_IN_AND_CREATE_API_KEY_FIRST");
    var draft = new EmbeddedTemplateDraft();
    draft.TestMode = true;
    draft.AddFile("C:\Users\Me\My Documents\NDA.pdf");
    draft.Title = "Test Template";
    draft.Subject = "Please sign this document";
    draft.Message = "For your approval.";
    draft.AddSignerRole("Client", 0);
    draft.AddSignerRole("Witness", 1);
    draft.AddCcRole("Manager");
    draft.AddMergeField("Full Name", MergeField.FieldType.Text);
    draft.AddMergeField("Is Registered?", MergeField.FieldType.Checkbox);
    var response = client.CreateEmbeddedTemplateDraft(draft, "YOUR_CLIENT_ID");

  2. Retrieve the edit_url from the API response, which will be a JSON object like the one below. Be sure to also store the template_id for future referencing of the completed template.
    Copy
    Copied
    {
      "template" : {
        "template_id" : "abcdef1234567890abcdef1234567890",
        "edit_url" : "https://app.hellosign.com/editor/...",
        "expires_at" : "123456790"
      }
    }

  3. Set up the frontend. If you are using a modern module bundler with npm, simply install hellosign-embedded. Otherwise, HelloSign Embedded can be downloaded manually, compiled from source, or imported from our CDN.
    Copy
    Copied
    npm install hellosign-embedded

  4. Create a new HelloSign Embedded client. Import the hellosign-embedded module instantiate a new client.
    Copy
    Copied
    import HelloSign from 'hellosign-embedded';
    
    const client = new HelloSign({
      clientId: 'Your API client ID'
    });

  5. Open HelloSign Embedded. Call client.open() with the editUrl you got from a previous step.
    Copy
    Copied
    client.open(editUrl, {
      skipDomainVerification: true
    });

  6. The embedded iFrame will be displayed and the user will be walked through the process of editing and finalizing the template for future use.

Pre-filled Data

By creating a template draft with merge fields, you are essentially telling your users, "The app can supply this information for you when you use the completed template to send a signature request."

This can be useful if, for example, your app stores contact information. If a user sends a signature request to one of the contacts in your system, you can pre-populate the signature request with contact details prior to sending. It's necessary to provide these details as 'merge fields' during the template creation because it indicates where the data should be placed within the document when sending the signature request.

As explained in the creating a template section, merge fields are specified during the template draft creation API request as a JSON array. Each merge field must have a unique name, and this is enforced by the API.

When the user is presented with the template draft editor, they are allowed to place these merge fields in the document. Merge fields appear to the user as standard Textbox and Checkbox fields. When one of these fields is placed on the document, the context menu will display the app as an option for the data source (in the "Who fills this out?" dropdown list), and the names of any pre-defined merge fields are listed in the dropdown underneath "What text goes here?".

Once the template is saved, the data to populate these merge fields can be specified in the API call to create a signature request. This not only saves the user time, but also ensures better data accuracy. To populate the merge fields, simply execute a /signature_request/send_with_template and use the custom_fields parameter, or supply the same parameter when creating an embedded draft for previewing (see previewing a signature request below).

Editing a Template

If a template was created using Embedded Templates, then you can also allow your users to edit it by calling /embedded/edit_url/{template_id} and opening the edit_url with hellosign-embedded. At the time of writing, you cannot use Embedded Templates to edit a template created on hellosign.com.
  1. Make a GET or POST request to /embedded/edit_url/{template_id}.

    Note: A POST request is required if any changes are being made to merge fields or editor options. test_mode is optional with a POST request, however, it is required for users on Essentials and Standard plans.

    curlphpjavapythonrubynodejsdotnet
    Copy
    Copied
    curl 'https://api.hellosign.com/v3/embedded/edit_url/5de8179668f2033afac48da1868d0093bf133266' \
        -u 'SIGN_IN_AND_CREATE_API_KEY_FIRST:'
    
    curl -X POST 'https://api.hellosign.com/v3/embedded/edit_url/5de8179668f2033afac48da1868d0093bf133266' \
        -u 'SIGN_IN_AND_CREATE_API_KEY_FIRST:' \
        -F 'cc_roles[0]=' \
        -F 'merge_fields=[]'
    Copy
    Copied
    $client = new HelloSign\Client('SIGN_IN_AND_CREATE_API_KEY_FIRST');
    $template_id = '5de8179668f2033afac48da1868d0093bf133266';
    $response = $client->getEmbeddedEditUrl($template_id);
    $edit_url = $response->getEditUrl();
    Copy
    Copied
    HelloSignClient client = new HelloSignClient("SIGN_IN_AND_CREATE_API_KEY_FIRST");
    EmbeddedResponse res = client.getEmbeddedTemplateEditUrl("5de8179668f2033afac48da1868d0093bf133266");
    String editUrl = res.getEditUrl();
    Copy
    Copied
    client = HSClient(api_key='SIGN_IN_AND_CREATE_API_KEY_FIRST')
    embeddedObj = client.get_template_edit_url('5de8179668f2033afac48da1868d0093bf133266')
    edit_url = embeddedObj.edit_url
    Copy
    Copied
    client = HelloSign::Client.new :api_key => 'SIGN_IN_AND_CREATE_API_KEY_FIRST'
    response = client.get_embedded_template_edit_url :template_id => '5de8179668f2033afac48da1868d0093bf133266'
    url = response.data
    Copy
    Copied
    const hellosign = require('hellosign-sdk')({ key: 'SIGN_IN_AND_CREATE_API_KEY_FIRST' });
    
    hellosign.embedded.getEditUrl(templateId).then((res) => {
      // handle response
    }).catch((err) => {
      // handle error
    });
    Copy
    Copied
    var client = new Client("SIGN_IN_AND_CREATE_API_KEY_FIRST");
    var response = client.GetEditUrl("5de8179668f2033afac48da1868d0093bf133266");

  2. Retrieve the edit_url from the API response, which will be a JSON object like the one below. This URL will be used in the same manner as the edit_url retrieved for the template draft creation.
    Copy
    Copied
    {
      "embedded" : {
        "edit_url" : "https://app.hellosign.com/editor/...",
        "expires_at" : "123456790"
      }
    }

  3. Set up the frontend. Check out the Client Side section below for a tutorial on how to set up the HelloSign Embedded library.

  4. Open HelloSign Embedded. Call client.open() with the editUrl you got from a previous step.
    Copy
    Copied
    client.open(editUrl, {
      skipDomainVerification: true
    });

  5. The embedded iFrame will be displayed and the user will be walked through the process of editing and finalizing the template.

Previewing a Signature Request

When your site user needs to send a signature request based on a template, you will need to create an embedded signature request draft. This draft can be opened in an embedded iFrame to allow the user to preview the request prior to sending. Creating the signature request draft for previewing is also a perfect opportunity to populate any pre-defined merge fields that might have been added by the user during the template creation process.

  1. Create the embedded template draft by making a POST request to /unclaimed_draft/create_embedded_with_template with the following parameters:

    curlphpjavapythonrubynodejsdotnet
    Copy
    Copied
    curl 'https://api.hellosign.com/v3/unclaimed_draft/create_embedded_with_template' \
      -u 'SIGN_IN_AND_CREATE_API_KEY_FIRST:' \
      -F 'client_id=YOUR_CLIENT_ID' \
      -F 'template_id=5de8179668f2033afac48da1868d0093bf133266' \
      -F 'requester_email_address=jack@hellosign.com' \
      -F 'test_mode=1' \
      -X POST
    Copy
    Copied
    $client = new HelloSign\Client('SIGN_IN_AND_CREATE_API_KEY_FIRST');
    $client_id = 'YOUR_CLIENT_ID';
    
    $templateId = $previouslySavedTemplate->getId();
    
    $baseReq = new HelloSign\TemplateSignatureRequest();
    $baseReq->enableTestMode();
    $baseReq->setTemplateId($templateId);
    $baseReq->setSigner('Signer', 'jack@example.com', 'Jack');
    $baseReq->setSigningRedirectUrl('http://example.com/signing');
    $baseReq->setRequestingRedirectUrl('http://example.com/requesting');
    $baseReq->setRequesterEmailAddress('jill@example.com');
    $baseReq->addMetadata('custom_id', '1234');
    
    $request = new HelloSign\EmbeddedSignatureRequest($baseReq);
    $request->setClientId($client_id);
    $request->setEmbeddedSigning();
    
    $response = $client->createUnclaimedDraftEmbeddedWithTemplate($request);
    Copy
    Copied
    HelloSignClient client = new HelloSignClient(auth);
    TemplateSignatureRequest tsr = new TemplateSignatureRequest();
    tsr.setTemplateId("5de8179668f2033afac48da1868d0093bf133266");
    UnclaimedDraft ucd = new UnclaimedDraft(tsr);
    ucd.setType(UnclaimedDraftType.request_signature);
    ucd.setRequesterEmail("jack@hellosign.com");
    String clientId = "YOUR_CLIENT_ID";
    EmbeddedRequest embeddedReq = new EmbeddedRequest(clientId, ucd);
    
    HelloSignClient client = new HelloSignClient("SIGN_IN_AND_CREATE_API_KEY_FIRST");
    UnclaimedDraft resp = (UnclaimedDraft) client.createEmbeddedRequest(embeddedReq);
    Copy
    Copied
    client = HSClient(api_key='SIGN_IN_AND_CREATE_API_KEY_FIRST')
    
    signers = [{
        "name": "Signer Name",
        "email_address": "signer@example.com",
        "role_name": "Signer"
    }]
    metadata = {
        'account_id': '123',
        'company_name': 'Acme Co.'
    }
    
    templateDraft = client.create_embedded_unclaimed_draft_with_template(
        test_mode=True,
        client_id='YOUR_CLIENT_ID',
        is_for_embedded_signing=True,
        template_id='5de8179668f2033afac48da1868d0093bf133266',
        requester_email_address='user@example.com',
        title='MyDraft',
        subject='Unclaimed Draft Email Subject',
        message='Email Message',
        signers=signers,
        signing_redirect_url='http://url.com',
        requesting_redirect_url='http://url.com',
        metadata=metadata
    )
    url = templateDraft.claim_url
    Copy
    Copied
    client = HelloSign::Client.new :api_key => 'SIGN_IN_AND_CREATE_API_KEY_FIRST'
    embedded_object = client.create_embedded_unclaimed_draft_with_template(
        :test_mode => 1,
        :client_id => 'YOUR_CLIENT_ID',
        :template_id => '5de8179668f2033afac48da1868d0093bf133266',
        :requester_email_address => 'herman@hogwarts.com',
        :signing_redirect_url => 'http://hogwarts.edu/success',
        :requesting_redirect_url => 'http://hogwarts.edu',
        :metadata => {
            :House => 'Griffyndor'
        },
        :signers => [
            {
                :email_address => 'harry@potter.net',
                :name => 'Harry Potter',
                :role => 'Signer'
            }
        ]
    )
    Copy
    Copied
    const hellosign = require('hellosign-sdk')({ key: 'SIGN_IN_AND_CREATE_API_KEY_FIRST' });
    
    const opts = {
      test_mode: 1,
      clientId: 'YOUR_CLIENT_ID',
      template_id: '5de8179668f2033afac48da1868d0093bf133266',
      title: 'embedded draft test',
      subject: 'embedded draft test',
      message: 'embedded draft test',
      signing_redirect_url: 'http://example.com/signed',
      requesting_redirect_url: 'http://example.com/requested',
    
      signers: [
        {
          email_address: 'alice@example.com',
          name: 'Alice',
          role: 'Manager',
          pin: 'abcd1234'
        },
        {
          email_address: 'bob@example.com',
          name: 'Bob',
          role: 'Employee',
          pin: 'abcd1234'
        }
      ],
      requester_email_address: 'charlie@example.com'
    };
    
    hellosign.unclaimedDraft.createEmbeddedWithTemplate(opts).then((res) => {
      // handle response
    }).catch((err) => {
      // handle error
    });
    Copy
    Copied
    var client = new Client("SIGN_IN_AND_CREATE_API_KEY_FIRST");
    var request = TemplateSignatureRequest();
    request.AddTemplate("5de8179668f2033afac48da1868d0093bf133266");
    request.RequesterEmailAddress = "someone@example.com";
    request.TestMode = true;
    var response = client.CreateUnclaimedDraft(request, "YOUR_CLIENT_ID");

  2. Retrieve the claim_url from the API response, which will be a JSON object like the one below. This URL will be used in the same manner as the edit_url for template creation and editing to display the preview to the user.
    Copy
    Copied
    {
      "unclaimed_draft": {
        "claim_url": "https://embedded.hellosign.com/prep-and-send/embedded-request?cached_params_token=30c4d8df776038c2fa5f7094c3718937",
        "signing_redirect_url": null,
        "test_mode": true,
        "signature_request_id": "340e9843ac552b5170ee9c374d67e312f53ca129",
        "requesting_redirect_url": null
      }
    }

  3. Set up the frontend. Check out the Client Side section below for a tutorial on how to set up the HelloSign Embedded library.

  4. Open HelloSign Embedded. Call client.open() with the editUrl you got from a previous step.
    Copy
    Copied
    client.open(editUrl, {
      skipDomainVerification: true
    });

  5. The embedded iFrame will be displayed and the user will be given an opportunity to preview and make edits to the signature request prior to sending. Any custom_fields parameters supplied to the draft creation API request will be added to the document as well and these fields can also be edited and moved by the user. The user can then send the signature request by clicking "Continue" (or "Send" if the subject and message for the request have already been set).

Client Side

We provide a client-side library that handles the authorization and display of the embedded request using an iFrame. You can use this feature by adding a few lines of JavaScript code.

If you are using a modern module bundler with npm, simply install hellosign-embedded.
Copy
Copied
npm install hellosign-embedded

If you are not using a modern module bunder like npm, HelloSign Embedded can be downloaded manually, compiled from source, or imported from our CDN.

In your app, import the hellosign-embedded module, instantiate a new client, then invoke open() with your claimUrl and API client ID. Note that we're using skipDomainVerification when calling this method. You can learn more about that in the Domain Restriction section below.
Copy
Copied
import HelloSign from 'hellosign-embedded';

const client = new HelloSign();

client.open(claimUrl, {
  clientId: 'Your API client ID',
  skipDomainVerification: true
});

Note: It's recommended that you add the following to your document's <head> to avoid unexpected behavior on small screens. <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0">.

There are a number of options you can define as part of the second argument when calling open():
NameTypeDescription
requestingEmailstringThe email of the account issuing the signature request.

Note: This option is only necessary for 'Me and Others' type signature requests.

Example:
{
requestingEmail: alice@example.com
}
localestringThe locale code that will be used to determine which language the embedded request will be displayed in. For a list of HelloSign's supported languages, visit our Languages page. If no locale is specified HelloSign will attempt to determine the user's preferred language by their browser settings or fall back to English.

Note: Czech (CS_CZ) is only supported by Embedded Signing.

Example:
{
locale: HelloSign.locales.ZH_CN
}
redirectTostringWhere the user will be redirected after sending the signature request.

Example:
{
redirectTo: 'http://example.com'
}
allowCancelbooleanWhether the user should be able to close the iFrame without finishing the request. Default: true.

Example:
{
allowCancel: false
}
debugbooleanAllows debug output to print to the console. Default: false.

For even more detailed debug output, run localStorage.debug = 'hellosign-embedded:*'; in your developer console and refresh the page.

Example:
{
debug: true
}
skipDomainVerificationbooleanWhether or not to skip the domain verification step. Default: false.

Note: This will only be honored if the signature request was created with test_mode=1.

Example:
{
skipDomainVerification: true
}
timeoutnumberHow long (in milliseconds) to wait for the HelloSign app to initialize before aborting. Default: 30000 (30 seconds).

Example:
{
timeout: 10000
}
containerHTMLElementBy default HelloSign Embedded will be opened in a modal, but by specifying container you can choose a DOM element on the page in which the iFrame will be embedded.

Example:
{
container: document.getElementById('sign-here')
}

Additional Notes

App Approval

In order to ensure that integrations adhere to eSignature regulations and best practices, an app approval is needed prior to moving into production for all customers implementing embedded signing, embedded requesting, embedded templates, and OAuth workflows.

Important

You will still be able to use your app in test mode until it gets approved. Only live/production activity requires approval.

Please refer to the App Approval Section for more detailed information about getting your app approved.

Domain Restriction

When the iFrame is loaded, it will verify the domain of the parent window and ensure it matches the domain name of the API app specified by the client ID. If the domain does not match, the page won't be loaded.

You can disable domain restriction for easier development:

Copy
Copied
client.open(signUrl, {
  // ...
  skipDomainVerification: true
});
This will allow you to use HelloSign Embedded on development domains, like localhost. See the documentation for HelloSign Embedded's open() method in the section above.

HTTPS Required

The host page must be served over HTTPS. The HelloSign iFrame is also loaded over HTTPS, and due to browser security restrictions it will not be able to communicate with the parent window if it is not HTTPS. This communication is required to enable features such as iFrame callbacks and closing the iFrame.

To make development easier, the page will still load if the parent window is served over HTTP, however an alert will be displayed to notify you of this requirement. Switch to HTTPS to prevent this alert from being displayed.

Redirection

If a redirect url is specified, the iFrame will redirect users to it after they send the document(s). Data from the sign event will be appended to the url query string.

Signature Links

Signature URLs are only valid for 60 minutes after /embedded/sign_url has been called and expire as soon as they're accessed.

It is best practice to wait until your signer hits the page before generating the sign_url so the link doesn't expire before the signer is ready. However, since the signature_id itself does not expire, a fresh sign_url can always be generated.

Text Tags

The embedded functionality can be used in conjunction with HelloSign Text Tags.

Client Side Events

There are a number of events that the HelloSign Embedded client may emit. To listen to these events, pass the event name and a callback function to on(). An string enumeration of available events can also be found under HelloSign.events.
Copy
Copied
client.on('sign', (data) => {
  console.log('The document has been signed!');
  console.log('Signature ID: ' + data.signatureId);
});

Here are a list of possible events:

EventDescriptionData
createTemplateEmitted when the user creates the signature request template.
{
templateId,
templateInfo {
title,
message,
signerRoles,
ccRoles
}
}
openEmitted when the HelloSign Embedded window has opened.
{
url,
iFrameUrl
}
cancelEmitted when the template was canceled by the user by either pressing the close button or selecting "close" from the dropdown list.
finishEmitted when the user has finished the embedded template flow without cancelling.
messageEmitted when HelloSign Embedded has received a cross-origin window message from the HelloSign app.
{
type,
payload
}
closeEmitted when the HelloSign Embedded window has closed.
errorEmitted when the HelloSign app encounters an error.
{
signatureId,
code
}