PPenpact
Open source · AGPL-3.0 · self-hostable

The e-signature API built to live inside your product.

The open-source e-signature engine you embed in your own product. Self-host the whole stack or use the managed cloud — with a typed SDK, AI field detection, a real audit trail, and no per-seat billing.

Get your API key → ★ Star on GitHub
sign.ts @penpact/sdk 
import { PenpactClient } from '@penpact/sdk';

const penpact = new PenpactClient({ apiKey: process.env.PENPACT_API_KEY! });

const envelope = await penpact.createEnvelope({
  documentName: 'Mutual NDA',
  signers: [{ name: 'Ada Lovelace', email: '[email protected]' }],
});

await penpact.uploadDocument(envelope.id, pdfBytes);
await penpact.placeFields(envelope.id, [
  { type: 'signature', signerId: envelope.signers[0].id,
    page: 1, x: 72, y: 620, width: 200, height: 40 },
]);

// Your signer gets a link, consents, and signs.
// You get back a sealed, PAdES-signed PDF.
await penpact.send(envelope.id);

From zero to a sent, sealed document — the whole flow, in one file.

The flow

Four calls. Then evidence.

  1. 01
    Create an envelope

    One call with the document name and signers.

  2. 02
    Upload & place fields

    Send a PDF, then place fields by coordinate, in the visual builder, or let AI propose them.

  3. 03
    Send

    Each signer gets a link, accepts the ESIGN disclosure, and signs — typed, drawn, or with a step-up code.

  4. 04
    Get a sealed PDF

    Penpact flattens the values, seals the PDF, and writes a Certificate of Completion.

Why developers pick it

Built like a developer tool, not a sales funnel.

A typed SDK, not a generated blob

A small, hand-written TypeScript client you can read in one sitting. No 200-method generated object model to learn — just the calls you need, fully typed.

AI field detection

Point Claude at the PDF and it proposes signature, date, and name fields. Review and send. Set ANTHROPIC_API_KEY to enable it when self-hosting.

Self-host in two minutes

docker compose up starts Postgres and the API and prints a working key. Every document stays on your own infrastructure, under AGPL-3.0.

Evidence built in

ESIGN consent, an append-only audit trail with IP and timestamps, a PAdES digital signature on the sealed PDF, and a SHA-256 Certificate of Completion.

No per-seat, no per-page

Usage-based on the managed cloud, free forever when you self-host. Signing is part of your product, not a per-envelope tax on every customer.

Embeddable signing

A hosted signing page and a drop-in, themeable React <Sign/> component. Your users sign inside your product, under your brand.

Read the source. Run it yourself.

The core engine is on GitHub under AGPL-3.0. Self-host for free, or use the managed cloud when you would rather not run the infrastructure.

Get your API key → github.com/penpact/penpact

Early development (v0.1.0). The API is not stable yet and the consent text is pending a lawyer's review. We would rather say that plainly.