GetSignedBeta
Request beta
Developer Guide · Go

How to add e-signatures
in Go

Add legally binding e-signatures to a Go app in four steps using only the standard library: get a token, create an envelope with a multipart upload, send the signing link, and handle the completion webhook. Zero external dependencies.

Get free API keys →
1

Get a bearer token

Exchange your OAuth2 client credentials for a short-lived access token using Go's standard net/http package.

go
package main

import (
    "encoding/json"
    "net/http"
    "net/url"
    "os"
    "strings"
)

func getToken() string {
    resp, _ := http.PostForm(
        "https://api.getsigned.app/oauth/token",
        url.Values{
            "grant_type":    {"client_credentials"},
            "client_id":     {os.Getenv("GETSIGNED_CLIENT_ID")},
            "client_secret": {os.Getenv("GETSIGNED_CLIENT_SECRET")},
        },
    )
    defer resp.Body.Close()
    var result map[string]any
    json.NewDecoder(resp.Body).Decode(&result)
    return result["access_token"].(string)
}
2

Create an envelope

Upload the PDF and declare signers and fields with a multipart/form-data request using mime/multipart.

go
import (
    "bytes"
    "encoding/json"
    "mime/multipart"
    "os"
)

func createEnvelope(token string) string {
    pdf, _ := os.ReadFile("nda.pdf")

    var body bytes.Buffer
    w := multipart.NewWriter(&body)
    fw, _ := w.CreateFormFile("document", "nda.pdf")
    fw.Write(pdf)

    signers, _ := json.Marshal([]map[string]string{
        {"name": "Jamie", "email": "jamie@client.io"},
    })
    fields, _ := json.Marshal([]map[string]any{
        {"type": "signature", "page": 1, "x": 420, "y": 580},
    })
    w.WriteField("signers", string(signers))
    w.WriteField("fields", string(fields))
    w.Close()

    req, _ := http.NewRequest("POST",
        "https://api.getsigned.app/v1/envelopes", &body)
    req.Header.Set("Authorization", "Bearer "+token)
    req.Header.Set("Content-Type", w.FormDataContentType())

    client := &http.Client{}
    resp, _ := client.Do(req)
    defer resp.Body.Close()
    var result map[string]any
    json.NewDecoder(resp.Body).Decode(&result)
    return result["id"].(string) // "env_..."
}
3

Send for signing

Sending generates a tokenized, single-use link per signer and emails it. Signers verify identity with email/SMS OTP.

go
func sendEnvelope(token, envelopeID string) {
    req, _ := http.NewRequest("POST",
        "https://api.getsigned.app/v1/envelopes/"+envelopeID+"/send",
        nil,
    )
    req.Header.Set("Authorization", "Bearer "+token)
    client := &http.Client{}
    resp, _ := client.Do(req)
    resp.Body.Close()
}
4

Handle the completion webhook

When the last signer finishes, GetSigned POSTs envelope.completed to your endpoint. Verify the HMAC-SHA256 signature, then fetch the sealed PDF from /v1/envelopes/{id}/document.

go
import (
    "crypto/hmac"
    "crypto/sha256"
    "encoding/hex"
    "encoding/json"
    "io"
    "net/http"
    "os"
)

func webhookHandler(w http.ResponseWriter, r *http.Request) {
    raw, _ := io.ReadAll(r.Body) // raw bytes, before JSON parsing
    sig := r.Header.Get("X-GetSigned-Signature")

    mac := hmac.New(sha256.New, []byte(os.Getenv("GETSIGNED_WEBHOOK_SECRET")))
    mac.Write(raw)
    expected := hex.EncodeToString(mac.Sum(nil))
    if !hmac.Equal([]byte(sig), []byte(expected)) { // constant-time
        w.WriteHeader(http.StatusUnauthorized)
        return
    }

    var payload map[string]any
    json.Unmarshal(raw, &payload)

    if payload["event"] == "envelope.completed" {
        envelopeID := payload["envelope_id"].(string)
        // GET /v1/envelopes/{envelopeID}/document
        // -> sealed PDF; store it, update your DB, notify users
        _ = envelopeID
    }
    w.WriteHeader(http.StatusOK)
}

func main() {
    token := getToken()
    id := createEnvelope(token)
    sendEnvelope(token, id)
    http.HandleFunc("/webhooks/getsigned", webhookHandler)
    http.ListenAndServe(":8080", nil)
}

Frequently asked questions

How do I add e-signatures in Go?

Use Go's standard library — net/http, mime/multipart, and encoding/json — to call the GetSigned REST API: POST client credentials to /oauth/token for a bearer token, create an envelope with a multipart form upload of your PDF plus JSON-encoded signers and fields, send it to generate signing links, then handle the envelope.completed webhook with an http.HandleFunc to fetch the sealed PDF. No external SDK or dependency is required.

Do I need a Go SDK or third-party library?

No. GetSigned is a plain REST API. Go's standard library handles everything: net/http for requests, mime/multipart for file uploads, encoding/json for serialization. The full integration compiles with zero external dependencies.

How do I upload a PDF file in Go without a third-party library?

Use mime/multipart.NewWriter, call CreateFormFile to create the file field, write the PDF bytes into it, then WriteField for the JSON-encoded signers and fields strings. Set the request Content-Type to w.FormDataContentType() and the body to the multipart buffer. This is the standard Go pattern for multipart/form-data uploads.

Is there a free tier to build against?

Yes. The free Starter plan includes full REST API access, PKCS#7 sealing, OTP verification, and webhooks, with 5 envelopes per month — enough to build and test a complete Go integration.

Other stacks: Node.js guide · Python guide · PHP guide · Language-agnostic guide

Ship signing in your Go app today

Get free API keys →