sigillo

Docs

Documentation

sigillo seals PDFs with legal validity via the Swiss signature partner SwissTrustLayer — as a timestamp or a qualified electronic signature (QES). Three access methods share the same logic and the same credit accounting.

1. Authentication

Every call uses a bearer token from the dashboard:

Authorization: Bearer sig_xxxxxxxx…

Tokens carry scopes — seal:write includes seal:read:

seal:readRead status, download, balance
seal:writeSeal PDFs (costs credits)
billing:manageBuy credits
account:manageToken management (web login only, not grantable to API tokens)

2. Seal a PDF (REST)

Timestamp, synchronous — the sealed PDF comes straight back:

curl -X POST https://sigillo.ch/api/v1/seal/timestamp \
  -H "Authorization: Bearer sig_…" \
  -F pdf=@vertrag.pdf \
  -F signer_name=Daniel -F signer_surname=Schlager \
  --output sealed.pdf

QES (on_demand/mab) is asynchronous: a 201 with a request_id, then poll the status until it is completed, and download.

→ REST reference

3. From an AI agent (MCP)

sigillo is a hosted MCP server with four tools: seal_pdf, seal_status, seal_download, seal_balance.

→ MCP guide