Most signing flows break the user experience at the worst possible moment. Your customer is mid-onboarding, ready to commit, and suddenly they're redirected to a third-party portal, asked to create an account, and waiting for an email. That redirect kills conversion. Embedded signing solves this — and with GoodSign's iframe signing feature, you can keep the entire signing experience inside your own product without a per-seat subscription eating into your margins.
Here's exactly how it works.
Redirecting users out of your app to sign a document introduces friction, uncertainty, and drop-off. Embedded signing eliminates that context switch. The signer never leaves your interface, your brand stays consistent, and the transaction feels native to your product rather than bolted on.
For product teams at SaaS companies, agencies, or platforms serving small and medium businesses, this matters more than it sounds. A seamless signing moment — especially for contracts, onboarding agreements, or service terms — builds trust. With 65.3% of documents signed within 24 hours, the bottleneck usually isn't willingness to sign. It's friction in the path.
Removing that friction is the whole point.
GoodSign's embed electronic signature flow is built on a straightforward REST API. The core pattern is: create an envelope, generate a signing token, render the iframe. That's the entire sequence.
When you create an envelope via the API, you define the document, the signers, and the field placements. The API returns an envelope ID. You then make a second call to request a signing URL for a specific signer — this is where token authentication comes in.
Each signing URL contains a short-lived, scoped token tied to that signer and that envelope. This means:
Pass that URL as the src attribute of an iframe in your frontend, and the signing UI renders inline. Your user signs without ever navigating away.
The iframe renders, the user signs — now what? This is where webhook events become essential. GoodSign fires two key events you need to handle:
signer_complete — fires when an individual signer finishes their portiondocument_complete — fires when all required signers have signed and the envelope is fully executedWire signer_complete to advance your UI state in real time. If you're building a multi-step onboarding flow, for example, this event lets you automatically move the user to the next step the moment their signature is captured — no polling, no page refresh.
Wire document_complete to trigger your downstream logic: provisioning an account, releasing a deliverable, notifying a team member, storing the signed PDF. Webhooks are how your backend stays in sync with what's happening in the signing UI without building fragile polling loops.
Configure your webhook endpoint in the GoodSign dashboard, verify the event payload, and you have a fully event-driven signing integration.
The practical implementation splits cleanly across three layers.
Backend: Your server handles all API calls to GoodSign — creating envelopes, requesting signing tokens, receiving webhook events. Keep your API credentials server-side. Never expose them to the client.
Frontend: Your client receives the signing URL from your backend and mounts it in an iframe. Listen for postMessage events from the iframe to detect signing progress and update your UI accordingly. The signer stays in your product, sees your navigation, your header, your context.
Data layer: On document_complete, store the envelope ID and pull the signed document via the API for your records or to surface it back to the user.
The beauty of this architecture is that GoodSign handles the signing UI, signature validation, audit trail, and PDF generation — your team handles the experience around it. That's the right division of responsibility.
The esignature API embed pattern is particularly powerful for workflows where signing is one step in a longer sequence, not a standalone task. Think: a client portal where a freelancer sends a project agreement and the client signs before work begins. Or a lending platform where a borrower reviews terms inline before submitting. Or an HR tool that collects an employment agreement during onboarding.
In each case, **the signing moment
All rights reserved © GoodSign Limited 2026
2 Stuart St, Ponsonby, Auckland 1011, New Zealand..