Skip to main content
You can combine multiple authentication methods in a single ceremony. Recipients must complete each method in sequence before accessing the ceremony.

Rules

Not all combinations are valid. The table below shows which methods can appear at each position.
MethodFirst stepSecond step and beyond
Email LinkYesNo
Email CodeYesYes
CustomYesNo
Additional constraints:
  • A ceremony supports a maximum of 5 authentication methods.
  • email_link and custom can each only be used as the first step.
  • email_link and custom cannot be combined together.
  • You cannot use the same authentication method more than once in a ceremony.

Common combinations

Custom + Email Code

Your application authenticates the recipient first. SignatureAPI then independently verifies the recipient’s identity by sending a code to their email. Use this combination when you want to authenticate recipients in your own system and also require a second factor that SignatureAPI controls. 
// POST https://api.signatureapi.com/v1/recipients/{recipient_id}/ceremonies
// X-API-Key: key_test_...
// Content-Type: application/json

{
  "authentication": [
    {
      "type": "custom",
      "provider": "SuperApp",
      "data": {
        "Session ID": "a4f9e8b2-7c1d-4b2d-9a4b-e0c5d6f7a1b3",
        "Authenticated At": "2026-01-15T10:30:00Z"
      }
    },
    {
      "type": "email_code"
    }
  ]
}
Recipient experience:
1

Authentication in your app

The recipient authenticates in your system (custom authentication).
2

Access the ceremony

You direct the recipient to the ceremony URL or embed the ceremony in your app.
3

Email verification

SignatureAPI prompts for additional email verification.
4

Code entry

The recipient enters the 9-digit code from their email.
5

Signing

The recipient proceeds to sign documents.
SignatureAPI sends the invitation email automatically. When the recipient opens the ceremony, they must also enter an email verification code. Use this combination when you want SignatureAPI to handle delivery but also need a second verification step inside the ceremony, for example to meet compliance requirements. 
// POST https://api.signatureapi.com/v1/recipients/{recipient_id}/ceremonies
// X-API-Key: key_test_...
// Content-Type: application/json

{
  "authentication": [
    {
      "type": "email_link"
    },
    {
      "type": "email_code"
    }
  ]
}
Recipient experience:
1

Email link

The recipient clicks the ceremony link in the email sent by SignatureAPI.
2

Email verification

SignatureAPI prompts for a second verification step.
3

Code entry

The recipient enters the 9-digit code from their email.
4

Signing

The recipient proceeds to sign documents.