26.0.0 API Changelog
Breaking changes
Document
Added the
submittedFilesproperty to documents. These serve as field-driven, immutable attachments.In the sharing flow, the annotation signature fields now support a new subtype:
annotation_submitted_file. When specified, it requires the recipient to submit a file attachment.The share right
uploadAttachmenthas been replaced byuploadFiles.The endpoint
POST /share/upload/attachmenthas been replaced byPOST /share/upload/submittedFileand theattachmentsproperties in several share endpoints were replaced bysubmittedFiles. When the recipient has theuploadFilesshare right, it can be used for document-level (non-field-bound) file uploads.
In document properties
fileandpdfFile, the field_content_typewas renamed tomimetype, and the fieldsdescriptionandfileTypewere removed.
Settings
The endpoint
PUT /settings/propertyhas been renamed toPUT /settings/propertiesand its schema has been updated.
Share
The endpoint
PUT /share/{shareId}/recipienthas been removed and its functionality was transferred to the bulk endpointPUT /share.
Non-breaking changes
Documents
Added a new array field
customFieldsto the document model. Custom fields allow enriching the document with external data that is not part of the standard metadata definition. During the sharing flow, the creator can place imported fields in the UI based on the custom fields attached to the document.Added possibility to use new provider for signatures and sealing (
datasure). You can now specify it inPUT /documents/seal/{version}endpoint.
Settings
Added Collabora as a newly supported WOPI client. If configured on our side, it can be enabled via a new settings property
wopiClient(configurable per organization by the organization administrator). Supported values aremicrosoftandcollabora.Added a new settings property
disabledLanguages(configurable per organization by the organization administrator). Specified languages will be filtered out in the frontend UI.The settings response now explicitly returns a boolean property
isLlmEnabledto indicate whether the AI is enabled.
Share
The
signatureFieldsarray now supports a new propertyreadOnly. If set totrue, the predefined text property cannot be rewritten, and the document will always be annotated with its predefined value.
Two step sign
Version 26.0.0 introduces a brand-new two-step signing flow to support ICA Qualified Electronic Signatures using hardware-backed private keys — i.e. a USB dongle (PC) or NFC smart card (mobile). Because the private key never leaves the hardware device, the backend cannot sign directly. Instead, the flow is split into two phases:
Start — backend prepares the document (applies visual signatures, annotations, images) and returns either a digest (hash to be signed) or a prepared file, along with a session token.
Finish — the client submits back the hardware-signed output (signed digest or signed file), and the backend embeds it into the document and finalises the signing.
All four endpoints below are new in 26.0.0 — they did not exist in 25.3.0.
User certificates
Property certificates was added to user object. Its used to manage personal qualified certificates that are used for two step signing.
POST /users/{id}/certificate- upload new certificateDELETE /users/{id}/certificate/{certificate}- delete existing certificate
Start sign
POST /documents/sign/{version}/start/digest
Prepares a document for qualified signing via digest (hash) signing. The backend annotates the document with all visual elements and returns a SHA digest per file that must be signed by the client using the hardware key (NFC).
POST /documents/sign/{version}/start/file
Prepares a document for qualified signing via full-file signing. The backend returns the full prepared file (as a hash reference) which the client must sign in its entirety using the hardware key (USB).
Example :
POST /documents/sign/5/start/digest
{
"certificateHash": "hxgjc03ktav4ma5ifjb9wcrnaobi6yfnltflyewp3ac7a6smom8339e5rhn0q8yd",
"signatureProvider": "internalNfc",
"id": "86d0b371-3db1-4d68-8b54-c7b9c452e2a2",
"digestAlgorithm": "SHA-512",
"signatures": [
{
"comment": "",
"position": {
"percentHeight": 0.1,
"percentWidth": 0.1,
"percentX": 0.5360005040322581,
"percentY": 0.032483143054172076
},
"pages": [
1
],
"blob": "71kj5vos8q4uci8fdy394kkfaqnijlsx74l2jhpekjx8bmss67waq346j3ass440",
"decorationType": "empty",
"type": "signature",
"timestamp": false
}
]
}Response:
{
"files": [
{
"digest": "1618417FA75B3F29D3899D4727D81DB6EFE805EAC5795E1FE98AB3DB8A94BCD3F15172762CC8375B40B56B967A8A47464E3425C46700EC6757A3B2C918844DFC",
"preparedFile": "djkvosq9equzxjq34hdda0tl1tgemnseitrl1s3op2potjailbev4yv3vdzaqjz9"
}
],
"sessionId": "f38d20305ac6fcbb4eb256033380e79c24e83d85ff5b235a1a15e5ff74844f741d0b117c78d8f6ac0af741b483556f37431f380807aa6e2d99c0b37dba3ca7b2be9125ed833ae826906043d4753599d5d79d61542b334e2c1818f903841bd5132889bae188edb39b6ddd6f0d413ffbe80ccac6cf8e1d063ee1458d7085df98d6e37c3160aff12ca12fb677b40fa17a7f4edb289cfba129e21e5a279a60189e4ffe97872787e2121a31cf9ed348378bafca4541f3a32ea50c7412611a79d10e4b544bfd135808b06fb6a124946cd1762f",
"sessionExpiration": "2026-03-23T12:42:25.886Z"
}Finish sign
PUT /documents/sign/finish/digest
Finalises the digest signing session. The client submits the hardware-signed digests back to the backend, which then embeds them into the prepared document and marks it as signed.
PUT /documents/sign/finish/file
Finalises the full-file signing session. The client submits the hardware-signed file(s) back to the backend.
Example:
PUT /documents/sign/finish/digest
{
"sessionId": "f38d20305ac6fcbb4eb256033380e79c24e83d85ff5b235a1a15e5ff74844f741d0b117c78d8f6ac0af741b483556f37431f380807aa6e2d99c0b37dba3ca7b2be9125ed833ae826906043d4753599d5d79d61542b334e2c1818f903841bd5132889bae188edb39b6ddd6f0d413ffbe80ccac6cf8e1d063ee1458d7085df98d6e37c3160aff12ca12fb677b40fa17a7f4edb289cfba129e21e5a279a60189e4ffe97872787e2121a31cf9ed348378bafca4541f3a32ea50c7412611a79d10e4b544bfd135808b06fb6a124946cd1762f",
"signedDigests": [
{
"originalDigest": "1618417FA75B3F29D3899D4727D81DB6EFE805EAC5795E1FE98AB3DB8A94BCD3F15172762CC8375B40B56B967A8A47464E3425C46700EC6757A3B2C918844DFC",
"signedDigest": "992BE0BC7C21B4A2C32A8C961E1ED147850F81113B4781B6C8725264AEC18B042110880CE8E1DBDDADA6414F043568D816C5CFF9C4081E5CF4042ED68B089AF2BBA79CC44B8BF4C1073AD185DB7E96451BF77AF16DE09ED9C8FBA0E21934FF2534302B131FD87E1C32C0F3DAB0D2819808B54A779EF11703DD05BA7AC882090392F6349ABDD649FC1113A8F7684A33746DCDDF6BD51FFE4A3D0E63962AF417A5C4E92D440EBAFA0FCDC84A52ABC47B163F5B3CB608FAC3E951A110B9191EE3E649FC17ECC4ED5B6E1F26FD493E4E77BAA1235EEDDEB4399E17129BF04C240D1427E766CC001D13A9A9B8161E7407C98151E034A29161A50CF4F1F76554AF1362"
}
]
}Two step signature provider values
internalUsb- ICA qualified sign via USB hardware dongle (PC)internalNfc- ICA qualified sign via NFC smart card (mobile)
These providers are only valid for the two-step endpoints. The existing
POST /documents/sign/{version}endpoint still uses the original providers.
Complete Two-Step Sign Flow
Client (HW key: USB/NFC) Backend
│ │
│ POST /documents/sign/{v}/start/digest │
│ { id, signatureProvider: "internalUsb" │
│ signatures, digestAlgorithm } │
│ ──────────────────────────────────────────> │
│ │ Annotate doc
│ │ Prepare PDF
│ │ Compute digest
│ { sessionId, sessionExpiration, │
│ files: [{ digest, preparedFile }] } │
│ <──────────────────────────────────────── │
│ │
│ [Client signs `digest` with HW key] │
│ │
│ PUT /documents/sign/finish/digest │
│ { sessionId, │
│ signedDigests: [{ │
│ originalDigest, signedDigest }] } │
│ ────────────────────────────────────────> │
│ │ Embed signature
│ │ Mark as signed
│ { status: "ok" } │
│ <──────────────────────────────────────── │
The /start/file + /finish/file flow is identical, replacing the digest pair with full file hashes.