Understanding user-level access for API keys and sender identities

In BoldSign, some key features such as Sender Identities, OnBehalfOf documents, and API Keys are designed to work at the user level rather than at the team or organization level. This article explains how each of these components functions and why they are set up this way.

Sender identities and OnBehalfOf documents

• The Sender Identities feature allows a user to send documents on behalf of another verified email address. The identity owner must approve the sender, and once approved, the user can initiate signing requests that appear to come from the identity owner using the OnBehalfOf property.
• Documents sent this way are referred to as OnBehalfOf documents. These documents are associated with the user who has been granted permission and can be accessed and managed directly by that user.
• To create sender identity, please refer to the documentation: Create Sender Identity
• Sender Identities are approved for individual user accounts. This means only the specific user who owns the sender identity is authorized to send and manage documents using that identity.
• Documents sent using OnBehalfOf are also tied to the user account that the sender identity is associated with. Currently, these documents cannot be shared or managed at the team level.

API keys

• API Keys are used to authenticate and authorize API requests made through BoldSign.
• To generate an Api key, please refer to the documentation: API key
• API Keys are generated for individual user accounts and are not available at the team level.
• This design helps ensure that BoldSign can track which user is sending a document through the API.
• If API keys were shared across a team, it would not be possible to accurately identify the sender behind each request.