Skip to content
QSign QSign Docs

Roles & access

QSign uses role-based access control:

  • admin / user — the signing workspace (send, sign, manage documents).
  • reviewer — review/approve without full signing rights.
  • api_admin — owns API credentials and sees only the Developer portal.
  • super_admin — the platform operator console; no signing workspace.

Sensitive operator endpoints require the super_admin claim. API keys belong to the api_admin account; account-management calls use that user’s JWT, while the signing API itself uses the X-Api-Key header.