Overview

What QSign is

QSign is a digital document e-signature platform. Users upload documents, place signature/initial/date fields, invite signers, and collect legally-valid signatures with a tamper-evident audit trail. It supports both an interactive web application and a white-label REST API so the signing capability can be embedded into other products.

Signing methods

QSign offers three levels of signing assurance; a deployment can enable any subset.

Method	What it is	Assurance	Requirements
e-Signature	Draw / type / upload a signature image, placed manually, by template (“Preset”), or auto-detected (“Automagic”). Sealed with a tamper-evident notarization.	Standard electronic signature with audit trail	None beyond the core stack
Aadhaar eSign	OTP-based signing tied to a government-verified Aadhaar identity, via the NSDL/Protean eSign gateway (India).	Identity-verified, IT-Act aligned	A Protean/NSDL eSign ASP account + credentials (India only)
DSC signing	PKI digital signature using an X.509 certificate (hardware token / PKCS#11), with RFC-3161 trusted timestamps.	Highest (cryptographic, non-repudiation)	A signing certificate; the cross-platform signing agent for token-based signing

All completed documents receive a platform tamper seal (a CMS signature over the final PDF) so any post-signing modification is detectable, plus an audit trail of every view/sign/decline action with timestamp, IP, and identity.

Core capabilities

Document upload (PDF; Office formats auto-converted via LibreOffice), templates, multi-document envelopes (one signing transaction over several documents).
Flexible field placement: manual, preset (template), and Automagic (anchor-text / DocuSign-style auto-placement).
Multi-party signing with ordering, email/SMS reminders, and a contact book.
Stamps & seals, signer photos, initials.
Full-text document search (Solr).
Role-based access (admins, users, reviewers) and team accounts.
White-label signing API with API keys, webhooks, usage metering, and a sandbox.
Optional AI document features (summaries / chat) via a configurable LLM provider.

Product surfaces

Signing web app — the end-user workspace (dashboard, upload, place fields, send, sign, track). Includes optional Google / Microsoft single sign-on.
Developer portal (/developers-v2) — self-service for API customers: keys (live + sandbox), usage, webhooks, an in-browser playground, and docs.
Super-admin console — platform operators manage accounts, plans, quotas, and suspensions.

Editions / what an on-prem client typically runs

The platform is feature-gated by plan, but for an on-prem deployment the relevant axes are which integrations you enable (see 05-configuration):

Core e-signing (always on): the web app + e-Signature + tamper seal + audit trail.
Aadhaar eSign (optional, India): requires Protean/NSDL ASP credentials.
DSC signing (optional): requires certificate(s) and, for token signing, the agent.
Billing (optional): Stripe/Razorpay — usually not needed for an on-prem, flat-licensed deployment; plan/quota objects can be provisioned directly.
AI features, SMS, cloud storage, SSO, error monitoring: all optional add-ons.

Glossary

Term	Meaning
Envelope	A bundle of documents signed in one transaction.
Tamper seal	A platform-applied CMS signature over the finalized PDF that makes any later change detectable.
Automagic	Automatic signature-field placement using anchor text or templates.
DSC	Digital Signature Certificate (PKI / X.509), often on a hardware token (PKCS#11).
Aadhaar eSign	India’s OTP-based signing tied to an Aadhaar identity via the NSDL/Protean gateway.
api_admin	A user account that owns white-label API credentials (lives in the Developer portal).
Opaque API key	A `qsk_live_…` / `qsk_test_…` bearer credential for the API; only its hash is stored.
ASP	Application Service Provider — your registered identity with the Aadhaar eSign gateway.