Authorization
BoldSign
Prerequisites
The BoldSign REST API authenticates each request using an API key. The key is passed in the X-API-KEY header on every call and is tied to the BoldSign account that generated it, so the calling integration acts with the permissions of that account.
Before creating a credential in Nexla, generate an API key from your BoldSign account. API access must be included in your BoldSign plan in order for the key generation option to be available.
Generate a BoldSign API Key
-
Sign in to your BoldSign account at https://app.boldsign.com.
-
In the left navigation pane, click the API menu item, and then select API Key.
-
Click the Generate API Key button to open the Generate API Key dialog.
-
Enter a descriptive name for the key (for example, "Nexla Integration") so that the key can be easily identified later.
-
Choose the environment for the key:
-
Live: Use a Live key to call BoldSign in production. Live calls operate on real documents, signers, and account data.
-
Sandbox: Use a Sandbox key while building and testing the integration. Sandbox keys execute against the BoldSign test environment and do not affect production data.
BoldSign allows up to four API keys per account, with no more than two keys in a single environment (Live or Sandbox). Plan the number of keys needed across environments before generating new ones.
-
-
Optionally, enable the Token Validity toggle, and select an expiration date. Setting an expiration date is a best practice for keys used by long-running integrations, because it forces a periodic rotation.
-
Click the Generate Token button. BoldSign displays the new API key value.
-
Copy the generated API key, and store it securely. This value grants access to your BoldSign account using your account's permissions, so it should be treated like a password.
BoldSign shows the full API key value only at the time of generation. Copy it immediately and store it in a secure secret manager — if the value is lost, a new key must be generated. Existing keys can be revoked at any time from the same API Key screen.
For complete information about API key generation and use, see the BoldSign API key documentation and the BoldSign authentication introduction.
The BoldSign API key grants access to your BoldSign account data, including signed and in-flight documents. Store it in a secure secret manager, never commit it to source control, and revoke and regenerate it immediately if you suspect it has been exposed.
Create a BoldSign Credential
- To create a new BoldSign credential, after selecting the data source/destination type, click the Add Credential tile to open the Add New Credential overlay.
Credential Name & Description
-
Enter a name for the credential in the Credential Name field and a short, meaningful description in the Credential Description field.
Resource descriptions are recommended but are not required. They should be used to provide information about the resource purpose, data freshness, etc. that can help the owner and other users efficiently understand and utilize the resource.
API Key
-
Enter your BoldSign API Key value in the API Key field. This is the key value generated from the API > API Key screen in your BoldSign account, and it is treated as a secret. Nexla passes this value in the
X-API-KEYheader on every call to the BoldSign API.Match the key's environment to the BoldSign environment you intend to integrate with. Use a Live key for production document workflows, and a Sandbox key while developing and testing the data flow.
Save the Credential
-
Once all of the relevant steps in the above sections have been completed, click the Save button at the bottom of the overlay to save the configured credential.
-
The newly added credential will now appear in a tile on the Authenticate screen during data source/destination creation and can be selected for use with a new data source or destination.