> ## Documentation Index
> Fetch the complete documentation index at: https://docs.invopop.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Sign agreement mandate

> Stamp the signer's signature onto the mandate and store the result as the signed agreement.

Stamps the signer's signature onto the generated mandate PDF and stores the result as the entry's signed agreement. Satisfies the `sign` step on the approval flow.

Two modes:

* **Drawn**: pass a PNG or JPEG image in `signature` (≤ 4 MB). The image is inked onto the signature box.
* **Typed**: omit `signature`. The signer's name is rendered as a typed signature.

The silo entry must have signer fields set (given name, surname, and identity number) before calling. Use together with `POST /identity`, then call `POST /confirm` to finalise.


## OpenAPI

````yaml POST /apps/gov-fr/v1/entry/{silo_entry_id}/sign
openapi: 3.1.0
info:
  contact:
    email: dev@invopop.com
    name: Invopop Developers
  description: >-
    Set of end-points for the France app, including lookups against the PPF
    Annuaire (French e-invoicing directory).
  license:
    name: Apache 2.0
    url: http://www.apache.org/licenses/LICENSE-2.0.html
  title: France Service API
  version: 0.1.0
servers:
  - description: production
    url: https://api.invopop.com
security:
  - InvopopAuth: []
paths:
  /apps/gov-fr/v1/entry/{silo_entry_id}/sign:
    post:
      summary: Sign the agreement mandate
      description: |-
        Stamps the signer's signature onto the generated mandate PDF
        and stores the result as the entry's signed agreement. Satisfies
        the `sign` step on the approval flow.

        Two modes:

        - **Drawn**: pass a PNG or JPEG image (≤ 4 MB) in `signature`.
          The image is inked onto the signature box.
        - **Typed**: omit `signature` or send an empty value. The
          signer's name is rendered as a typed signature.

        Requires the silo entry to have signer fields set (given name,
        surname, and identity number) before calling. Use together with
        `POST /identity`, then call `POST /confirm` to finalise.
      operationId: signEntry
      parameters:
        - $ref: '#/components/parameters/SiloEntryID'
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/SignatureSubmit'
      responses:
        '204':
          description: Signature stamped and stored as the signed agreement.
        '400':
          $ref: '#/components/responses/BadRequest'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '403':
          $ref: '#/components/responses/Forbidden'
        '404':
          $ref: '#/components/responses/NotFound'
        '422':
          $ref: '#/components/responses/UnprocessableEntity'
        '500':
          $ref: '#/components/responses/InternalServerError'
components:
  parameters:
    SiloEntryID:
      name: silo_entry_id
      in: path
      required: true
      description: ID of the `org.Party` silo entry being onboarded.
      schema:
        type: string
        example: 5b45453c-cdd0-11ed-afa1-0242ac120002
  schemas:
    SignatureSubmit:
      type: object
      properties:
        signature:
          type: string
          format: byte
          description: |-
            Base64-encoded PNG or JPEG image of the drawn signature,
            maximum 4 MB. Omit or leave empty to render the signer's
            name as a typed signature.
    Error:
      type: object
      required:
        - error
      properties:
        error:
          type: string
          description: Human-readable description of the error.
          example: missing siren parameter
  responses:
    BadRequest:
      description: The request is malformed or missing required parameters.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: missing siren parameter
    Unauthorized:
      description: Missing or invalid authentication token.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: missing enrollment
    Forbidden:
      description: |-
        The directory API is only available to live workspaces. Calls made
        with a sandbox enrollment are rejected.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: directory API is only available for live workspaces
    NotFound:
      description: The referenced silo entry or party could not be found.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: silo entry not found
    UnprocessableEntity:
      description: |-
        The request is well-formed but cannot be processed — for example
        the agreement PDF cannot be generated because the draft party is
        incomplete, or the uploaded signature failed validation.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: draft party is missing signer details
    InternalServerError:
      description: An unexpected server-side error occurred.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
          example:
            error: internal server error
  securitySchemes:
    InvopopAuth:
      type: http
      scheme: bearer
      bearerFormat: JWT
      description: |-
        Authenticate using a valid Invopop enrollment token in the `Bearer`
        scheme.

        Example: `Authorization: Bearer <token>`

````