> ## Documentation Index
> Fetch the complete documentation index at: https://docs.firma.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Retrieve Signer Signature Image

> Retrieve a signer's adopted signature as a base64 PNG data URI, separate from the signed PDF. A signer adopts one signature applied to all their signature fields, so no field_id is needed. Drawn signatures return the captured image; typed signatures are rendered to PNG server-side. The `image` is a `data:image/png;base64,...` URI usable directly in an `<img src>`. By default a signer-ID frame is overlaid (`include_frame=false` to omit). Every successful retrieval is audit-logged. Rate limited to 60/min. Legal validity rests on the sealed PDF and completion certificate, not this image.



## OpenAPI

````yaml api-reference/v01.30.00/openapi-v01.30.00.json get /signing-requests/{id}/signers/{signer_id}/signature
openapi: 3.0.3
info:
  title: Firma Partner API
  description: >-
    RESTful API for document signing and template management.


    **Authentication**: All endpoints require API key authentication via the
    `Authorization` header. Use your API key directly without any prefix (e.g.,
    `your-api-key`). The Bearer prefix is optional but not required.


    **Security Features**:

    - Input validation using Zod schemas with detailed field-level error
    messages

    - RSA-256 signed JWT tokens for embedded template access


    **Rate Limiting**: Rate limits are tiered based on operation type:

    - Read operations (GET): 200 requests per minute

    - Write operations (POST/PUT/PATCH/DELETE): 120 requests per minute

    - Webhook CRUD operations: 60 requests per minute

    - Webhook test: 10 requests per minute

    - API key regeneration/expiration: 1 request per minute

    - Webhook secret rotation: 1 request per minute


    When rate limits are exceeded, the API returns a `429 Too Many Requests`
    response with headers:

    - `X-RateLimit-Limit`: Maximum requests per minute for this endpoint

    - `X-RateLimit-Remaining`: Requests remaining in current window

    - `X-RateLimit-Reset`: Unix timestamp when limit resets

    - `Retry-After`: Seconds until retry is allowed


    **Error Handling**: All errors return structured JSON responses with `error`
    (human-readable message), `code` (machine-readable identifier), and
    `details` (field-level validation errors when applicable).


    **Embedded Template Integration**: The Firma Template Editor can be embedded
    in your application using a standalone JavaScript library.


    ```html

    <!-- Load the Firma Template Editor library -->

    <script
    src="https://api.firma.dev/functions/v1/embed-proxy/template-editor.js"></script>


    <script>

    // Generate JWT token via API first

    fetch('https://api.firma.dev/functions/v1/signing-request-api/generate-template-token',
    {
      method: 'POST',
      headers: {
        'Authorization': 'YOUR_API_KEY',
        'Content-Type': 'application/json'
      },
      body: JSON.stringify({
        companies_workspaces_templates_id: 'template-id'
      })
    })

    .then(res => res.json())

    .then(data => {
      // Initialize editor with JWT token
      window.FirmaTemplateEditor.init({
        container: '#firma-editor-container',
        jwt: data.token,
        templateId: 'template-id',
        theme: 'dark',
        readOnly: false,
        onSave: (savedData) => {
          console.log('Template saved:', savedData);
        },
        onError: (error) => {
          console.error('Editor error:', error);
        },
        onLoad: (template) => {
          console.log('Template loaded:', template);
        }
      });
    });

    ```
  version: 01.30.00
  contact:
    name: API Support
    url: https://firma.com/support
servers:
  - url: https://api.firma.dev/functions/v1/signing-request-api
    description: Production API - Recommended (Current)
  - url: https://api.firma.dev/api/v1
    description: Production API - Planned
security:
  - ApiKeyAuth: []
tags:
  - name: Company
    description: Company information and settings
  - name: Workspaces
    description: Workspace management operations
  - name: Templates
    description: Template management operations
  - name: Signing Requests
    description: Document signing request operations
  - name: Custom Fields
    description: >-
      Custom field definition management for workspaces, templates, and signing
      requests
  - name: Webhooks
    description: Webhook configuration and management
  - name: JWT Management
    description: JWT token generation and revocation for embedded templates
  - name: Workspace Settings
    description: Workspace configuration and settings
  - name: Email Domains
    description: >-
      Email domain setup and verification for sending signing request emails
      from custom domains
  - name: Email Templates
    description: >-
      Email template management for workspace and company-level customization of
      signing request notifications
  - name: Signer Terms
    description: >-
      Custom signer terms-of-service / consent statements, company-level with
      per-language workspace overrides
paths:
  /signing-requests/{id}/signers/{signer_id}/signature:
    get:
      tags:
        - Signing Requests
      summary: Retrieve Signer Signature Image
      description: >-
        Retrieve a signer's adopted signature as a base64 PNG data URI, separate
        from the signed PDF. A signer adopts one signature applied to all their
        signature fields, so no field_id is needed. Drawn signatures return the
        captured image; typed signatures are rendered to PNG server-side. The
        `image` is a `data:image/png;base64,...` URI usable directly in an `<img
        src>`. By default a signer-ID frame is overlaid (`include_frame=false`
        to omit). Every successful retrieval is audit-logged. Rate limited to
        60/min. Legal validity rests on the sealed PDF and completion
        certificate, not this image.
      operationId: retrieveSignerSignature
      parameters:
        - name: id
          in: path
          required: true
          schema:
            type: string
            format: uuid
          description: Signing request ID
        - name: signer_id
          in: path
          required: true
          description: Signer (recipient) ID — the recipient_id from GET /fields
          schema:
            type: string
            format: uuid
        - name: include_frame
          in: query
          required: false
          description: >-
            Overlay the signer-ID frame on the image (default true). Set to
            false for the bare mark.
          schema:
            type: boolean
            default: true
      responses:
        '200':
          description: The signer's mark as a base64 PNG data URI.
          content:
            application/json:
              schema:
                type: object
                properties:
                  signer_id:
                    type: string
                    format: uuid
                  kind:
                    type: string
                    enum:
                      - signature
                      - initials
                      - stamp
                  format:
                    type: string
                    example: png
                  framed:
                    type: boolean
                    description: Whether the signer-ID frame was overlaid.
                  image:
                    type: string
                    description: PNG as a data URI.
                    example: data:image/png;base64,iVBORw0KGgo...
        '401':
          description: Missing or invalid API key.
          content:
            application/json:
              schema:
                type: object
                properties:
                  error:
                    type: string
                  code:
                    type: string
        '404':
          description: >-
            Signing request/signer/field not found or not in your workspace
            (NOT_FOUND), or no mark captured (SIGNATURE_NOT_AVAILABLE).
          content:
            application/json:
              schema:
                type: object
                properties:
                  error:
                    type: string
                  code:
                    type: string
        '429':
          description: Rate limit exceeded (60/min for signature retrieval).
          content:
            application/json:
              schema:
                type: object
                properties:
                  error:
                    type: string
                  code:
                    type: string
        '500':
          description: >-
            Rendering failed (RENDER_FAILED) or the required access-audit write
            failed (AUDIT_WRITE_FAILED); no image is returned.
          content:
            application/json:
              schema:
                type: object
                properties:
                  error:
                    type: string
                  code:
                    type: string
      security:
        - ApiKeyAuth: []
      x-codeSamples:
        - lang: TypeScript
          label: '@firma-dev/sdk'
          source: >-
            import { FirmaClient } from "@firma-dev/sdk";


            const firma = new FirmaClient({ apiKey: "YOUR_API_KEY" });


            const response = await
            firma.signingRequests.retrieveSignerSignature({
                id: "id",
                signer_id: "signer_id"
            });

            console.log(response);
components:
  securitySchemes:
    ApiKeyAuth:
      type: apiKey
      in: header
      name: Authorization
      description: >-
        API key for authentication. Use your API key directly without any prefix
        (e.g., 'your-api-key'). Bearer prefix is optional but not required.

````