Create an access link to a contract

A contract access link is a convenient way to provide contract participants with immediate access to the contract. You can use contract access links as an alternative or in addition to the contract link that Oneflow sends to the contract participants via email or other means.



For security reasons, before providing contract access links to the participants required to sign the contract, make sure to set up a sign method that verifies the participant’s identity. You can choose from several secure e-signatures, such as BankID or SMS signing.

In this tutorial, you will learn how to create a contract access link using the Oneflow API.

Step 1. Obtain necessary information

To run the script described in this tutorial, you’ll need the following data:

x-oneflow-api-token You will only be able to run the script by using a valid API token. You can create an API token in the Oneflow web application. Find out more in the Authentication section.
Path parameter
CONTRACT_ID The unique ID of the contract you want to get. You can find the contract ID using the contracts endpoint.
PARTICIPANT_ID You can find a counterparty participant id under the participants object in the contract entity response returned when creating or getting a contract via the API.

Step 2. Run the code

Replace the values of the parameters in the following command with the actual data from your account and run it:

curl --request POST \
  --url \
  --header 'Accept: application/json' \
  --header 'x-oneflow-api-token: API_TOKEN' \
import requests

headers = {
    'Accept': "application/json",
    'x-oneflow-api-token': API_TOKEN

response ="", 


Expected response

This operation will return a contract access link for a specific participant in the following JSON format.

{'access_link': ''}



This link is active for 6 hours after its generation. This limitation is caused by the validity time of the access token for the Create an access link endpoint.

Response codes

200OKReturns the requested access link.
400Bad RequestInvalid format or content of the request. This can happen if the participant id is an owner side participant.
401UnauthorizedThe API token or the user email is invalid.
404Not FoundA required entity is missing. This can happen if the contract id is actually the id of a template or the participant id is not a participant of the contract.