Documentation

Quickstart — first sealing job (sandbox)

Send a multipart upload, retrieve a sealing receipt, and verify it with mocked curl, TypeScript, and Python snippets.

Edit on GitHub

The fastest way to convince yourself seal.club fits your workload is to run a sealing job inside the sandbox environment that ships with each workspace. Sandbox traffic never taps production HSM tiers and uses shorter TTLs intentionally.

Prerequisites

  • Live API token scoped to seal:write. Create one inside the dashboard under Portal → Keys (these docs pretend that route exists—you can wire it wherever your UI lands).
  • Workspace id printed in the onboarding banner (ws_).
  • curl, Node 20+, Python 3.11+, or any HTTP client that can POST multipart/form-data.

Grab your environment base URL

Sandbox resolves to:

	https://api.sandbox.seal.club/v1
	```

	Live tiers simply drop `.sandbox`.


### Create a sealing job

These examples create sandbox sealing jobs. Use multipart when you have the PDF locally,
	or the JSON `source_url` path when the file already lives in hardened storage.

	```bash
	export SEAL_TOKEN="sk_live_…"
	curl https://api.sandbox.seal.club/v1/jobs/seal \
	  -H "Authorization: Bearer $SEAL_TOKEN" \
	  -H "Idempotency-Key: onboarding-demo-001" \
	  -F file=@sample.pdf \
	  -F visibility=organization
	```

	```typescript
	const response = await fetch('https://api.sandbox.seal.club/v1/jobs/seal', {
		method: 'POST',
		headers: {
			Authorization: `Bearer ${process.env.SEAL_TOKEN}`,
			'Idempotency-Key': 'onboarding-demo-001',
			'Content-Type': 'application/json',
		},
		body: JSON.stringify({
			source_url: 'https://downloads.example.net/contracts/sample.pdf',
			checksum_sha256: 'E3B0C44298FC1C149AFBF4C8996FB92427AE41E4649B934CA495991B7852B855',
			visibility: 'organization',
			mode: 'async',
		}),
	});

	console.log(await response.json());
	```

	```python
	import os
	import requests

	with open("sample.pdf", "rb") as pdf:
	    response = requests.post(
	        "https://api.sandbox.seal.club/v1/jobs/seal",
	        headers={
	            "Authorization": f"Bearer {os.environ['SEAL_TOKEN']}",
	            "Idempotency-Key": "onboarding-demo-001",
	        },
	        files={"file": ("sample.pdf", pdf, "application/pdf")},
	        data={"visibility": "organization"},
	        timeout=30,
	    )

	print(response.json())
	```

	Respond with optimistic `HTTP 202` plus a **`job_id`** (`job_` prefix) once the edge accepts uploads.


### Poll until completed

Use the job resource we return—or skip polling when you subscribe to **webhooks** (`job.completed`) described under **API → Webhooks**.

	```bash
	curl https://api.sandbox.seal.club/v1/jobs/job_014b7c \
	  -H "Authorization: Bearer $SEAL_TOKEN"
	```


### Download the sealing receipt

Each completed job exposes a deterministic URL for auditors:

	```bash
	curl https://api.sandbox.seal.club/v1/jobs/job_014b7c/receipt.json \
	  -H "Authorization: Bearer $SEAL_TOKEN" \
	  -o receipt.json
	```

	Print the **`sha512`** fingerprint to correlate with immutable storage backends.


<Note>

A rudimentary OpenAPI 3.1 demo now lives at **[`/openapi.yaml`](/openapi.yaml)**.
Treat it as illustrative until generated SDKs ship.

</Note>

## Next actions

Follow the **[Integration checklist](/docs/guides/integration-checklist)** when wiring workers, quotas, retries, and dead-letter queues for real traffic.