Skip to main content

Overview

The Audit API provides immutable, cryptographically verifiable records of all UIP actions—identity verifications, signatures, and messages. Use task hashes to retrieve complete audit trails that meet legal requirements for digital signature verification and identity confirmation.

Permanent Records

Audit trails are stored permanently and never expire

Legally Admissible

Court-ready evidence that meets eIDAS and ESIGN Act requirements

Always Free

Unlimited audit queries at no additional cost

What You Get

Every audit record includes comprehensive information about the UIP action:

Action Details & Content

For Identify API:
  • Authentication timestamp
  • Verified identity information requested
  • User’s biometric authentication proof
  • Identity verification details
For Sign API (Quick Agreements):
  • Agreement text content (“I accept the TOS”, “I accept this job offer”, etc.)
  • Agreement title and intent
  • Instant signature confirmation
For Messaging API (Long-term Documents):
  • Message subject and body
  • Document attachment (base64-encoded PDF/file if included)
  • Can be signed with or without attachments
  • Available for signing up to 3 months
  • Exact signature timestamp (ISO 8601 format)
  • Request timestamp
  • Timezone information
  • Microsecond precision
  • Signer’s UIP ID
  • Government-verified full name
  • Biometric authentication proof
  • Identity verification level
  • Requester’s UIP ID
  • Organization information
  • API key identifier
  • Request timestamp
  • Digital signature value
  • Signature algorithm details
  • Cryptographic verification data
  • Tamper-evidence indicators
  • Complete document content stored as-is
  • Immutable record storage
  • Tamper-evident audit trail
  • Permanent cryptographic signature proof
UIP audit trails are designed to meet the highest standards for digital signature verification:

eIDAS Compliant

Meets European Union electronic identification and trust services regulation requirements

US ESIGN Act

Fully compliant with Electronic Signatures in Global and National Commerce Act

Tamper-Evident

Cryptographic guarantees detect any modification attempts

Independent Verification

Third parties can verify signature validity without UIP involvement

Long-Term Validity

Signatures remain verifiable indefinitely, even if signers lose access

Court-Admissible

Records formatted for legal proceedings and regulatory compliance

How Audit IDs Work

Every UIP action generates a unique audit ID that serves as an immutable reference to the complete transaction. This ID can be used indefinitely to retrieve the full audit trail.
1

User Completes Action

User authenticates via Identify API, signs agreement via Sign API, or signs message/document via Messaging API
2

Audit ID Generated

Unique audit ID created and returned in webhook response
3

Store Audit ID

Save the audit ID in your database for future audit lookups
4

Audit Available Forever

Use audit ID to retrieve full audit trail anytime—permanently available
Important: Always save audit IDs from webhooks. This is your permanent reference to retrieve audit records for authentications, signatures, and messages.

Getting Audit IDs

All three APIs—Identify, Sign, and Messaging—return an audit_id in their webhook payloads. Store this ID in your database for future audit lookups.

Common Use Cases

When parties dispute contract terms or signature validity, retrieve the audit record to prove:
  • Exact contract content at time of signing
  • Both parties signed the same document
  • Signatures are authentic and unaltered
  • Timing of signature events
When an employee claims they never signed certain documents:
  • Retrieve audit record showing their biometric signature
  • Prove government-verified identity match
  • Show exact timestamp of acknowledgment
  • Present cryptographic proof of signature
During regulatory audits, quickly provide:
  • All signatures for a specific time period
  • Proof of employee training completion
  • Policy acknowledgment records
  • Complete audit trails for review
When document authenticity is questioned:
  • Compare current document to signed version
  • Detect any modifications since signing
  • Verify signer identity claims
  • Prove document integrity

Best Practices

Always Save Audit IDs

Store audit IDs immediately when received in webhooks. This is your only reference to retrieve audit records.

Link to Internal Records

Associate audit IDs with your internal document/contract IDs for easy retrieval during audits.

Document Storage Strategy

Decide whether to store documents locally or retrieve them from audit API as needed. Audit API is always available.

Automate Compliance Reports

Build automated compliance reports that query audit records periodically.

Test Before Production

Use your $5 signup credit to test audit retrieval in your workflows before going live.

Export Capabilities

Build export functionality for legal teams to retrieve audit records in court-ready formats.

Audit Record Retention

Permanent Storage: Audit records are stored permanently and never expire. Query them anytime at no additional cost.

No Time Limits

Retrieve signatures from years ago—audit records never expire or get deleted

No Query Limits

Unlimited audit queries included at no cost. Query as often as needed.

No Storage Fees

UIP handles all storage infrastructure. No additional costs for record retention.

Global Availability

Access audit records from anywhere in the world, anytime

Getting Started

Signup Bonus: New accounts receive $5 in credits—enough for testing and initial implementation.
1

Create UIP Account

Sign up and receive $5 in credits automatically
2

Implement Signature Workflow

Use Sign API or Messaging API to collect signatures
3

Store Audit IDs

Save audit IDs from signature webhooks in your database
4

Query Audit Records

Retrieve audit records anytime using stored audit IDs

Next Steps

Get API Keys

Sign up and get $5 in credits to start

API Reference

Complete API reference with request/response schemas

Sign API

Learn about collecting signatures