How to Download an Audit Trail PDF Using the BoldSign API

 

When documents are signed, you need proof, not just signatures. Audit trails provide tamper-evident evidence of who signed, when, and from where. In this guide, you’ll learn how to download audit trail PDFs programmatically using the BoldSign API.

Why would you use BoldSign audit trails

In BoldSign, an audit trail helps you:

  • Protect documents with a verified signing history
  • Confirm signer identities and time stamps
  • Reduce legal risk with tamper-evident evidence
  • Support legal compliance by storing accurate records
  • Improve transparency by capturing each signing event

When does audit trail management matter most

Audit trails are especially critical when:

  • Multiple departments handle contracts with vendors, clients, or employees
  • Legal teams require a verified signing history for disputes
  • Compliance audits demand proof of document integrity
  • Organizations must store tamper-evident audit trail records alongside signed documents

What you’ll need before calling the audit trail API

Make sure you have:

  • A BoldSign account (sandbox or production)
  • An API key (or OAuth2 access token) to call BoldSign APIs over HTTPS
  • A REST client such as curl, Postman, or your preferred HTTP library
  • The  documentId of the signed document
  • The onBehalfOf  email address if the document was sent on behalf of another person (Optional) 

Authentication headers

Use one of the following:

  • API Key: X-API-KEY: <your key>
  • OAuth2: Authorization: Bearer <access_token>

Which endpoint do you use to download audit trails

You use the same endpoint for both regular and on-behalf signature requests.

Task Method + path Required inputs Output 
Download audit trail (regular document) GET /v1/document/downloadAuditLog documentIdAudit trail PDF 
Download audit trail (on-behalf document) GET /v1/document/downloadAuditLog documentId,
onBehalfOf  		Audit trail PDF 

Step-by-step: How to download an audit trail for a regular document

Required query parameter:

  • documentId: The unique identifier of the signed document.
cURL
curl -X GET 'https://api.boldsign.com/v1/document/downloadAuditLog?documentId={Your document Id}' \ 
     -H 'accept: application/pdf' \ 
     -H 'X-API-KEY: {your-api-key}'
C#
var apiClient = new ApiClient("https://api.boldsign.com", "Your API-KEY"); 
var documentClient = new DocumentClient(apiClient); 
var documentStream = documentClient.DownloadAuditLog("YOUR_DOCUMENT_ID");
Python
import boldsign 
 
configuration = boldsign.Configuration(api_key="YOUR_API_KEY") 
 
with boldsign.ApiClient(configuration) as api_client: 
 
    document_api = boldsign.DocumentApi(api_client) 
document_stream = document_api.download_audit_log(document_id="YOUR_DOCUMENT_ID")
PHP
<?php require_once "vendor/autoload.php"; 
use BoldSign\Configuration; 
use BoldSign\Api\DocumentApi; 
 
$config = new Configuration(); 
$config->setApiKey('YOUR_API_KEY'); 
 
$documentApi = new DocumentApi($config); 
$document_stream = $documentApi->downloadAuditLog($document_id = 'YOUR_DOCUMENT_ID');
Java
ApiClient client = Configuration.getDefaultApiClient(); 
 client.setApiKey("YOUR_API_KEY"); 
DocumentApi documentApi = new DocumentApi(client); 
File documentStream = documentApi.downloadAuditLog("YOUR_DOCUMENT_ID", null);
Node js
import { DocumentApi } from "boldsign"; 
 
const documentApi = new DocumentApi(); 
documentApi.setApiKey("YOUR_API_KEY"); 
 
const documentStream = documentApi.downloadAuditLog("YOUR_DOCUMENT_ID");

Step-by-step: How to download an audit trail for documents sent on behalf of others

Required query parameters:

  • documentId: The unique identifier of the signed document.
  • onBehalfOf: The email address of the sender on whose behalf you’re acting.

Use onBehalfOf only if the document was sent on behalf of someone else.

When a document is sent by you on behalf of another person, the download audit trail operation can still be performed from your account by specifying that person’s email address in the onBehalfOf field. This ensures you can access the audit trail even if the document wasn’t directly sent from your own address.

cURL
curl -X GET 'https://api.boldsign.com/v1/document/downloadAuditLog?documentId=YOUR_DOCUMENT_ID&onBehalfOf=ON_BEHALF_EMAIL' \ 
-H 'accept: application/pdf' \ 
-H 'X-API-KEY: {your-api-key}'
C#
var apiClient = new ApiClient("https://api.boldsign.com", "Your API-KEY"); 
var documentClient = new DocumentClient(apiClient); 
var documentStream = documentClient.DownloadAuditLog("YOUR_DOCUMENT_ID", "ON_BEHALF_EMAIL");
Python
import boldsign 
 
configuration = boldsign.Configuration(api_key="YOUR_API_KEY") 
 
with boldsign.ApiClient(configuration) as api_client: 
 
    document_api = boldsign.DocumentApi(api_client) 
document_stream = document_api.download_audit_log(document_id="YOUR_DOCUMENT_ID", on_behalf_of="ON_BEHALF_EMAIL")
PHP
<?php require_once "vendor/autoload.php"; 
use BoldSign\Configuration; 
use BoldSign\Api\DocumentApi; 
 
$config = new Configuration(); 
$config->setApiKey('YOUR_API_KEY'); 
 
$documentApi = new DocumentApi($config); 
$document_stream = $documentApi->downloadAuditLog($document_id = 'YOUR_DOCUMENT_ID', $on_behalf_of = 'ON_BEHALF_EMAIL');
Java
ApiClient client = Configuration.getDefaultApiClient(); 
 client.setApiKey("YOUR_API_KEY"); 
DocumentApi documentApi = new DocumentApi(client); 
File documentStream = documentApi.downloadAuditLog("YOUR_DOCUMENT_ID","ON_BEHALF_EMAIL");
Node js
import { DocumentApi } from "boldsign"; 
 
const documentApi = new DocumentApi(); 
documentApi.setApiKey("YOUR_API_KEY"); 
 
const documentStream = documentApi.downloadAuditLog("YOUR_DOCUMENT_ID","ON_BEHALF_EMAIL");

Real-world examples: How audit trails improve workflows

Example 1: Vendor contracts

A company automatically downloads the audit trail after every completed vendor contract and stores it alongside the signed PDF, reducing audit prep time and improving record consistency.

Example 2: Legal disputes

When a dispute arises, a legal team retrieves the audit trail to validate signing metadata such as signer identity, time stamps, IP address, and integrity checks, providing strong supporting evidence.

Managing audit trails with BoldSign APIs

Audit trails are a foundational safeguard when your eSignature workflows need to prove authenticity, legal compliance, and transparency. With BoldSign APIs, you can:

  • Download audit trails for documents you sent for signature.
  • Retrieve audit trails for documents you sent for signature on behalf of others.
  • Store audit trails alongside signed documents for audits, compliance reviews, or disputes.

Conclusion

Audit trails are a simple but powerful way to strengthen document authenticity and operational transparency. With the BoldSign API, downloading audit trail PDFs is straightforward, so you can keep reliable signing evidence available for whenever you need it.

For more details, refer to the BoldSign API documentation. If you need help setting this up in your workflow, reach out through the support portal or schedule a demo with our team.

Related blogs

Note: This blog was originally published at boldsign.com 

Comments

Post a Comment

Popular posts from this blog

Introducing the BoldSign PHP SDK for Effortless E-Signature Integration

Image
We’re excited to announce the launch of the BoldSign PHP SDK! If you’re a PHP developer looking to integrate e-signatures into your applications, this SDK is here to make your work simpler. With just a few lines of code, you can easily add e-signature functionality to your PHP projects.  Why e-signature integration can be tricky  You might struggle with e-signature integration because:  Complex integrations are slowing you down : Most e-signature APIs require extensive boilerplate code and complex setups. This increases development time and adds unnecessary complexity.  Time-consuming workflows are holding you up : Managing document creation, sending, tracking, and retrieval often involves multiple API calls. Without a structured approach, you’ll spend more time on integration than on building your core product.  You don’t have a PHP-specific...
Read more

Get eSign via Text Message Quickly with BoldSign Today

Image
  While email has traditionally been our primary channel for important information and document exchange, many people now prefer receiving crucial notifications through text messages. This is even more relevant when your recipient lacks email access or simply prefers SMS. BoldSign makes it easy to send documents via SMS without needing technical expertise. Moreover, requesting eSignature via SMS boosts completion rates, delivers faster turnaround times, and enhances convenience for recipients. This guide will walk you through the steps of using BoldSign to achieve stress-free digital signatures. Getting Started with BoldSign: To begin, you’ll need to create a BoldSign account. It’s easy to set up – Start free trial to access the world of hassle-free electronic signatures. Sending the document for eSignature via SMS: Follow these steps to send the document for eSignature via SMS using BoldSign: Log in to your BoldSign account and navigate to...
Read more

How to Embed an eSignature Solution into Your Python Application

Image
  Embedding the BoldSign eSignature process into your application will enhance your eSignature workflow and streamline the signing experience of your customers. They can sign the documents directly in your application, eliminating the need to switch to other third-party platforms. This seamless integration builds trust in your security and eliminates the hassle of navigating multiple applications for completing the signing process. In this blog post, we will show you how to embed an eSignature solution into your Python app using BoldSign APIs. Let’s assume a real-life scenario where you, as a business owner, have just secured a new customer. To finalize the deal, you need their signature on a contract. Prerequisites Before we begin building the application, we need to ensure the following prerequisites are in place: Python 3.x installed on your system. Flask installed on your system. BoldSign API credentials. Setting up a BoldSign account To use BoldSign APIs, you’ll need a BoldSi...
Read more