Nutrient
Team member
Nutrient
Pricing Documentation

Existing customer?

Nutrient Web SDK is a JavaScript PDF library for viewing, annotating, and editing PDFs directly in the browser. For your convenience, it also integrates with the DWS API, serving as its client through an intuitive JavaScript API. This guide will help you get started using Nutrient Web SDK as a client for DWS API.

Getting started

To get started with the Web SDK, follow the appropriate getting started guide for your environment.

Authorization with DWS API

To authorize requests to DWS API from Nutrient Web SDK, you'll need to use its JWT-based authorization.

You can generate a JWT using your API key via the POST tokens endpoint:

curl -X POST https://api.nutrient.io/tokens \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer your_api_key_here" \
  --fail \
  -d '{
      "allowedOperations": [
        "digital_signatures_api",
        "document_editor_api",
        "ocr_api"
      ],
      "allowedOrigins": [
        "example.com"
      ],
      "expirationTime": 3600
    }'

curl -X POST https://api.nutrient.io/tokens ^
  -H "Content-Type: application/json" ^
  -H "Authorization: Bearer your_api_key_here" ^
  --fail ^
  -d "{\"allowedOperations\": [\"digital_signatures_api\", \"document_editor_api\", \"ocr_api\"], \"allowedOrigins\": [\"example.com\"], \"expirationTime\": 3600}"

POST https://api.nutrient.io/tokens HTTP/1.1
Content-Type: application/json
Authorization: Bearer your_api_key_here

{
  "allowedOperations": [
    "digital_signatures_api",
    "document_editor_api",
    "ocr_api"
  ],
  "allowedOrigins": [
    "example.com"
  ],
  "expirationTime": 3600
}

You can retrieve the JWT as an accessToken from the response:

JSON 
{
  "accessToken": "<created_access_token>",
  "id": "<access_token_id>"
}

The JWT has a benefit of being able to customize the operations and origins that the token can access. The token can be time-limited for the security of your application. It can also be revoked at any time, contrary to the API key, which can only be regenerated.

Build API

Using Nutrient Web SDK, you can harness the power of DWS API for document editing, conversion, OCR, and other operations.

To perform a processing request via Nutrient Web SDK, you'll need:

  • Access token — Refer to the authorization section for generating a JWT.
  • Build instructions — Define the operations you want to perform. You can find the instructions schema in the API reference and more specific examples on our tool pages.
  • Inputs — Provide the necessary inputs for the processing.

To execute a Build request, pass these arguments to the PSPDFKit.build method of Web SDK. For example:

JavaScript 
// Inputs need to be provided either as an `ArrayBuffer` or `Blob` objects.
const document = (await fetch("/url-to-your-document.pdf")).blob();

// Perform the processing via DWS API.
const processedDocument = await PSPDFKit.build(
  // Authorization token for DWS API.
  { jwt: accessToken },
  // Instructions for the processing request.
  {
    parts: [
      // Apply OCR action on the first input and use it as the first part of the final document.
      {
        file: "document",
        actions: [
          {
            type: "ocr",
            language: "english"
          }
        ]
      },
      // Use a sample DOCX document served from the URL as the second part of the final document.
      // Note: You don't need to provide inputs served from URLs in the `inputs` argument.
      {
        file: {
          url: "https://www.nutrient.io/api/assets/downloads/samples/docx/document.docx",
        },
      },
    ],
  },
  // Inputs required by the request that should be uploaded together with the instructions.
  [{ name: "document", content: document }]
);

Digital signatures

When using Nutrient Web SDK, you’re responsible for handling cryptographic operations manually. This can be a complex and error-prone process, especially when working with digital signatures. To streamline this, Nutrient provides a convenient alternative: leveraging the signing capabilities of Nutrient DWS API. By offloading the signing process to DWS API, you’ll simplify your integration without compromising security or control.

This approach is ideal if you want effortless integration of digital signatures into your app. Security and privacy of your documents is guaranteed, as the documents themselves remain secure and private in your client’s session; only the document hash and signature properties are transmitted to the backend. This ensures your sensitive content is never exposed during the signing process, keeping it safe and compliant with data privacy regulations.

Key benefits of signing via DWS API include:

  • Effortless integration — Subscribe to DWS API to leverage its digital signatures capabilities.
  • Trusted eSignatures — DWS API provides a legally binding certificate that allows for secure signatures that validate in Adobe products (Reader, Acrobat, etc.) and are enforceable under European Union (eIDAS), US, and Canadian law.
  • Delegated signing — Rather than managing cryptographic keys and processes in the client environment, you can delegate these operations to DWS API, allowing for a more streamlined and secure experience.
  • Document privacy — Your document remains on the client side throughout the process. Only the document hash and necessary signature metadata are shared with the backend for signing, ensuring end-to-end document privacy.

How to sign a document using DWS API

Pass the DWS API access token to the signDocument method of Web SDK running in standalone mode:

JavaScript 
instance.signDocument(
  {
    signingData: {
      signatureType: PSPDFKit.SignatureType.CAdES,
      padesLevel: PSPDFKit.PAdESLevel.b_lt
    }
  },
  {
    jwt: "<access token>"
  }
);

Once the signing method is called, the Web SDK takes care of the entire signing process:

  1. 1
    The document is prepared for signing based on the parameters provided in the signDocument method.
  2. 2
    A hash of the document and signature properties — such as signing type, timestamping, and Long-Term Validation (LTV) settings — is generated and sent to the backend service.
  3. 3
    DWS API performs the signing using the document hash and signature properties. If specified in the parameters, it also handles timestamping and LTV operations.
  4. 4
    Finally, the signed signature parameters are returned to the Web SDK, which embeds them into the prepared document, finalizing the signing process.

This process keeps your documents secure, maintains full privacy, and eliminates the need for clients to manage private keys, reducing the risk of handling cryptographic material in the client environment.

If you want to learn more about digital signatures support in Nutrient Web SDK, refer to the digital signatures guides.