On 16 June 2026, we’ll be enabling CORS restrictions on the Signable public API.
This will prevent web browsers from making direct client-side requests to the API.
Our API is designed to be called from your server, not from browser-based JavaScript.
If you’re currently making direct requests to the Signable API from frontend code (for example, using fetch or axios in the browser), those requests will be blocked once CORS restrictions are enabled.
You’ll need to move those requests to your server before this date.
Restricting browser-based access improves security and ensures API credentials are not exposed in client-side applications.
If you think this change might affect you, please contact support and we’ll be happy to help.