Documenso is an open-source alternative to DocuSign that enables organizations to self-host a secure, compliant digital signature platform. It solves the problem of vendor lock-in in e-signature tools by providing full control over data, infrastructure, and code—ideal for enterprises, legal teams, and developers who need transparency and customization. Built with Next.js, TypeScript, and Prisma, it supports PDF signing via PDF-Lib and @documenso/pdf-sign, with PostgreSQL for data storage and tRPC for API communication.
The platform is designed for self-hosting on Docker, Railway, or Render, with full DevContainer and Gitpod support. It integrates with Stripe for payments, uses NextAuth for authentication, and includes a robust API for embedding signing workflows into existing applications. All features are built to meet enterprise compliance standards while remaining fully auditable.
What You Get
- Self-Hosted E-Signature Platform - Deploy Documenso on your own infrastructure using Docker, Kubernetes, or bare metal, ensuring full data control and compliance with GDPR, HIPAA, and other regulations.
- PDF Digital Signatures - Apply legally binding digital signatures to PDFs using the @documenso/pdf-sign library, supporting PAdES standard for enterprise compliance.
- Embeddable Signing API - Integrate document signing workflows directly into your application via tRPC API, enabling custom user flows without redirecting to a third-party service.
- NextAuth Integration - Secure user authentication with OAuth providers (Google, GitHub, etc.) and session management built using NextAuth for seamless SSO and user management.
- Email-Driven Document Workflows - Automate document sending and signing notifications using Inbucket mailserver integration, with customizable templates via react-email.
- Admin Dashboard & User Management - Full control over users, documents, and signing workflows through a React-based admin interface with Tailwind CSS and shadcn/ui components.
- Stripe-Powered Monetization - Built-in support for subscription plans and payments via Stripe, enabling SaaS deployment or enterprise licensing models.
- PDF Manipulation & Viewer - View, annotate, and sign PDFs in-browser using React-PDF and PDF-Lib, with no external dependencies or plugins required.
Common Use Cases
- Running a legal document workflow for mid-sized firms - A law firm uses Documenso to self-host a secure, audit-trail-ready e-signature system for client contracts, avoiding DocuSign’s recurring fees and data privacy concerns.
- Embedding e-signatures in a SaaS product - A fintech startup embeds Documenso’s signing interface into their loan application platform, allowing users to sign documents without leaving the app.
- Compliance-focused government procurement - A municipal agency deploys Documenso internally to handle vendor contracts under strict data sovereignty laws, ensuring no third-party cloud processing of sensitive documents.
- Developer building a custom contract platform - A full-stack developer uses Documenso’s open-source codebase to build a tailored signing solution with custom approval chains and audit logs, leveraging tRPC and Prisma for backend flexibility.
Under The Hood
Architecture
- Monorepo structure with Turbo enables independent development and deployment of frontend, API, and documentation apps alongside shared utility packages
- Centralized Prisma ORM with environment-aware configuration ensures consistent data layer behavior across development, staging, and production
- Dependency injection via environment variables allows seamless swapping of signing, storage, and SMTP backends without code modifications
- API layer leverages tRPC and ts-rest for end-to-end type safety, with webhooks and REST routes cleanly separated into dedicated modules
- React frontend components are tightly integrated with backend services via tRPC, while internationalization is abstracted into a shared library for reuse
- Comprehensive environment variable management across Turbo, Docker, and cloud platforms enforces configuration-as-code and minimizes runtime inconsistencies
Tech Stack
- Node.js 22+ backend with Next.js 14 for hybrid SSR/SPA frontend, orchestrated by Turbo for unified build and dependency management
- Prisma ORM v6.19.0 with Kysely extensions and custom type generators powers PostgreSQL interactions, supported by automated migration and seeding workflows
- TypeScript-first codebase with shared ESLint and Prettier configurations ensures consistent style and type safety across all packages
- Inngest and Trigger.dev handle serverless workflows, complemented by BullMQ and Redis for reliable background task processing
- Lingui.js enables internationalization with Crowdin integration for dynamic translation compilation and management
- Deployment is containerized via Docker on Render and Railway, with automated health checks and secret injection for production reliability
Code Quality
- Extensive end-to-end test suite using Playwright covers complex user flows including form submissions, dialog interactions, and state validation
- Test fixtures for authentication, document seeding, and envelope editing promote reusability and reduce duplication across test suites
- Error handling emphasizes explicit assertions and state validation over try-catch, ensuring predictable UI and API behavior
- Descriptive naming conventions reflect user actions and system states, improving readability and maintainability
- Type safety is enforced throughout the codebase via Prisma-generated types and TypeScript interfaces, preserving data contract integrity
- Automated test setup and teardown using seeders and file system manipulation ensure consistent, isolated test environments
What Makes It Unique
- Native PDF field annotation system maps signature fields with pixel precision directly on rendered documents, eliminating external PDF library dependencies
- Dynamic envelope routing intelligently sequences multi-party signing workflows based on field dependencies and recipient roles
- Embedded signing experience allows in-browser document signing without downloads or third-party viewers
- Developer mode overlays live field metadata to provide real-time visibility into field positioning and recipient mappings during integration
- Search param selector synchronizes UI state with URL, enabling bookmarkable, persistent filtering and view preferences
- Zero-trust signing architecture combines token-based authentication with end-to-end encryption to meet compliance requirements without sacrificing usability