Skip to main content

Create a Recipient

Adds a new recipient — an authorized party who can retrieve artifacts from this dock. Include stakeholderClass and identifiers appropriate to the recipient’s persona. 
POST /v1/docks/:dockId/recipients

Path Parameters

ParameterTypeDescription
dockIdstringThe dock ID

Request Body

ParameterTypeRequiredDescription
namestringRequiredRecipient display name
emailstringRequiredRecipient email (stored lowercase)
stakeholderClassstringOptionalPersona type: mortgagee, agent, policyholder, auditor
identifiersobjectOptionalPersona-specific key-value identifiers (see below)

Persona Identifier Patterns

PersonaKey IdentifiersAuth Model
mortgageelender_id, policy_numberShared passphrase + mTLS cert
agentagency_code, policy_numberWebAuthn challenge
policyholderemail, phone, date_of_birth, policy_numberSMS OTP
auditorbadge_id, nda_hashBadge + NDA validation, time-boxed

Example: Mortgagee (Pre-populated Identifiers)

Store the lender’s identifiers at registration. The policy engine matches these stored values at access time — no runtime submission needed. 
curl -X POST https://api.docyard.io/v1/docks/dock_01HQ3K.../recipients \
  -H "Authorization: Bearer dk_live_a1b2c3d4..." \
  -H "Content-Type: application/json" \
  -d '{
    "name": "First National Bank",
    "email": "[email protected]",
    "stakeholderClass": "mortgagee",
    "identifiers": {
      "lender_id": "LND-4821",
      "policy_number": "POL-2025-88401"
    }
  }'

Example: Policyholder (Runtime Submission)

Add a policyholder with just name and email. They’ll submit date_of_birth and policy_number when accessing the portal — the policy engine validates the submitted values against the recipe. 
curl -X POST https://api.docyard.io/v1/docks/dock_01HQ3K.../recipients \
  -H "Authorization: Bearer dk_live_a1b2c3d4..." \
  -H "Content-Type: application/json" \
  -d '{
    "name": "James Whitfield",
    "email": "[email protected]",
    "stakeholderClass": "policyholder"
  }'

Example: Policyholder (Pre-populated)

Alternatively, pre-populate all identifiers at registration. The phone is required for SMS OTP delivery, so storing it upfront is recommended even if other identifiers are submitted at runtime. 
curl -X POST https://api.docyard.io/v1/docks/dock_01HQ3K.../recipients \
  -H "Authorization: Bearer dk_live_a1b2c3d4..." \
  -H "Content-Type: application/json" \
  -d '{
    "name": "James Whitfield",
    "email": "[email protected]",
    "stakeholderClass": "policyholder",
    "identifiers": {
      "phone": "+1-860-555-0147",
      "date_of_birth": "1983-06-15",
      "policy_number": "POL-2025-88401"
    }
  }'

Example: Auditor

curl -X POST https://api.docyard.io/v1/docks/dock_01HQ3K.../recipients \
  -H "Authorization: Bearer dk_live_a1b2c3d4..." \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Deloitte — Maria Gonzalez",
    "email": "[email protected]",
    "stakeholderClass": "auditor",
    "identifiers": {
      "badge_id": "AUD-DT-2025-0042",
      "nda_hash": "sha256:e3b0c44298fc1c149afbf4c8996fb924..."
    }
  }'

Response

{
  "id": "rcp_01HQ3N...",
  "dockId": "dock_01HQ3K...",
  "name": "First National Bank",
  "email": "[email protected]",
  "stakeholderClass": "mortgagee",
  "identifiers": {
    "lender_id": "LND-4821",
    "policy_number": "POL-2025-88401"
  },
  "createdAt": "2025-01-15T10:32:00.000Z"
}

Error Handling

StatusCondition
400email is not a valid email format
401Missing or invalid API key
404Dock not found
Email addresses are normalized to lowercase and indexed per dock. A dock cannot have two recipients with the same email address. For auditors, compute the nda_hash by running sha256sum on the signed NDA PDF before registration.Identifiers are optional. You can create a recipient with just name and email, then let them submit identifiers at access time through the portal or API. The policy’s match.identifiers defines what’s required — identifiers can come from the stored record, runtime submission, or both. See Identifier Resolution for details.