> ## Documentation Index
> Fetch the complete documentation index at: https://docs.craftkit.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Create a builder template

> Create a template in the partner's project from the builder's
CanvasDocument draft. Accepts **either** a partner API key (full rights)
**or** an embed session token (rights from session claims).




## OpenAPI

````yaml /openapi.yaml post /v1/embed/builder/templates
openapi: 3.1.0
info:
  title: Craftkit API
  version: 1.0.0
  description: >
    The Craftkit public REST API. Design templates with typed variables, render

    PDFs asynchronously, share and track them, and send them out for digital

    signature.


    ## Authentication


    Most endpoints authenticate with a **project API key** as a bearer token:


    ```

    Authorization: Bearer ck_live_xxxxxxxxxxxxxxxx

    ```


    Keys come in `ck_live_` (production) and `ck_test_` (test) flavours. Embed

    iframe surfaces use a short-lived **embed session JWT** instead, and the

    admin provisioning endpoint uses the deployment-wide `CRAFTKIT_ADMIN_KEY`.

    Inbound webhooks (`/v1/hooks/*`) are not bearer-authed — they are verified
    by

    an HMAC signature header.


    ## Idempotency


    `POST /v1/templates/{slug}/render` and `POST /v1/signatures` accept an

    `Idempotency-Key` request header. Retrying with the same key returns the

    original resource instead of creating (and, for signatures, billing) a

    duplicate.


    ## Errors


    Application errors use a shared envelope:


    ```json

    { "error": { "code": "invalid_request", "message": "...", "issues": { } } }

    ```


    A small number of admin/embed endpoints return a flatter shape

    (`{ "error": "invalid_credentials" }`); those are documented inline.
servers:
  - url: https://api.craftkit.dev
    description: Production
security:
  - bearerApiKey: []
tags:
  - name: Templates
    description: Create, list, fetch, republish, delete templates and enqueue renders.
  - name: Renders
    description: Poll render status, download PDFs, manage shares, email, and engagement.
  - name: Signatures
    description: >-
      Send rendered PDFs out for digital signatures via the signature service
      and track status.
  - name: Webhooks
    description: Inbound webhook receivers (HMAC-authenticated, not bearer-authed).
  - name: Embed
    description: Embed session minting, catalogs, builder templates, form submission.
  - name: Admin
    description: Org provisioning (deployment admin key only).
  - name: System
    description: Health and status.
paths:
  /v1/embed/builder/templates:
    post:
      tags:
        - Embed
      summary: Create a builder template
      description: |
        Create a template in the partner's project from the builder's
        CanvasDocument draft. Accepts **either** a partner API key (full rights)
        **or** an embed session token (rights from session claims).
      operationId: createBuilderTemplate
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              properties:
                documentTemplate:
                  type: object
                  additionalProperties: true
                  description: The builder's internal CanvasDocument draft.
            example:
              documentTemplate:
                name: Quote
                layout: {}
      responses:
        '200':
          description: Template created.
          content:
            application/json:
              schema:
                type: object
                required:
                  - documentTemplate
                properties:
                  documentTemplate:
                    type: object
                    additionalProperties: true
        '400':
          description: Body was not valid JSON.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SimpleError'
        '401':
          description: Missing or invalid authorization.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SimpleError'
              example:
                error: missing_or_invalid_authorization
        '403':
          description: Caller lacks saveDraft permission.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SimpleError'
              example:
                error: permission_denied
        '500':
          description: Insert failed.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/SimpleError'
      security:
        - bearerApiKey: []
        - embedSessionJwt: []
components:
  schemas:
    SimpleError:
      type: object
      description: |
        Flat error shape used by some admin/embed endpoints (the value is a
        machine-readable code string rather than the structured envelope).
      required:
        - error
      properties:
        error:
          oneOf:
            - type: string
            - type: object
              properties:
                code:
                  type: string
                message:
                  type: string
        message:
          type: string
        issues: {}
        detail:
          type: string
  securitySchemes:
    bearerApiKey:
      type: http
      scheme: bearer
      description: >
        Project API key (`ck_live_…` or `ck_test_…`) presented as a bearer
        token.

        For embed partner endpoints this is the partner secret key, which is the

        same credential type.
    embedSessionJwt:
      type: http
      scheme: bearer
      bearerFormat: JWT
      description: >
        Short-lived embed session JWT minted by `POST /v1/embed/sessions`. Used
        by

        the iframe form-submit / upload-image endpoints and accepted (alongside
        a

        partner key) by builder template creation.

````