> ## Documentation Index > Fetch the complete documentation index at: https://developer.karmacheck.com/llms.txt > Use this file to discover all available pages before exploring further. # Create secure document records > Creates secure document records in the KarmaCheck system and associates uploaded documents with an existing case. This is step 3 of 3 when adding documents to KarmaCheck. At this stage, you should have successfully uploaded your documents via the URLs obtained from the [Generate secure document upload URLs](paths/~1document~1secure~1upload/post) API call. The uploaded documents are unavailable for use in KarmaCheck until they are associated with a case in this third step. Document associations are identified by sending access grants. If your token does not have access to associate a document with a specific entity, a 403 Forbidden response will be returned. In addition to associating a document with an existing case, you can call this API to create candidate disclosure and authorization document records before a case is created. When [creating a case](paths/~1case~1create/post), you can send the newly created document IDs to associate these documents with the case and the candidate. Note that this association is allowed only when the document type is a candidate disclosure or authorization. ## OpenAPI ````yaml /background-check-api/api-reference/openapi.json post /document/secure/create openapi: 3.1.0 info: title: KarmaCheck API description: >- All requests to the KarmaCheck API require a JSON Web Token (JWT) in the Authorization header. For an overview of the API and its authentication method, refer to the following topics: - [API basics](docs/overview/apis/api-overview.md) - [Authentication](docs/overview/apis/authentication.md) - [Environments](docs/overview/apis/environments.md) - [Status codes and errors](docs/overview/apis/errors.md) version: '1.0' contact: name: KarmaCheck email: customersuccess@karmacheck.com servers: - description: Stage url: https://api-stage.karmacheck.io - description: Prod url: https://api.karmacheck.io security: - JWT: [] tags: - name: Authentication - name: Cases - name: Candidate onboarding - name: Secure documents - name: Packages - name: Services - name: Users - name: Companies - name: Partner integrations paths: /document/secure/create: parameters: [] post: tags: - Secure documents summary: Create secure document records description: >- Creates secure document records in the KarmaCheck system and associates uploaded documents with an existing case. This is step 3 of 3 when adding documents to KarmaCheck. At this stage, you should have successfully uploaded your documents via the URLs obtained from the [Generate secure document upload URLs](paths/~1document~1secure~1upload/post) API call. The uploaded documents are unavailable for use in KarmaCheck until they are associated with a case in this third step. Document associations are identified by sending access grants. If your token does not have access to associate a document with a specific entity, a 403 Forbidden response will be returned. In addition to associating a document with an existing case, you can call this API to create candidate disclosure and authorization document records before a case is created. When [creating a case](paths/~1case~1create/post), you can send the newly created document IDs to associate these documents with the case and the candidate. Note that this association is allowed only when the document type is a candidate disclosure or authorization. operationId: post-document-secure-create requestBody: content: application/json: schema: $ref: '#/components/schemas/DocumentCreateRecords' x-examples: Example 1: list: - originalFileName: example_document.jpg documentTypeId: candidate-disclosures-and-authorizations fileKey: 1daa3c43-ea4e-4d66-9330-0cbd197feee6 accessGrants: caseId: 22e88848-17d1-4946-bbac-18d44f381ca7 examples: Candidate disclosure document: value: list: - originalFileName: example_document.jpg documentTypeId: candidate-disclosures-and-authorizations fileKey: 1daa3c43-ea4e-4d66-9330-0cbd197feee6 accessGrants: caseId: 22e88848-17d1-4946-bbac-18d44f381ca7 description: '' responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/DocumentRecords' x-examples: Example 1: list: - secureDocumentId: 7225e58b-55a3-49ad-af82-2b3ab9595741 examples: Example 1: value: list: - secureDocumentId: f6723gd8-ee70-4db3-b238-6bb27abf66c0 '400': description: Bad Request '403': description: Forbidden '413': description: Request Entity Too Large '500': description: Internal Server Error components: schemas: DocumentCreateRecords: title: DocumentCreateRecords type: object required: - list properties: list: type: array items: type: object required: - originalFileName - documentTypeId - fileKey properties: originalFileName: type: string description: The file name for the document that was uploaded. documentTypeId: type: string description: |- The type of document to store. Allowed value: `candidate-disclosures-and-authorizations` fileKey: type: string description: >- The value from the [Generate secure document upload URLs](karma-api-openapi.yaml/paths/~1document~1secure~1upload/post) response. title: type: string description: A title for the document. description: type: string description: A description of the document. fileFormat: description: The file format (e.g. pdf, jpeg, png) type: string enum: - pdf - jpg - jpeg - png accessGrants: type: object required: - caseId properties: caseId: type: string description: The ID of the case to associate with the document. DocumentRecords: title: DocumentRecords type: object required: - list properties: list: type: array items: type: object required: - secureDocumentId properties: secureDocumentId: type: string description: The unique identifier for the secure document. securitySchemes: JWT: type: http scheme: bearer ````