We are trying to build a DocuSign integration (connector) to our application and is adding Redirect URIs to Apps for Authorization Code Grant.
Question:
What are the limit of Redirect URIs that can be added to both demo & production account respectively?
Is there a way to bulk import or mass add Redirect URIs to App?
There isn't a published limit but I just tried it out on my demo account and it let me add around 30-40 redirect URLs at least (the option isn't greyed out yet but I got tired of clicking). If you find that you hit the limit and would like the ability to add more redirect URIs, create a case with DocuSign Developer Support and we can discuss your use case.
You will need to add all redirect URLs manually, however.
Related
We have docusign integrated in our platform & all of a sudden we are getting error from DocuSign
"The redirect URI is not registered properly with DocuSign".
We have proper & valid redirect uri configured in the application.
Please Note that exsisting setup is working fine, for newer apps or newer accounts, it is throwing the above-mentioned error Here is the screenshot of the same .
The redirect uri is valid as it's working for other app.
Has something changed at DocuSign end recently?
Update:
As asked, Please find the redirect uri screenshots below (I've masked the host url),
DocuSign Redirect URI configuration - Please note that both URI are same with difference in host url.
Complete Oauth request url
Redirect window
Make sure to compare the URL you see in the browser to the one in the IK. Make sure it's the same IK, in the same env (production vs. developer env is different!). Even a tiny difference between the two URLs will fail this. You need to URL decode the redirecUri from the main URL and then use that by copy/pasting it into the apps and keys page.
Then wait about 1-2 minutes before trying again.
Edit: confirmed that the URLs DO NOT MATCH, and that is the issue. The URLs must match 100% for this to work
Redirect URIs are specific to each integration key (application) and do not get copied over if you make a new integration key. Based on your description it sounds like you have created a new integration key. I would recommend visiting the Apps and Keys page on your DocuSign Admin settings and adding the redirect URI to the new integration key. Here is a support centre article which outlines this including the steps for how to add a new redirect URI
Nothing in this area has changed on DocuSign AFAIK.
Check that the redirect URI specified in your initial OAuth redirect is the exact same as the URI you set in the Integration Key's settings page.
The redirectURI cannot include any dynamic data including query parameters, etc.
You can use the settings tool's Apps and Keys page to delete and then re-add the RedirectURI. Check carefully that it doesn't include any trailing spaces, etc.
After you've made a change via the Apps and Keys pages, wait 5 minutes before attempting to use the Integration Key.
Ensure that you're using the right Apps and Keys page. If your app has passed go-live then:
For the production systems, use the apps and keys page from docusign.net
For the developer (demo) system, use the apps and keys page from demo.docusign.net
How can we automatically add the redirect URI in the Quickbooks auth using some API?
Edit:- In my case, my website has functionality of creating sub-domain on the basis of some random keywords. Suppose if my website is facebook.com and someone creates his own company inside it
Company name Website
1. tata tata.facebook.com
2. tesla tesla.facebook.com
So I want to add the website url name to the redirect URI as soon as company is created. I don't want to add it like manually.
How can we automatically add the redirect URI in the Quickbooks auth using some API?
You can't.
In my case, my website has functionality of creating sub-domain on the basis of some random keywords.
You won't be able to do this.
A better way to handle this is to have a single domain dedicated to the OAuth handshake for new connections, and always use that domain. You can use the state parameter of OAuth to track who is connecting so you know the correct subdomain to bounce them back to after OAuth redirect.
Intuit (and most other cloud providers) do not allow wildcards or dynamic domains because there are some significant security risks to doing so:
https://www.rfc-editor.org/rfc/rfc6819#section-5.2.3.5
http://technotes.iangreenleaf.com/posts/closing-another-nasty-security-hole-in-oauth.html
https://security.stackexchange.com/questions/180505/why-is-a-wildcard-subdomain-callback-url-in-oauth-considered-unsafe
IS there a way to have a parameterized ( or a uri with some wild cards) URI set to redirect
URI in the api portal of DocuSign?
From code I would set something like this.
ReturnUrlRequest.ReturUrl = "example.com/id=100"
On DocuSign API management portal, could I set Redirect URIs
example.com/id=[wildcard]
or
example.com/[wildcard]
where wildcard can be matched to anything?
Thanks
The term redirect_uri is used in multiple places within DocuSign systems.
The redirect uri used as part of the OAuth Authorization Code and Implicit grant flows can not be parameterized.
The redirect uri's that can be set via branding can include query parameters.
The redirect uri's used for embedded sending and other embedded flows can include query parameters.
Correct. To accomplish this, you can create and edit a custom brand for your signing experience. The Redirect URI (referred here as landing pages) can be customized.
To initialize your new custom brand, use the following endpoint.
POST /restapi/v2.1/accounts/{accountId}/brands
Then, in your app logic, you can update the landingPages property to your wildcard value. Note that this property accepts an array of name/value pairs specifying the pages to which the user is redirected after the following events occur:
Signing Completed
Viewed
Exit
Finish Later
Decline Session
Timeout
Authentication Failure
Full Guide on Branding here - https://developers.docusign.com/esign-rest-api/guides/concepts/branding
Here is the API Reference on Branding - https://developers.docusign.com/esign-rest-api/reference/Accounts/AccountBrands/create
When adding Reply URLs in an Azure B2C Application, the UI shows the following information:
Redirect URIs must all belong to the same domain
And until recently this was enforced by the UI: no way to save a list with multiple different URLs with the exception of localhost.
But just today I found out that right now it's possible to add any domain as Reply URL, which is pretty awesome for my use case. Is this going to stay and the info is outdated or is this a bug (which would be a shame, because this makes multi-domain apps a lot easier)?
BTW, it's not just that the list can be saved, the redirects work as one would expect.
Yes, the restriction has been removed. But the tip on Azure portal hasn't been updated.
We are migrating our old site on prem to a new one hosted on Azure but we need to maintain the old site online.
So imagine the following scenario:
new site: www.site.com
old site: www.oldsite.com
This is what we need:
if a user enter www.site.com/somepath and "/somepath" doesn't exist (url not found), it must be redirected to the onprem www.oldsite.com/somepath
Is it possible? How to write the Azure application gateway rule for url not found?
Thank you in advance, Marco
URL path based rules support notion of default path which is used when none of the path rules match. In your scenario you could set a default backend pool which redirects user to oldsite.com/somepath for any request received. You can then configure path based routing so that site/somepath goes to new pool, site.com/somepath2 goes to another pool.. if none of the url paths match the request would be sent to default pool from where it could be redirected to oldsite.
I believe you are use a URL Redirect to achieve this.
Create an application gateway with URL path-based redirection using Azure PowerShell
https://learn.microsoft.com/en-us/azure/application-gateway/tutorial-external-site-redirect-powershell
In addition, if you open the links provided and look to the left you will see even more options. Some of which you might find useful.