I'm trying to create an envelope. My flow is next:
Obtaining OAuth token
Creating envelope based on existing template
Using createRecipientView method to get redirect url for the first signer(Later I'm taking the existing envelope id and creating redirect url for the second signer)
The problem:
It works as I expect if only signer's email address belongs to my docusign developer account. In other words if it is in the list of my docusign dev account users. Otherwise, with any random email address, I'm being redirected to the document page but I'm only able to view it and close, there's no start->sign->finish button(I'm not able to sign a doc).
One thing I've noticed is the wrong recipientId which is equal to zeros and dashes(normally it has a set of numbers and letters). I find it at a signing page -> other actions -> Session Information. It's hapenning when I'm being redirected as a user with any email(one that does not belong to docusign account). BUT, every signer receives an email notification with the same link to the document and If I go from that link, I can sign a document no matter what email address it is.
Session information with the wrong recipientId
My code:
const client = new docusign.ApiClient()
client.setBasePath('https://demo.docusign.net/restapi')
client.setOAuthBasePath('account-d.docusign.com')
const tokenResponse = await client.requestJWTUserToken(userId, integrationKey, ['impersonation', 'signature'], privateKey, 600)
client.addDefaultHeader('Authorization', `Bearer ` + tokenResponse.body.access_token)
const envelopesApi = await new docusign.EnvelopesApi(client)
const envelope = await envelopesApi.createEnvelope(accountId, {
envelopeDefinition: {
templateId: templateId,
status: 'sent',
emailSubject: `Signing template ID: ${templateId}`,
templateRoles: [
{ roleName: args.firstRole, name: args.firstSignerName, email: args.firstSignerEmail },
{ roleName: args.secondRole, name: args.secondSignerName, email: args.secondSignerEmail },
],
}
})
const recipientView = await envelopesApi.createRecipientView(accountId, envelope.envelopeId, {
recipientViewRequest: {
returnUrl: my local host,
email: args.firstSignerEmail,
userName: args.firstSignerName,
authenticationMethod: 'none',
},
})
return recipientView
Please, let me know If you know what I'm doing wrong.
I read docusign docs and thought I'm missing some permission, but so far can't figure out what's the problem
I could be wrong but based on your description, you haven't set up a clientUserId parameter for your recipients. Recipient Views are created for embedded signers wherein you embed the signing session into your own application. As embedded recipients are a special class of recipients associated only with the sender's account, this could explain why your recipient view works for users already part of your account but does not work for anyone else.
Related
I'm currently working on building some loyalty cards via Google wallet api.
Creating and distributing passes is not a problem, but I'm not so sure on how to specify one card to one user.
I understand you are able to set the MultipleDevicesAndHoldersAllowedStatus property to one user. I also understand that you are supposed to set a unique userId which can be the user's email_address, but this does not necessary mean that only this user with this email_address is able to get the pass.
How can I make sure that a user with user1#mail.com is only able to install a specific pass?
I created a sample pass object with my personal email address as the userId; however, I was able to use the save link created by
const claims = {
iss: credentials.client_email,
aud: "google",
origins: ["www.example.com"],
typ: "savetowallet",
payload: {
loyaltyObjects: [
{
id: objectId,
},
],
},
};
const token = jwt.sign(claims, credentials.private_key, {
algorithm: "RS256",
});
const saveUrl = `https://pay.google.com/gp/v/save/${token}`;
to save it to a device that was not logged in w/ my personal email.
Is there a way for the pass (or maybe the save url?) to check again for the proper gmail address before letting the user download the pass to their wallet?
(I had to use android-pay since i don't have enough reputation to tag it with google-wallet-api)
I'm creating a MERN stack ecommerce application where I want send all user info along with jwt token but except password I'm ok with token part & I know how to send user but i don't know how to exclude the password property while sending the user through res.json
enter image description here
Modified Answer -
#prathamesh
You can change the default behavior at the schema definition level using the select attribute of the field:
password: { type: String, select: false }
Then you can pull it in as needed in find and populate calls via field selection as '+password'. For example:
Users.findOne({_id: id}).select('+password').exec(...);
You can use the aggregation or select method in the mongoose.
const users = await User.find({}, {name: 1, email: 1});
or
const users = await User.find({}).select("name email");
or
const users = await User.aggregate([{"$project": {name: 1, email: 1}}]);
I use this way to save all attributes except password in another variable and then I show info.
let {password, ...foundUser} = user.toJSON();
response.setStatus(200).setRes(foundUser);
I am creating an envelope from a template (which I have created using Docusign website UI) with a second signer which the envelope will be emailed to after the first signer is finished, but I want to be able to pause and unpause this through the API. The process works as designed without the added workflow_step, but returns an error with the workflow_step added.
envelope_definition = DocuSign_eSign::EnvelopeDefinition.new({
status: 'sent',
templateId: template_id
})
signer1 = DocuSign_eSign::TemplateRole.new({
email: signer1_email,
name: signer1_name,
roleName: 'signer1',
clientUserId: signer_client_id,
recipientId: 1,
routingOrder: 1
})
signer2 = DocuSign_eSign::TemplateRole.new({
email: signer2_email,
name: signer2_name,
roleName: 'signer2',
recipientId: 2,
routingOrder: 2
})
envelope_definition.template_roles = [signer1, signer2]
workflow_step = DocuSign_eSign::WorkflowStep.new(
action: 'pause_before',
triggerOnItem: 'routing_order',
itemId: 2
)
workflow = DocuSign_eSign::Workflow.new(workflowSteps: [workflow_step])
envelope_definition.workflow = workflow
Any idea what I am doing wrong?
If you can't add workflow steps to an envelope created from a template, can I add it to the template somehow?
Unfortunately this is a bug. Please ask your DocuSign support contact to add your company's information to internal bug report ARR-586.
Workaround
This workaround was reported to work:
Create an envelope that uses the template and set the template roles. But set the status to created. This will create a draft envelope.
Use the EnvelopeWorkflows:update API method to add the workflow.
{
"workflowSteps": [
{
"action": "pause_before",
"triggerOnItem": "routing_order",
"itemId": 2
}
]
}
Use the Envelopes:update method to change the status to sent
Please add a comment to this answer if this technique worked for you.
In an app where users aren't signed up by themselves but are instead created (name, email input) by existing users and sent an invitation email with link to password reset. Do I create a user and generate a random placeholder password like this:
const newUser = {
name: input.name,
email: input.email,
password: generateAndHashRandomPassword()
}
await User.create(newUser)
await sendEmail(newUser.email)
Or is there a best practice / standard / simpler other method to achieve this functionality?
The password reset also changed the isActive property on user model to true from default before password change being false
How do I change the following code to get email notifications and send signed copy via email?
let customer = {
email: app.application.email,
// clientUserId: app.application.email, // added when they request embedded signing
name: "name",
roleName: 'customer',
tabs: tabs,
// recipientId: '1',
// routingOrder: '1'
}
if (payload.customerSignMethod == 'Embed') {
customer.clientUserId = app.application.email;
}
signers.push(
docusign.TemplateRole.constructFromObject(customer)
);
envelope.templateRoles = signers;
envelope.status = "sent";
the commented line is the key:
// clientUserId: 'cvbcvb#cvbcvb.com', // added when they request embedded signing
The way you had it, it should send email out to recipients, for remote signing.
If you put this line back in - it won't as it will be used for embedded signing.
If you have it commented, and still don't see the email, there's another issue.
Did you change the envelope status to "sent"? that should be done to actually send it.