Looking into Docusign's API Auth0 documentation and sandboxes and the examples for making a successful 0Auth are based on the following SDK methods:
getAuthorizationUri()
generateAccessToken()
getUserInfo()
These methods work as expected.
However in the Node.js SDK there is also the AuthenticationApi with following methods:
getOAuthToken()
revokeOAuthToken()
What is difference for both set of methods and in which use cases each should be used? I can't find examples of when they should be used?
Also for 1st set of methods couldn't find a SDK method to revoke the current access token of a user. What is the suggested way to do it using DocuSign's API?
The DocuSign SDKs are based on our swagger spec which include properties and methods from older versions of our APIs. With the previous versions of OAuth it was necessary to make these calls to obtain a permanent access token and to also revoke it.
In terms of the methods used, our SDKs are meant to use industry standard dependencies to handle the token requests and creation. If you'd like to see it in action and how you can tap into it, I would recommend having a look at our quickstarts or git repository for Node. Included in the download are methods for invoking both Code Grants and JWT Grants. The quickstarts operate in Demo only, however when you go to download them it actually configures an OAuth workflow in your Demo account for you -- then it feeds the necessary configuration file into the quickstart download. Under ideal circumstances you would be able to simply run npm start / install and see how it works.
If you need further assistance with this, feel free to open a case on support.docusign.com where someone from my team can work directly with you in terms of consultation and troubleshooting.
Links:
https://developers.docusign.com/docs/esign-rest-api/quickstart/
https://github.com/docusign/code-examples-node
Regards,
Matt
Related
I would like to develop a new web-app in node.js (using express). I am relatively new to node.js world, so I assume there are frameworks that I am not familiar with.
Is there any framework (like Spring for Java) that manages authentication (and save the trouble from the developer)? Or each developer has to write this code over and over again?
Login/Logout is not all. There are other flows:
registration (create account),
forgot-password (and then set new password),
locking/unlocking an account,
change password
and I think I have covered all flows.
I know that each application has its own UI, forms, maybe with its logo, but the flow itself is similar for most applications.
In addition, I know that it is not that hard to implement, but it could be great to have some kind of tool / framework / infrastructure which implements the flows.
Is there such a tool/framework which helps applications' developers and implements these flows?
I've searched this issue but could not find anything.
Thanks!
Long ago I have developed authentication-flows for Java over Spring, and recently I wrote authentication-flows-js.
It is a module that answers most flows - authentication, registration, forgot-password, change password etc., and it is secured enough so applications can use it without the fear that it will be easily hacked.
It is for node.js applications (written in TypeScript) that use express. It is an open source (in GitHub). A release version is on npm, so you can use it as a dependency in your package.json.
In its README (and of course in the npm page) there are detailed explanations for everything and if something is missing - please let me know. An article will be published soon (I will add a link as a comment).
You can find here an example for a hosting application.
NOTE: I have heard comments like "It's not so difficult to implement". True.
But you have to make sure you take care of all cases. For example,
what happens if a user tries to create account that is already exists?
what happens if a user tries to create account that is already exists
but inactive? what about the policy of the password? (too long/too
short/how many capital etc.) what about sending the email with the
activation link to the user? how you create this link? should you
encrypt it? what about the controller that will receive the click on
the link and activate the account? and more...
I'm just starting to look at this php test file for Docusign and it makes reference to two autoload.php files at the top that I down see in this repo, Where would I find them please?
https://github.com/docusign/qs-php/blob/master/qs-02-php-send-envelope.php
Scott, this is an older example and we may need to update the documentation for it. Thanks for bringing this to our attention.
As to your general question of "how to start off with PHP?" I would recommend you check our newer versions after you decide which oauth flow you would prefer.
If you want to use JWT - https://github.com/docusign/eg-01-php-jwt
If you want to use the code grant - https://github.com/docusign/eg-03-php-auth-code-grant
The first one (JWT) is a bit less secure but does not require the end user to log in themselves to DocuSign, while the code grant does require it which makes it more secure. It depends on your needs. You can read about oauth flows here - https://developers.docusign.com/esign-rest-api/guides/authentication
I have a few almost equal extensions on chrome store (some of configs are different, images, names..). Extensions have same code with mentioned differences.
How can I automatically update all extensions if I make some hotfix? Currently, I need to update each separately which is time consuming. Thanks!
You could use the Webstore Publishing API to programmatically upload updates and publish them.
There's an official guide on using the API.
Short version:
You need to create a Google Developers Console project and enable the API for it.
You need to take the Client ID / secret from the Developer Console.
You need to obtain an access token through OAuth with the above.
Using this token, you can upload updates and publish them with a REST API.
I have created an API using Swagger.
My customers will be able to make calls to my service like
https://theservice.com/data/items/category1/12345
This is fine and works ok.
However, I would like to have a page where they can see all available API calls, similar to how Swagger generates it on their SwaggerEditor app. For example by visiting https://theservice.com/index.html I would like them to see the API docs.
Is it possible (within Swagger) to do this on a live system (not just locally with swagger project edit which I already know)?
If yes, how?
It sounds like you're using the Swagger Editor to describe your API, then generating some scaffolding code using the built-in generator. From your tags, I assume this is node.js code. You'll need to add your own logic to the generated code to complete this API implementation (if you haven't already done so).
If this is correct, then the interactive Swagger-UI documentation you're looking for should be available in your generated API at /docs endpoint, relative to the base URL of your running service.
The generated node.js project includes the Swagger spec you created in the editor, and uses Swagger-Tools to do the runtime magic. Among other things, Swagger-Tools auto-wires your Swagger spec to the /docs endpoint, and manages routing of requests to the generated controllers, based on information provided in your Swagger spec.
Note that the /docs page will look and behave somewhat differently from the documentation widget you see in the Swagger editor. The one in your application uses Swagger-UI, which is the runtime component for documentation, with interactive sandbox testing. Swagger-Editor has its own built-in documentation UI, and this is not currently packaged for use outside of the Swagger-Editor.
If you've already implemented an API, independent of the Swagger editor and code generator, you can still generate node.js code to see how to incorporate Swagger-Tools into your existing API implementation. Or, as wing328 suggests, take a look at Swagger-UI to see how you can add your own documentation page.
I think what you're looking for is swagger-ui and here is an example: http://petstore.swagger.io/
As you can see, it not only lists out all the available API endpoints but also lets visitors (developers) to try it out directly in the web page.
I'm trying to call ServiceStack service from a console app with a service reference client (generated after using Add Service Reference in VS 2010).
I looked at the sample at github but was unable to create a similar client code.
My objective is to provide a set of services with a simple API that can be called by a .NET client as easy as possible. Ideally, client should not need any knowledge of ServiceStack to call the services.
My questions are:
How should I create request if the service does not need any parameters?
How can I resolve proxy.Properties?
Here is the gist
You can use SOAP/WSDL's Add Service Reference but you should be mindful of SOAP's Limitations.
Although the current recommendations for client libraries is to use your preferred choice of ServiceStack's built-in generic service clients.
Got it working, updated gist Removed properties, version, request