Context
My team is working on an integration between a Web Application and DocuSign, where the user may send files to signing from our App to DocuSign (creating an envelope with the files).
In the envelope info inside our app, the user should have a link to be redirected to DocuSign (preferably to the Management page, but Home one is also acceptable).
Question
Since there isn't an endpoint on DocuSign eSignature API for getting a redirect URL (such as EnvelopeViews), and I couldn't find a document mentioning direct access to DocuSign eSignature (such as the one existing for DocuSign eSignature Admin), my question is...
Is there a known redirect URL to DocuSign eSignature that I could trust it won't change, so I can use it on our application?
I found out (looking at the authentication process) that the following URLs work for what I want...
https://appdemo.docusign.com/authentication?back=/home (Sandbox)
https://app.docusign.com/authentication?back=/home (Prod)
https://appdemo.docusign.com/authentication?back=/documents (Sandbox)
https://app.docusign.com/authentication?back=/documents (Prod)
But can I trust they won't change (since they aren't documented) and use them on my app?
For the management/web app for users, there's a way to do that with the API, you get back a URL that is pre-authenticated and is the recommended way to do that.
See here for code examples in different languages.
As for the administration/settings part, you would have to do it the way you indicated. We cannot guarantee this URL would never change, but it's not something that happen often if at all. However, users would have to log in (authenticate) when they are redirected unless in the same browser and already logged in.
Related
I have an app were there are 2 kinds of users.
A builder and an owner.
Now there is a centralized platform that I am building, were each builder who have their own docu sign account with them, will register. And then provide with a docusign URL (I am not sure what that is), and the owner then clicks on the link, once they are logged in to their part of the system. They sign the document using docusign and the builder gets the corresponding response in the centralized system.
Is this approach can be done using docusign? Or the working of this is completely different?
You're likely referring to embedded signing vs remote signing from what I understood from your description.
https://developers.docusign.com/docs/esign-rest-api/esign101/concepts/embedding/
In embedded signing, your app will take care of authenticating the users on DocuSign's behalf.
Yes. The Builders are the DocuSign senders. As you say, they have the DocuSign accounts that will be integrated into your system.
The owners are DocuSign recipients. More specifically Signer Recipients.
The owners do not sign into DocuSign at all. They may register (and login) themselves with your app, that's a different issue.
When appropriate, the owners click a link on your app to sign documents.
You then have some options: did the builder initiate a signing request for the owner to sign at some point in the future? Or is the signing request initiated when the owner decides that they want a document generated that they will then sign? (Or both?)
When it comes time for signing, if the signing ceremony is presented by your app to the owner, we call that embedded signing.
If the builder initiates a document to be signed by the owner, then the quickest technique is to immediately send a signing request (by email or SMS) directly to the owner. That's called remote signing by DocuSign. (The other way to do it is to wait until the next time the owner logs into your app. I would not recommend this since it would tend to slow down the completion of the signing process.)
I am new to Docusign and we have a requirement to integrate Docusign in our web app. I have gone through all the links for integrating docusign into a web app using REST Api calls. After thorough read and watching youtube videos, I came to know that we can integrate docusign in our web app through REST API calls but for the same additionally we need to develop our own UI to upload documents and send it to the recipient. But basically we are looking something where we can be reidrected to docusign from our webapp to perform all the operations of sending document for signing and once document is sent then I will be redirected back to our web app.
Kindly help with the above query and let me know if my understanding is correct for integration of docusign and for the same developing our own UI in our web app. Also please let me know if there is any alternative to fullfill the requirement of directly accessing docusign from our web app and performing all required operations of sending a document to recipient.
Thanks in advance!
So you want a button on your web app that says "Sign with DocuSign" and then what?
Most customers who want to send from their web app already have the documents controlled by their web app.
They:
authenticate the user with DocuSign (OAuth Authorization Code Grant)
Upload the document to DocuSign from their app.
Add tabs (signing fields) to the documents programmatically. (This is not hard and it saves the sender a lot of work.)
Upload the recipients (signers, copy-only recipients, etc)
And then tell DocuSign to send the envelope (the transaction).
Applications can also monitor the progress of the envelope through the signing process and programatically act on the signed documents.
The above is not hard to do and provides a good user experience.
You can also redirect the user of your application to DocuSign to accomplish any/all of the above manually. But the more the user does manually, the less convenient the integration will be for them.
If you want the manual experience, check out the EnvelopeViews::createSender method.
I'm using DocuSign's REST API to create envelopes in embedded signing mode. With the function CreateRecipientView i get only a temporary link. But i would prefer to get an permanent link like in the notification mail. How can i get this link/URL?
Getting permanent signing links is not possible using the DocuSign rest API.
For remote signers, only the signer can receive the signing link through email. No one else will have access to the signing URL.
Setting permanent signing/access link is possible with "embeddedRecipientStartURL" by using a captive recipient aka "clientUserId" and your own URL endpoint whereby you authenticate your users and determine if they can access the envelope via a Request Recipient View.
Documentation here.
You can also request emails be sent per captive recipients as well as many other "Portal" centric options that put you in full control of the user experience.
To give your signers permanent links, your application creates the links by itself. Eg myapp.myserver.com/signing_links/95a086f7-a76e-40ec-938e-987be996d220
The number should be a guid, not a database record key. This is needed to prevent someone from guessing what one of these permanent links is, so they can't read (or sign!) someone else's documents.
When someone opens their browser to go to one of the signer links, your application looks up the guid in the your app's database. The database record will include the DocuSign envelope_id and the recipient_id that the link represents.
Next your app uses that data to request an embedded recipient view link from DocuSign. Then (if you get a good response back from DocuSign), your app redirects the user's browser to the signing page on DocuSign.
(You'd get back an error from DocuSign if the recipient had already signed, or the envelope had been voided, etc.)
Guess what? The above is more or less how DocuSign gives out the "permanent" links in its emails--those links always redirect to one of the 5-minutes-only signing ceremony links.
Remember that you need to authenticate the signers, or include additional authentication options in your envelope, since you don't know who is going to end up pressing one of your app's signer links.
Setting vs Getting permanent signing/access link is possible with "embeddedRecipientStartURL" by using a captive recipient aka "clientUserId" and your own URL endpoint whereby you authenticate your users and determine if they can access the envelope via a Request Recipient View.
https://www.docusign.com/p/RESTAPIGuide/RESTAPIGuide.htm#REST%20API%20References/Recipients/Signers%20Recipient.htm
You can also request emails be sent per captive recipients as well as many other "Portal" centric options that put you in full control of the user experience.
So Net/Net, LarryK and CodingDawg are correct, each from a specific view. It ultimately is up to you to decide which way works best for your application and users.
At my company, we are implementing some parts of DocuSign, and have run across a scenario we believe the REST API does not support.
There are times where user's in our system change email addresses. We want to push this change to DocuSign for the user, without the user ever requiring to log in to DocuSign and manually change their email address via the console. This, of course, changes the username the user authenticates with on the login page of DocuSign.
Is it possible, using the DocuSign REST API, to change a user's email address (which in effect changes their login name do DocuSign)?
The DocuSign system does not support changing the email address through the API (REST or SOAP). This is mainly due to security restrictions - unfortunately your users will need to manually go into the DocuSign Console and go to Preferences to change their email address.
One thing that might make this process a little smoother is to automatically open the Console for your users when they request to change their email address. You can open the Console in an embedded iFrame in your site or app and from there they can change their account info. You would just need the user's credentials (along with the integrator key of the integration) and you can open the console for them.
The third API Walkthrough - Embedded DocuSign Console - illustrates exactly how to do this in 6 different languages (PHP, Java, Javascript, Python, C#, and Objective-C). You just need to make the following call from your environment, with just your accountId in the body of the POST request:
Method
POST
URI
/accounts/{accountId}/views/console
BODY
{
"accountId": "XXXXXX"
}
A 3rd party website is offering our service to their members. When they sign up, members have to agree to our contract. Currently this is handled manually, with envelopes being sent through email. We want to streamline this process allowing members to enter their information into the web site, and then immediately be presented with a contract to review and sign.
The 3rd party web site will collect the member information, then use the REST API to create a draft envelope based on a Template and information the the member enters on the website. The application will then display the contract in the web page so that the user can review and sign it. The document workflow will ensure that signed copies are routed to appropriate parties within our company via email for completion.
We want the 3rd party web site to have access to an account to which we can share templates. We want the 3rd party application to have very limited capabilities trhough the API:
Submit requests using a User ID and Integrator Key that we provide. These credentials need be different from other User Ids and Integrator Keys under our account
Create a draft envelope based on the templates we provide
Post a Recipient View allowing the application to display the document for review and siganture (in an IFrame)
Receive the signing status via the return URL provided in the Recipient View post
Possibly request status for an envelope
The external application should not have access to other templates, documents, or unnecessry API calls.
We want to be able to cancel the application's access at any time.
Question: Permissions and API Limitations
Is the above scenario feasible with respect to establishing limited access to the DocuSign REST API? How would we set this up?
Do account user permissions limit API use, if the API is enabled for the user? I found these settings in the user permissions section of the documentation. I can make guesses as to how to set them, but I need guidance on the actual implications of some settings.
Submit DocuSign API Requests: true
Manage Account: false
Send Envelope: true
Manage Templates: Use
DocuSign Desktop Client: false
Transfer Envelopes to User: false
Allow sender to set email language for recipients: false
I assume "Account-Wide Rights" should be false, but under that option in the documentation, it lists RequestStatus as one of calls covered. Will an application embedding the signing process still have sufficient permissions to complete the tasks listed above if "Account-Wide Rights" is false?
Are there other settings or issues I need to consider?
Firstly, thanks for using DocuSign. The answer to your question is in a few different parts. To clarify, I am answering assuming:
1.) You are a current customer (or about to be one) of DocuSign.
2.) You have a plan that is set up to allow integration (IE you aren't trying to do all of this with a personal plan, or something like that).
There are a couple of terms I will use... Sender and Recipient. In this scenario, the THird Party Website is "the sender" and they are Sending the documents through YOUR DocuSign account, using the API. The people who are signing up for your service are going to be Envelope Recipients.
Just like with the post office, someone has to send, and someone gets the envelope.
So far so good.
So what will happen is that the third party website will write some code that knows how to talk to the DocuSign API, and you will need to know:
-DocuSIgn Account ID (this is your DocuSign account)
-The Integrator Key (this is the key that you will need to certify before going live, which identifies all those API calls as coming from them)
-Credentials to access your account (this can be either the actual creds, or a token, etc).
Now, there are two ways to do it. You can either have the third party website make the and send all of the envelopes as if they all came from a single "user" in DocuSign (likely) or if you know that a particular user should send out things, you can do that too.
I am going to assume that all of the sign up packets will be sent as if they came from something like Signup#company.com.
So you will make sure you have a user in your DocuSIgn account with that Email address and name, and make sure that user has the ability to send via the API (there's a setting in DocuSign admin), and all envelopes will be sent as if that "person" sent them.
You will need the settings for that user (the one that will "send" all the envelopes), set as you showed above. You would need the Account Wide access if you wanted to send "on behalf of" a different user. But you aren't doing that, so you should be cool.
The last thing is that you will need to make sure you have an envelope based plan (as opposed to a seat based plan) because otherwise, that one mega-user will look suspicious (sending hundreds of envelopes in an automated fashion).
I hope this answers the question?
-Dan