I am trying to integrate Docusign in my Web application. The website workflow will be as follows:
Users visit my website and log in.
Users will be given the option to choose Docusign Templates.
After selection, users need to sign that document.
After a successful signing, the signed document is sent to some authority.
My problem is how can I link my users to Docusign to sign. Does every user needs to have an account for embedded signing?? I need some help in understanding the flow of authentication and signing in DocuSign REST API. I have gone through the documentation but didn't understand properly. When I try to use the auth grant GitHub code to understand the flow. After logging in, it throws a null pointer exception. Please, someone, help me.
You can find code example in different languages to do what you're asking (sign from a template). You will want to use embedded signing so that the user sign as part of the app and not remote signing (via email).
As for your authentication question, no, signers never need to be part of the account. The sender can be a single user that is "sending" envelopes that are embedded in the app. So while there's no sending technically, you can think of it this way.
Hope this makes sense, please ask additional questions if not clear
recipientID is a GUID uniquely used to identify a recipient in DocuSign. When you create an envelope, each recipient should have one.
"and If the same name+email combination comes again, will it get the same signature or generate a new one?" It will remember it if they have an account.
Related
First of all, I apologize for eventual noob questions, we are very new to the DocuSign API and are currently trying to wrap our heads around which is the most correct way of accessing the API.
I will start with an overview of our use case. We recently purchased a DocuSign prod. Account with an Organization enabled.
We have a Partner which uses a CMS Tooling which integrates with said DocuSign Account. This Tool allows for the Backoffice to create envelopes with documents inside and a url which leads to the signin ceremony through the Templates that we create inside the DocuSign Account. This url is afterwards send to the customer for them to sign the documents in the envelope. This Part is working and is currently being used.
Now what we want to achieve on our side, we have a nextJS web-app which allows the same customers (Which are the receivers of the created envelopes in the step above, same e-mail in both steps) to sign-in our web-app. We want to show the customer in a dashboard, if there are envelopes for him open that he can sign and if this is the case we want to show him the url which leads to the signin ceremony.
We were able to see that as soon as an envelope for a certain User is created through the CMS Tooling, we can see that envelope in our DocuSign Prod Account.
Now our thought process was, to show our customer his open envelopes, we just fetch all open envelopes in our DocuSign Account which match the customers E-Mail.
Is there anything wrong with this process or are we overlooking something?
And if it is okay to proceed this way which of the OAuth Flows is the correct one to use for this case?
From my understanding, the JWT Flow seems like the most reasonable one? Since the Customers that need to sign the documents, will not have any DocuSign accounts.
What have you tried to solve the issue?
We tried using the direct API Access, which worked when set up correctly but since we didn't have a OAuth Flow in place the Access token is only valid for restricted amount of time obviously and has to be refreshed. Hence we have to think first about how to grant access correctly
I would love to hear, what the right approach would be to achieve our desired result.
Once again Apologies for this kind of question, just trying to have a better understanding before we start building :)
Best regards!
According to the use case you mentioned using JWT Grant is fine as users of your integration will use a single system account to log in, you should use JWT Grant.
I would recommend going with the below link to know more regards different use cases and check the knowledge
https://developers.docusign.com/platform/auth/choose/
https://developers.docusign.com/platform/auth/oauth2-requirements-migration/
Building an app where I have to generate documents for users to sign (where the users are not employees that are part of the docusign account). Based on the docs here: https://developers.docusign.com/platform/auth/, I should be using a JWT Grant for authentication.
My question is: when any user opens up the document to start signing, is there a way to maintain the progress that the user has made while keeping embedded signing? I've seen the "Finish Later" button, but that sends an email to the user.
The status of the signing for the specific user is maintained by DocuSign. If they go back to sign again, they'll see whatever progress they made so far. In order for you to do that, you'll have to call the same API to generate a new embedded signing URL for the same user, just the same way you did the first time. You can completely avoid having any emails sent to the user if that's what you want.
Final comment - all of this has nothing to do with JWT. You can use JWT or use Auth Code Grant and the rest is the same.
Using the REST API for remote signing and it's been working great for about a year now.
We have a user of our system that wants to send documents for e-signature, and I'd like to limit their access to their own documents, let them get the notifications of document completion, etc.
I know I can create additional users in the admin section but I'm not sure of where to look from there. Is any of the rest possible?
Yes, add the person as a regular (not admin) sender in your DocuSign account. They'll only be able to see envelopes (transactions) that they sent.
They can also see envelopes that were explicitly shared with them by another sender
Added: authenticate as a different person
Your API application sends envelopes by using the credentials of an account member. If this is a non-person such as "finance#yourCompany.com" then we call that a "system user."
Your question was how to send envelopes from a sender who is not an administrator. The answer is to authenticate to the DocuSign API as that person. This can be done with the OAuth JWT or Authorize Code grant flows.
Ask a new question if you have more questions on how to do this.
I have an app were there are 2 kinds of users.
A builder and an owner.
Now there is a centralized platform that I am building, were each builder who have their own docu sign account with them, will register. And then provide with a docusign URL (I am not sure what that is), and the owner then clicks on the link, once they are logged in to their part of the system. They sign the document using docusign and the builder gets the corresponding response in the centralized system.
Is this approach can be done using docusign? Or the working of this is completely different?
You're likely referring to embedded signing vs remote signing from what I understood from your description.
https://developers.docusign.com/docs/esign-rest-api/esign101/concepts/embedding/
In embedded signing, your app will take care of authenticating the users on DocuSign's behalf.
Yes. The Builders are the DocuSign senders. As you say, they have the DocuSign accounts that will be integrated into your system.
The owners are DocuSign recipients. More specifically Signer Recipients.
The owners do not sign into DocuSign at all. They may register (and login) themselves with your app, that's a different issue.
When appropriate, the owners click a link on your app to sign documents.
You then have some options: did the builder initiate a signing request for the owner to sign at some point in the future? Or is the signing request initiated when the owner decides that they want a document generated that they will then sign? (Or both?)
When it comes time for signing, if the signing ceremony is presented by your app to the owner, we call that embedded signing.
If the builder initiates a document to be signed by the owner, then the quickest technique is to immediately send a signing request (by email or SMS) directly to the owner. That's called remote signing by DocuSign. (The other way to do it is to wait until the next time the owner logs into your app. I would not recommend this since it would tend to slow down the completion of the signing process.)
I want to add the docusign API with my application I create the docusign development account. I dont want to go mail to the signer. Its work automatically when my a user enter in my website and click to button go to docosign application. How i can do that. any one can help me?
Marco is right that you need to be careful about how you authenticate users who are coming into your application. The proof that the signature took place is only as strong as your authentication system. DocuSign has over 7 security options and the e-mail activation gives it more validity.
Having said all that you can absolutely embed DocuSign into your application. Here is a walkthrough on how you can embed DocuSign into your web application: https://www.docusign.com/developer-center/quick-start/embedded-signing
You cannot have a link in your application because this would reduce the value of the electronic signature: it would be more difficult to proof that the real signatory signed the document if the link was accessible not only to the recipient of the email.
DocuSign wants to be sure that their servers are the only one who manage the links for signatories.
There is no API to get the link.