DocuSign - Granting Consent - Redirect URI Variable - docusignapi

I have been following the DocuSign documentation to have a user "grant consent" for an application to user a DocuSign user account. I got that working. Now I am trying to make some adjustments to the url that sends a user to DocuSign, and then redirects the user back to my application.
This works for me right now:
https://account-d.docusign.com/oauth/auth?response_type=code&scope=impersonation&client_id=XXXXXX&redirect_uri=http://localhost:8080/DocuSignCallBack
What is want to do:
https://account-d.docusign.com/oauth/auth?response_type=code&scope=impersonation&client_id=XXXXXX&redirect_uri=http://localhost:8080/DocuSignCallBack?variableName=ABC123
(Where 'ABC123' is dynamic)
In short - I want to pass a dynamic value in the redirect URL so that when I get the callback, I still have the value. My problem: When try to pass the variable, it doesn't work. DocuSign complains that the Redirect URL isn't configured - so I adjusted the DocuSign Redirect URL for that client to include the '?variableName=' on the end - I got the same error.
My Question: Can I pass a dynamic value to DocuSign in the redirect_uri, and get that value back when I receive the callback? How can I adjust the configuration at DocuSign to allow a variable in the URL?

You cannot pass dynamic variable in redirect_uri, it should exactly match what has been configured in your IntegratorKey. To pass anything dynamic, you can use state parameter, whatever value you will set in state while calling DocuSign URL, DocuSign will pass exactly same value in the response after authenticating the user in the response. The Request URL may look like below:
https://account-d.docusign.com/oauth/auth?response_type=code&scope=impersonation&client_id=XXXXXX&redirect_uri=http://localhost:8080/DocuSignCallBack&state=variableName_ABC123
Treat this state parameter for the dynamic variable.

Related

Docusign Redirect URL Not Registered Properly Error

I am using Power Automate for all my API calls to Docusign. I want to be able to capture the authorization code when a user logs into Docusign and then run a flow to get access and refresh tokens.
My flows work when I manually copy the authorization code from a localhost redirection browser session and get the user tokens. I want to be able to redirect to a power automate webhook URL so that when the user logs in, the authorization code is redirected to the power automate webhook trigger where I can grab the authorization code and process it to get user tokens. As an example, I have set up a power automate HTTP webhook trigger and have a URL provided by MS to point to.
https://prod-63.westus.logic.azure.com:443/workflows/887839a887d945919f8a0bb1aa89d2fa/triggers/manual/paths/invoke?api-version=2016-06-01&sp=%2Ftriggers%2Fmanual%2Frun&sv=1.0&sig=_3pQLhhEORjAAe3V_IjCPNgBYnHnw2nrdP-oEoIPvyA
I registered this in Docusign as a redirect URL. No configuration or format error was indicated when registering this URL.
When I attempt to log in via a browser session, after entering my credentials, I get a redirection URL not properly registered error.
Are there format or length or other parameters that prohibit the use of this type of URL as a redirection in Docusign?
I'm 90% certain that the URL you are using is dynamic
The sig=_3pQLhhEORjAAe3V_IjCPNgBYnHnw2nrdP-oEoIPvyA
Represent something that will not be the same next time and therefore, my hunch is that it won't do no good to add this type of URL to the list of redirectURI.
You can check to make sure I'm right by looking at the URL you get when you get the error.
If I'm right, then you would have to change your approach to this.
If I'm wrong, then maybe there's some issue with some special character or some other inconsistency and I can ask our engineers to look into this.
It looks to me like you should use the Custom Connector Authorization section of your connector instead of your current approach.
See this doc

DocuSign parameterized redirect URI

IS there a way to have a parameterized ( or a uri with some wild cards) URI set to redirect
URI in the api portal of DocuSign?
From code I would set something like this.
ReturnUrlRequest.ReturUrl = "example.com/id=100"
On DocuSign API management portal, could I set Redirect URIs
example.com/id=[wildcard]
or
example.com/[wildcard]
where wildcard can be matched to anything?
Thanks
The term redirect_uri is used in multiple places within DocuSign systems.
The redirect uri used as part of the OAuth Authorization Code and Implicit grant flows can not be parameterized.
The redirect uri's that can be set via branding can include query parameters.
The redirect uri's used for embedded sending and other embedded flows can include query parameters.
Correct. To accomplish this, you can create and edit a custom brand for your signing experience. The Redirect URI (referred here as landing pages) can be customized.
To initialize your new custom brand, use the following endpoint.
POST /restapi/v2.1/accounts/{accountId}/brands
Then, in your app logic, you can update the landingPages property to your wildcard value. Note that this property accepts an array of name/value pairs specifying the pages to which the user is redirected after the following events occur:
Signing Completed
Viewed
Exit
Finish Later
Decline Session
Timeout
Authentication Failure
Full Guide on Branding here - https://developers.docusign.com/esign-rest-api/guides/concepts/branding
Here is the API Reference on Branding - https://developers.docusign.com/esign-rest-api/reference/Accounts/AccountBrands/create

Can we set Redirect URI dynamically or set Redirect URI at runtime if it is not added already in the Stripe Connect Account?

I have a site with dynamic URLs, Now I want to set the Redirect URL in stripe standard account at runtime. I mean, For now, I am compelled to go to my account settings to redirect URL, is there any way we can add new redirect URLs using some API?
One way to solve this is to use the state property when you create an authorize link. This will be passed through the OAuth process.
https://connect.stripe.com/oauth/authorize?response_type=code&client_id=ca_123&scope=read_write&state=special-value
When the user is redirected back to your site, you can grab the state value from the query string (special-value in my example) and then use that to help determine where to redirect the user to a final destination page after you fetch the user's credentials.

Microsoft Password Reset - Pass parameter that contains redirect URI for after reset

We use OAuth 2 with Microsoft Azure Active Directory for single sign on. When a user logs out, we pass them to the following URL, in which we can pass a post_logout_redirect_uri query param:
https://login.microsoftonline.com/<tenant-id>/oauth2/logout?post_logout_redirect_uri=https%3A%2F%2Fexample.com%2F
When a user tries to log in to our site, if they are not authenticated, they get directed to the Microsoft login page, and we pass a redirect_uri parameter here as well (with some other irrelevant query parameters).
https://login.microsoftonline.com/<tenant-id>/oauth2/authorize?redirect_uri=https%3A%2F%2Fexample.com%2F
If the user clicks the forgot password link on the login page, they can use Microsoft's Self Service Password Reset to reset their password, and then they get a link to log in with their new password (seen below). Clicking that link will take them back to the login page, and after they log in, they are redirected back to our site.
However, we also send out a link for users to access the password reset page directly:
https://passwordreset.microsoftonline.com
When a user follows this link, and resets their password, the To sign in with your new password, click here. link is not displayed. Is there any way to pass in a query parameter in this URL, similar to the login and logout endpoints, to have that link show up and redirect to the value passed for that parameter?
I have tried using redirect_uri and post_reset_redirect_uri to no avail, and have not been able to find any documentation on this.
Looking into the flow for password reset and all the query string parameters that it uses, I was able to get the link for To sign in with your new password, click here. using query string parameter ru
New Link that you should try out
https://passwordreset.microsoftonline.com?ru={url encoded value for return url}
Example:
https://passwordreset.microsoftonline.com?ru=https%3A%2F%2Flogin.microsoftonline.com%2F<tenant-id>%2Foauth2%2Fauthorize%3Fredirect_uri%3Dhttps%253A%252F%252Fexample.com%252F%26client_id%3DmyclientGUID%26response_type%3Did_token%26state%3D123456%26nonce%3DGUID
NOTE: The URL encoded value that I used is basically the same URL and parameters that get used when I try to login to my site, i.e. take the URL from browser when you're presented with Microsoft Login page as part of regular login to site. (nothing to do with password reset). Then provided a new random GUID for nonce and another random value for state parameters.
Disclaimer: I did not find any offical documentation for this. It's more out of hit & trial and going through HTTP requests created with regular password reset flow.

Pass extra parameters in ADAL return URL

I am using ADAL to authenticate a web app registered in Azure. Basically I am following this link
Is there any way I can pass additional parameters to CatchCode function. For example, lets say I need to provide CatchCode with ID of the currently selected item in database.
Any idea?
In your sign-in request URL, there's a state querystring parameter which gets returned along with the response. You can use this to pass the information your application needs when a user is returned back to your application after signing in. You can read more about this here: https://msdn.microsoft.com/en-us/library/azure/dn645542.aspx.

Resources