Docusign login advice - docusignapi

In my testing, I used a web proxy to get thru the firewall here so I could send envelopes. Now I will no longer be using the proxy. Do I need to log in for each web request ( like getting the templates, creating an envelope, etc )? The way we will use docusign is like this: a client consultant will see 3 documents that need to be sent to user X. So they will create an envelope with the 3 documents and send it out. They only need to connect to Docusign for a few rest calls and then they're done. The client consultants will connect to Docusign a few times a day, maybe no times a day if there are no documents to send. I'm assuming that I should go out and see if I can connect to Docusign without a problem before attempting to send out an envelope. What workflow are other people using in similar situations? Thanks for any advice.

I think a short answer here is that every API call you make requires a form of authentication provided, whether it is username/password or an oauth token passed in the appropriate x-header in your API request. I doubt your proxy was adding this on your behalf, so IMO I do not see what you will be gaining/losing by removing the proxy.

Related

Which is the correct OAuth Flow for our use case?

First of all, I apologize for eventual noob questions, we are very new to the DocuSign API and are currently trying to wrap our heads around which is the most correct way of accessing the API.
I will start with an overview of our use case. We recently purchased a DocuSign prod. Account with an Organization enabled.
We have a Partner which uses a CMS Tooling which integrates with said DocuSign Account. This Tool allows for the Backoffice to create envelopes with documents inside and a url which leads to the signin ceremony through the Templates that we create inside the DocuSign Account. This url is afterwards send to the customer for them to sign the documents in the envelope. This Part is working and is currently being used.
Now what we want to achieve on our side, we have a nextJS web-app which allows the same customers (Which are the receivers of the created envelopes in the step above, same e-mail in both steps) to sign-in our web-app. We want to show the customer in a dashboard, if there are envelopes for him open that he can sign and if this is the case we want to show him the url which leads to the signin ceremony.
We were able to see that as soon as an envelope for a certain User is created through the CMS Tooling, we can see that envelope in our DocuSign Prod Account.
Now our thought process was, to show our customer his open envelopes, we just fetch all open envelopes in our DocuSign Account which match the customers E-Mail.
Is there anything wrong with this process or are we overlooking something?
And if it is okay to proceed this way which of the OAuth Flows is the correct one to use for this case?
From my understanding, the JWT Flow seems like the most reasonable one? Since the Customers that need to sign the documents, will not have any DocuSign accounts.
What have you tried to solve the issue?
We tried using the direct API Access, which worked when set up correctly but since we didn't have a OAuth Flow in place the Access token is only valid for restricted amount of time obviously and has to be refreshed. Hence we have to think first about how to grant access correctly
I would love to hear, what the right approach would be to achieve our desired result.
Once again Apologies for this kind of question, just trying to have a better understanding before we start building :)
Best regards!
According to the use case you mentioned using JWT Grant is fine as users of your integration will use a single system account to log in, you should use JWT Grant.
I would recommend going with the below link to know more regards different use cases and check the knowledge
https://developers.docusign.com/platform/auth/choose/
https://developers.docusign.com/platform/auth/oauth2-requirements-migration/

Pass header from Docusign Connect to webhook

I am trying to push notifications from DocuSign Connect to our webhook.
Is there any way to provide a header named Appkey and a given value when DocuSign connect pushes notifications to the provided webhook URL?
Our webhook requires a header named AppKey to access it.
Currently, I don't see any such configuration in Docusign Connect UI.
Drew is correct that custom headers can't be supplied at this time.
A possible workaround: you can supply parameters via the URL's query parameters. Eg use URL https://docusign-listener.example.com/?appkey=123
Remember that, thanks to the SSL/TLS protocol, the query parameters are NOT visible to anyone tapping the line since they are only sent after the encrypted channel is set up between the client (DocuSign) and the server (your app).
Also, if you'd like to be able to specify headers for the notification message requests, ask your DocuSign technical contact to add your organization's information to the internal ticket CONNECT-1109. Adding your information will help increase the priority of the enhancement request.
No, DocuSign Connect doesn't support custom headers.

DocuSign Connect vs EventNotification attribute in createEnvelope call

We are doing an integration with DocuSign where users can submit documents stored in our system to DocuSign to get the documents signed. We have the DocuSign Connect feature working in our demo account. We can process messages from DocuSign successfully.
We were concerned that getting users to add a Connect Configuration themselves may be too challenging for some and it will be error-prone.
I see now in the documentation that it is possible to automatically get DocuSign to push notifications by passing the information in the EventNotification attribute when we call createEnvelope. Is this an acceptable way to get push notifications from DocuSign? Will this cause issues with getting the integration certified?
Is there any other way to get Connect configured easily in customer accounts?
This is an old question, but I wanted, for the record to have answers, since it's important to anyone who may be reading this.
We see now in the documentation that it is possible to automatically
get DocuSign to push notifications by passing the information in the
EventNotification attribute when we call createEnvelope. Is this an
acceptable way to get push notifications from DocuSign?
Yes, it is. It's a very good way in fact, to reduce polling and make your app better. We highly recommend that you use EvenNotification and sign-up for events going through a webhook to your app such that you can handle them in your code only when they occur, instead of polling DocuSign APIs repeatedly.
Will this cause issues with getting the integration certified?
The opposite is true. If you use polling you may have issues being certified. Using connect events with a webhook is one way to avoid the need for excessive polling which could cause issues with the certification.
Is there any other way to get Connect configured easily in customer
accounts?
You can configure connect like you suggested using EventNotification at the envelope level. This approach works well for ISVs since you don't need your customers to have admin access to their accounts.
The other option is account-level connect configuration, which does require admin level access and there are some other limitations. This approach adds the connect webhook for all envelopes in the account. So it may or may not be better, depending on your scenario.

Envelope Signed Notification

I create a pdf on our system and then pass that to docusign for the user to sign. I want to automatically download and save the signed envelopes in our system. Is there a way for docusign to send a post request after the document is signed?
Right now, I randomly (every other hour) connect to docusign and check if the envelope is signed using the docusign api, but this is really not optimal. There are a lot of users who view the pdf in docusign and decide they don't want to sign the document.
The "DocuSign Connect" feature is designed to do exactly that -- send a POST to an endpoint you specify, in real-time, as specified Envelope events occur. Basically it works like this: you build a "listener" app (i.e., a web page that will receive POSTs from Connect), you configure Connect (within your DocuSign account (Preferences >> Connect) to specify the endpoint of your "listener" and select which Envelope events you want your listener to receive notifications for, etc., and once that Connect configuration is enabled, DocuSign will send a POST to your listener endpoint whenever the specified Envelope event(s) occur.
The DocuSign Connect Service Guide (https://10226ec94e53f4ca538f-0035e62ac0d194a46695a3b225d72cc8.ssl.cf2.rackcdn.com/connect-guide.pdf) describes Connect and how to configure/use it -- I'd suggest that you start by reviewing the guide, and post any additional questions here on SO if you run into any issues implementing Connect.

Count sent emails per day in a google managed domain

I have a requirement where I have to count all sent email by users belonging to a domain that they manage with google. All email is of course managed with gmail.
Although this task initialy seemed trivial, there doesn't seem to be a way to do this directly, meaning through some API call.
Any ideas?
Thanks
Stelios
As far as I know the Gmail API doesn't offer access to the total of send items.
Tthe g4j project (written in Java) reverse engineered Gmail's protocol in order to access an account using HTTP calls. However, the solution is fragile since it could be easily broken whenever Gmail decides to change its HTTP protocol.
Screenshot of a Java application build on top of g4j:
It's not easy but there is a way to access a gmail account.

Resources