I want to add the docusign API with my web application software - docusignapi

I want to add the docusign API with my application I create the docusign development account. I dont want to go mail to the signer. Its work automatically when my a user enter in my website and click to button go to docosign application. How i can do that. any one can help me?

Marco is right that you need to be careful about how you authenticate users who are coming into your application. The proof that the signature took place is only as strong as your authentication system. DocuSign has over 7 security options and the e-mail activation gives it more validity.
Having said all that you can absolutely embed DocuSign into your application. Here is a walkthrough on how you can embed DocuSign into your web application: https://www.docusign.com/developer-center/quick-start/embedded-signing

You cannot have a link in your application because this would reduce the value of the electronic signature: it would be more difficult to proof that the real signatory signed the document if the link was accessible not only to the recipient of the email.
DocuSign wants to be sure that their servers are the only one who manage the links for signatories.
There is no API to get the link.

Related

Which is the correct OAuth Flow for our use case?

First of all, I apologize for eventual noob questions, we are very new to the DocuSign API and are currently trying to wrap our heads around which is the most correct way of accessing the API.
I will start with an overview of our use case. We recently purchased a DocuSign prod. Account with an Organization enabled.
We have a Partner which uses a CMS Tooling which integrates with said DocuSign Account. This Tool allows for the Backoffice to create envelopes with documents inside and a url which leads to the signin ceremony through the Templates that we create inside the DocuSign Account. This url is afterwards send to the customer for them to sign the documents in the envelope. This Part is working and is currently being used.
Now what we want to achieve on our side, we have a nextJS web-app which allows the same customers (Which are the receivers of the created envelopes in the step above, same e-mail in both steps) to sign-in our web-app. We want to show the customer in a dashboard, if there are envelopes for him open that he can sign and if this is the case we want to show him the url which leads to the signin ceremony.
We were able to see that as soon as an envelope for a certain User is created through the CMS Tooling, we can see that envelope in our DocuSign Prod Account.
Now our thought process was, to show our customer his open envelopes, we just fetch all open envelopes in our DocuSign Account which match the customers E-Mail.
Is there anything wrong with this process or are we overlooking something?
And if it is okay to proceed this way which of the OAuth Flows is the correct one to use for this case?
From my understanding, the JWT Flow seems like the most reasonable one? Since the Customers that need to sign the documents, will not have any DocuSign accounts.
What have you tried to solve the issue?
We tried using the direct API Access, which worked when set up correctly but since we didn't have a OAuth Flow in place the Access token is only valid for restricted amount of time obviously and has to be refreshed. Hence we have to think first about how to grant access correctly
I would love to hear, what the right approach would be to achieve our desired result.
Once again Apologies for this kind of question, just trying to have a better understanding before we start building :)
Best regards!
According to the use case you mentioned using JWT Grant is fine as users of your integration will use a single system account to log in, you should use JWT Grant.
I would recommend going with the below link to know more regards different use cases and check the knowledge
https://developers.docusign.com/platform/auth/choose/
https://developers.docusign.com/platform/auth/oauth2-requirements-migration/

Sign document from own site using docusign

I am developing one application and successfully integrated it with DocuSign.
I am sending an envelope to the user using docusign API, the email sent from docusign host, when the user clicks the email it navigates to DocuSign website. Is it possible to edit the email sent link and sign from my own website?
Note: Still ok, if this functionality available any other third party instead of DocuSign.
Yes, please have a look at our embedded signing page:
https://developers.docusign.com/docs/esign-rest-api/esign101/concepts/embedding/
More specifically, review createRecipient API: https://developers.docusign.com/docs/esign-rest-api/reference/envelopes/envelopeviews/createrecipient/
Let us know if you still run into issues implementing this.

Docusign eSignature REST API authentication

I am trying to integrate Docusign in my Web application. The website workflow will be as follows:
Users visit my website and log in.
Users will be given the option to choose Docusign Templates.
After selection, users need to sign that document.
After a successful signing, the signed document is sent to some authority.
My problem is how can I link my users to Docusign to sign. Does every user needs to have an account for embedded signing?? I need some help in understanding the flow of authentication and signing in DocuSign REST API. I have gone through the documentation but didn't understand properly. When I try to use the auth grant GitHub code to understand the flow. After logging in, it throws a null pointer exception. Please, someone, help me.
You can find code example in different languages to do what you're asking (sign from a template). You will want to use embedded signing so that the user sign as part of the app and not remote signing (via email).
As for your authentication question, no, signers never need to be part of the account. The sender can be a single user that is "sending" envelopes that are embedded in the app. So while there's no sending technically, you can think of it this way.
Hope this makes sense, please ask additional questions if not clear
recipientID is a GUID uniquely used to identify a recipient in DocuSign. When you create an envelope, each recipient should have one.
"and If the same name+email combination comes again, will it get the same signature or generate a new one?" It will remember it if they have an account.

Integrating Docusign in our webapp

I am new to Docusign and we have a requirement to integrate Docusign in our web app. I have gone through all the links for integrating docusign into a web app using REST Api calls. After thorough read and watching youtube videos, I came to know that we can integrate docusign in our web app through REST API calls but for the same additionally we need to develop our own UI to upload documents and send it to the recipient. But basically we are looking something where we can be reidrected to docusign from our webapp to perform all the operations of sending document for signing and once document is sent then I will be redirected back to our web app.
Kindly help with the above query and let me know if my understanding is correct for integration of docusign and for the same developing our own UI in our web app. Also please let me know if there is any alternative to fullfill the requirement of directly accessing docusign from our web app and performing all required operations of sending a document to recipient.
Thanks in advance!
So you want a button on your web app that says "Sign with DocuSign" and then what?
Most customers who want to send from their web app already have the documents controlled by their web app.
They:
authenticate the user with DocuSign (OAuth Authorization Code Grant)
Upload the document to DocuSign from their app.
Add tabs (signing fields) to the documents programmatically. (This is not hard and it saves the sender a lot of work.)
Upload the recipients (signers, copy-only recipients, etc)
And then tell DocuSign to send the envelope (the transaction).
Applications can also monitor the progress of the envelope through the signing process and programatically act on the signed documents.
The above is not hard to do and provides a good user experience.
You can also redirect the user of your application to DocuSign to accomplish any/all of the above manually. But the more the user does manually, the less convenient the integration will be for them.
If you want the manual experience, check out the EnvelopeViews::createSender method.

Provisioning limited DocuSign REST API Access

A 3rd party website is offering our service to their members. When they sign up, members have to agree to our contract. Currently this is handled manually, with envelopes being sent through email. We want to streamline this process allowing members to enter their information into the web site, and then immediately be presented with a contract to review and sign.
The 3rd party web site will collect the member information, then use the REST API to create a draft envelope based on a Template and information the the member enters on the website. The application will then display the contract in the web page so that the user can review and sign it. The document workflow will ensure that signed copies are routed to appropriate parties within our company via email for completion.
We want the 3rd party web site to have access to an account to which we can share templates. We want the 3rd party application to have very limited capabilities trhough the API:
Submit requests using a User ID and Integrator Key that we provide. These credentials need be different from other User Ids and Integrator Keys under our account
Create a draft envelope based on the templates we provide
Post a Recipient View allowing the application to display the document for review and siganture (in an IFrame)
Receive the signing status via the return URL provided in the Recipient View post
Possibly request status for an envelope
The external application should not have access to other templates, documents, or unnecessry API calls.
We want to be able to cancel the application's access at any time.
Question: Permissions and API Limitations
Is the above scenario feasible with respect to establishing limited access to the DocuSign REST API? How would we set this up?
Do account user permissions limit API use, if the API is enabled for the user? I found these settings in the user permissions section of the documentation. I can make guesses as to how to set them, but I need guidance on the actual implications of some settings.
Submit DocuSign API Requests: true
Manage Account: false
Send Envelope: true
Manage Templates: Use
DocuSign Desktop Client: false
Transfer Envelopes to User: false
Allow sender to set email language for recipients: false
I assume "Account-Wide Rights" should be false, but under that option in the documentation, it lists RequestStatus as one of calls covered. Will an application embedding the signing process still have sufficient permissions to complete the tasks listed above if "Account-Wide Rights" is false?
Are there other settings or issues I need to consider?
Firstly, thanks for using DocuSign. The answer to your question is in a few different parts. To clarify, I am answering assuming:
1.) You are a current customer (or about to be one) of DocuSign.
2.) You have a plan that is set up to allow integration (IE you aren't trying to do all of this with a personal plan, or something like that).
There are a couple of terms I will use... Sender and Recipient. In this scenario, the THird Party Website is "the sender" and they are Sending the documents through YOUR DocuSign account, using the API. The people who are signing up for your service are going to be Envelope Recipients.
Just like with the post office, someone has to send, and someone gets the envelope.
So far so good.
So what will happen is that the third party website will write some code that knows how to talk to the DocuSign API, and you will need to know:
-DocuSIgn Account ID (this is your DocuSign account)
-The Integrator Key (this is the key that you will need to certify before going live, which identifies all those API calls as coming from them)
-Credentials to access your account (this can be either the actual creds, or a token, etc).
Now, there are two ways to do it. You can either have the third party website make the and send all of the envelopes as if they all came from a single "user" in DocuSign (likely) or if you know that a particular user should send out things, you can do that too.
I am going to assume that all of the sign up packets will be sent as if they came from something like Signup#company.com.
So you will make sure you have a user in your DocuSIgn account with that Email address and name, and make sure that user has the ability to send via the API (there's a setting in DocuSign admin), and all envelopes will be sent as if that "person" sent them.
You will need the settings for that user (the one that will "send" all the envelopes), set as you showed above. You would need the Account Wide access if you wanted to send "on behalf of" a different user. But you aren't doing that, so you should be cool.
The last thing is that you will need to make sure you have an envelope based plan (as opposed to a seat based plan) because otherwise, that one mega-user will look suspicious (sending hundreds of envelopes in an automated fashion).
I hope this answers the question?
-Dan

Resources