I have a docusign developer account in demo.docusign.net. I am integrating my application with docusign through SOAP API. I want to send signature email notification through a different username other than authenticating user. I guess my requirement is close to SOBO(Send On Behalf Of) feature in docusign. But when I am building the SOAP Header like below it is throwing an error
Error : "This User lacks sufficient permissions. Fail to resolve SendOnBehalfOf user"
Soap Header:
r.Headers.Add("X-DocuSign-Authentication", String.Format("<DocuSignCredentials><Username>{0}</Username><Password>{1}</Password><IntegratorKey>{2}</IntegratorKey></DocuSignCredentials>", "[memukesh#yahoo.com; Mka Agr]" & UserName, Password, IntegratorKey))
Raw XML:
POST https://demo.docusign.net/api/3.0/dsapi.asmx HTTP/1.1
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; MS Web Services Client Protocol 2.0.50727.5420)
X-DocuSign-Authentication: <DocuSignCredentials><Username>[memukesh#yahoo.com; Mka Agr]163ef546-49fd-487c-90a5-cbd0c40d174f</Username><Password>XXXXX</Password><IntegratorKey>TEST-54822f15-d597-40bf-a835-c5fd9241f97f</IntegratorKey></DocuSignCredentials>
VsDebuggerCausalityData: uIDPo59vkwnnhgJAhoiRA3V9nFwAAAAASqymGNrUZk6ydtO1QDqOu14YrRe53eBIkSLy+CUq/l4ACQAA
Content-Type: text/xml; charset=utf-8
SOAPAction: "http://www.docusign.net/API/3.0/RequestStatus"
Host: demo.docusign.net
Content-Length: 378
Expect: 100-continue
Connection: Keep-Alive
<?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Body><RequestStatus xmlns="http://www.docusign.net/API/3.0"><EnvelopeID>ba96b207-057f-4dbe-9696-b8ea28a2da7d</EnvelopeID></RequestStatus></soap:Body></soap:Envelope>
Can you please tell me whats wrong here?
With DocuSign you never need an account to sign documents and signing is always free, however, you do need a DocuSign account to Create and/or Send signature requests. With that said, using SOBO is indeed one way of showing a different user name as the sender, but you can only use SOBO for authenticated users in the same account.
Therefore, if you want to show two different senders the best way is to create users for every unique sender you have. Based on the account plan that you purchase you're allowed a given amount of users on that account plan. You can create/add users manually through the Web Console or programmatically through the REST or SOAP APIs.
See here for creating new users through the REST API.
See here for creating new users through the SOAP API.
Note that you can also create new accounts through the APIs as well though to do so you need to contact your account manager for a distributor code and password.
Looks like you have the format within right:
<Username>[mysoboemail#email.com]myconnectingemail#email.com</Username> (or use userid instead of email).
I think you just need to change [memukesh#yahoo.com; Mka Agr] to only be [memukesh#yahoo.com]. Remember that email has to be associated with a DocuSign account as well
Related
I created an email invitation using Microsoft Graph to a azure ad application. IN the email that was being received on clicking the Get Started (Elements of Email Invite)element it is being redirected to the signin page not the sign up page of the application that i want to redirect to.
How can I disable that element or override the Redeem url?
I suppose you are using Create invitation from Microsoft Graph? If so, you could specify the inviteRedirectUrl in the request body to customize where you want your users to land after redemption.
POST https://graph.microsoft.com/v1.0/invitations
Content-type: application/json
Content-length: 551
{
"invitedUserEmailAddress": "yyy#test.com",
"inviteRedirectUrl": "https://myapp.com/xxxxxx"
}
For more details, see Azure Active Directory B2B collaboration API and customization.
IN the email that was being received on clicking the Get Started
(Elements of Email Invite)element it is being redirected to the signin
page not the sign up page of the application that i want to redirect
to.
In the invitation, it uses the invitation manager to create an invite, in order to add an external user to the organization. After making the invitation, the invited user doesn't need to sign up and already be a member/guest user in the azure ad.
For the details, you could read here.
When using the Docusign API (in my case, via the Sandbox/demo env), in the signing view at the top of the screen it displays the name & company of the user account that was used to authenticate with the API.
However, because this is embedded signing from my app, I would have thought we'd only have one user account - for the app. So I want to change what appears at the top there - the information on the sender of the envelope. Either to be the user account that exists in my app that created the envelope, or just to state what company sent the document.
Are there options on the API to do this? I can't see any reference to anything like this in the envelopeDefinition JSON structure in the REST API docs.
You can use the DocuSign SOBO - Send On Behalf Of Functionality
The Send On Behalf Of feature permits automated sending through the API by one account user on behalf of another account user.
More information here
We are creating Captive recipients using DocuSign SOAP based API call - CreateAndSendEnvelope in .net web application into our clients' DocuSign accounts.
We are able to create envelopes fine but while requesting tokens for captive recipients, we have to require our clients turn off X509 signing certificate. We have to ask them to enable two options from their DocuSign account.
In Session
Don't Enforce In Session Certificate
At times, it becomes cumbersome for us and for our clients to have these features enabled buy our/their DocuSign account representative.
In order for our captive recipients to sign document with valid X.509 signing certificate, what do we need to do? According to DocuSign's documentation, if we provide DocuSign with signing certificate common name(CN), DocuSign can validate the XML signature and our captive recipients can sign the document without enabling those two options.
If we are creating envelopes using captive recipients, do we need to provide CN for each of the DocuSign account that we are working with? Is there anything that we need to include in the request header?
Please advise..
Juiced Tech:
As mentioned per DocuSign Documentation at link: https://www.docusign.com/p/APIGuide/Content/Embedding%20Group/Pre-DocuSign%20Operations.htm
Here is a link for signing an xml soap body with an X.509 Certificate using .NET:
https://msdn.microsoft.com/en-us/library/ms819963.aspx
As mentioned in the other StackOverflow article link, if it is acceptable you can turn off the requirement, but not advised DocuSign API: "Invalid Signature Credentials" error using Captive (Embedded) Recipients
As an alternative, you could make the REST API call for the recipient view and remove the need for the x.509 and CN all together as the two settings support needs to change are not observed by the REST API. The method is POST {vx}/accounts/{accountid}/views/{viewtype} and you can get the accountid from a REST login_information call to correlate to the accountGUID you have in SOAP. Stays the same for the account, so you only need to call on time per account and cache/persist it. https://www.docusign.net/restapi/help
I'm using the DocuSign REST API (from a developer demo account) to send a document to an e-mail address that already has a DocuSign account (free account). The user gets the DocuSign notification in their e-mail but not in their DocuSign web interface .........Am I doing something wrong ? Is there a specific API that I have to use so that the documents go into the users' DocuSign web interface ( if the user has an account associated with the e-mail address ).
Cheers !
My request is the following:
--b2cb90e7^M
Content-Type: application/json^M
Content-Disposition: form-data^M
^M
{"status":"sent","emailBlurb":"Please review and sign this report.","emailSubject":"Patient Report","documents":[{"documentId":"1","name":"TEST006.pdf"}],"recipients":{"signers":[{"recipientId":1,"name":"Some Name","email":"somename#company.com","tabs":{"signHereTabs":[{"xPosition":42,"yPosition":42,"documentId":1,"pageNumber":1}]}},{"recipientId":2,"name":"Some Name","email":"some.name#gmail.com","tabs":{"signHereTabs":[{"xPosition":42,"yPosition":42,"documentId":1,"pageNumber":1}]}}]}}^M
--b2cb90e7^M
Content-Type: application/pdf^M
Content-Disposition: file; filename="TEST006.pdf"; documentId=1^M
^M
etc.
Do I understand correctly that your scenario is as follows?
The Envelope is being created/sent via API in the DocuSign Demo environment (http://demo.docusign.net).
The DocuSign account owned by the recipient of the Envelope is a "Free Trial" account. (It's a "Free Trial" account if it's accessed via either http://www.docusign.net or http://na2.docusign.net -- this is the DocuSign Production environment.)
If that's your scenario, then the reason that the Envelope's never showing up in the recipient's DocuSign Inbox (within their "Free Trial" account) is because an Envelope that's sent from the DocuSign Demo environment will never be delivered to a DocuSign user's Inbox in the DocuSign Production environment -- and "Free Trial" accounts technically reside in the DocuSign Production environment.
If you want to test the scenario of sending an Envelope via API in the Demo environment and have it arrive in a user's DocuSign Inbox, then that user account will need to exist in the DocuSign Demo environment as well. You can either add that user as a new user within the same account that you're API calls are using, or create that user under an altogether separate DocuSign account by simply creating another "DocuSign Developer account" via the DocuSign Dev Center.
I would like to use the REST API to get a URL to open the sender view:
curl --request POST 'https://demo.docusign.net/restapi/v2/accounts/001122/envelopes/33fef057-1111-1111-8e81-5d93739ae4fd/views/sender' --data '{}' -H 'Accept: application/json' -H 'Authorization: bearer xxxxxxx=' -H 'Content-Length: 2' -H 'Content-Type:application/json'
Response from DocuSign:
{
"url": "https://demo.docusign.net/Member/StartInSession.aspx?StartConsole=1&t=888db3ea-1e85-4860-a8e5-e9b37f38d769&DocuEnvelope=29fae057-9213-4485-8e81-5d93739ae4fd&send=1"
}
In our application, I would like to create an envelope in the "created" status with default values and then open the sender view so that the user can complete the envelope and send it.
The end user is not supposed to know the credentials for the authenticating user that I am using to create the envelope and to open the sender view: the url returned by the API contains a token that should work for some minutes.
I have implemented this solution and everything works, but there is something that I was not expecting. I thought that the url returned could be used only to execute a single operation (to send the envelope), but it seems that the user has complete access to the account as if he/she has executed a login.
Is there a way to limit the access just to the sender view for the given envelope?
Thank you,
Marco
Using the embedded Sender view (or the embedded Correct view) will always grant the user (sender) the same access to that DocuSign account as they would have if they logged into the console directly with the credentials supplied in the API request header. i.e., even though they are initially taken directly into the Envelope that the API request specifies, there's nothing to prevent them from navigating outside of that Envelope to other areas of the DocuSign console, where they'll have full access to the account to view/send/delete Envelopes, etc.
I had a similar requirement while using the embedded sending and signing using Docusign APIs. If you want to customize the sender view and restrict him to access the other docusign features of his account, you can look into branding. As an admin user you can edit the branding details of a docusign account to enable and disable certain options like "Go Back" to dashboard options.
Refer to below link for more details,
https://10226ec94e53f4ca538f-0035e62ac0d194a46695a3b225d72cc8.ssl.cf2.rackcdn.com/quick-start-account-branding.pdf