We send some DocuSign envelopes via email and we can't find anything in the API that will tell us if a signer failed security check. The envelope status stays in 'sent'.
The docs do not mention any status that would correspond to failed security check: https://docs.docusign.com/esign/guide/appendix/status_and_error_codes.html#envelope--recipient-status-codes
Are you using Connect to receive status events? You can have it tell you when there's an Authentication Failure. Here's what comes through when that happens. You're right the Envelope status stays Sent. The Failure is noted lower down. I imagine you'd get the same if you called the API to get envelope status directly.
<EnvelopeStatus>
<RecipientStatuses>
<RecipientStatus>
<Type>Signer</Type>
<Email>XXXXX</Email>
<UserName>John Q Signer</UserName>
<RoutingOrder>1</RoutingOrder>
<Sent>2014-12-30T07:29:45.747</Sent>
<DeclineReason xsi:nil="true" />
<Status>Sent</Status> <!-- STILL SENT -->
<RecipientIPAddress />
<IDCheckInformation />
<RecipientAuthenticationStatus>
<IDQuestionsResult>
<Status>Failed</Status> <!-- HERE IS THE FAILURE -->
<EventTimestamp>2014-12-30T13:30:09.79Z</EventTimestamp>
</IDQuestionsResult>
<IDLookupResult>
<Status>Passed</Status>
<EventTimestamp>2014-12-30T13:30:09.79Z</EventTimestamp>
</IDLookupResult>
</RecipientAuthenticationStatus>
Related
I'm developing a web application for real estate agents and their clients to easily handle offer management for real estate transactions. Using docusign's API, I'm hoping to allow my users to use embedded signing features to sign and submit documents regarding offers of their transaction.
The major issue/problem we want to solve is allowing local access to the docusign documents natively within our web application. Meaning, if a user submits a document on our platform, and requests multiple parties to sign the given document, we would like to keep a live copy within our application as it gets signed by multiple parties.
Currently, most implementations of the API simply send over the original document to docusign, and use their backend to update and notify parties when signatures have been requested or completed; meanwhile the original document submitted by the user to the platform, remains in it's original condition without any updates or changes; which can be confusing for users of the platform to keep track of the document status.
Any help in regards to solving this issue would be greatly appreciated. Is this possible? if so what tools and services are required to achieve this.
Meaning, if a user submits a document on our platform, and requests
multiple parties to sign the given document, we would like to keep a
live copy within our application as it gets signed by multiple
parties.
I have a couple suggestions. Let me know if either is what you're looking for:
First, you can call GET /envelopes/{envelopeId}/documents/{doucmentId} to retrieve docs from an envelope. Here's a link to more info on this endpoint.
Now, it also sounds like you may want to provide your realtor users with envelope status in real-time. There are a couple of ways to accomplish this, but one is greatly preferred.
Technically you CAN retrieve information about your envelopes by calling GET /envelopes?include=recipients,tabs. On your front end, this enables you to dynamically update components, such as a color-coded status column indicating to users where their agreements are in the pipeline. Downside here is that there are polling restrictions, which limit you to one such call every 15 minutes.
The preferred method is to use the Connect webhook notification service. When you create a connect configuration in your account, you can proactively receive information about your envelopes moments after events occur. (We'll ping you.) Then you can update front end components to keep your agents in the know.
Here's a sample connect notification:
<?xml version="1.0" encoding="utf-8"?>
<DocuSignEnvelopeInformation xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.docusign.net/API/3.0">
<EnvelopeStatus>
<RecipientStatuses>
<RecipientStatus>
<Type>Signer</Type>
<Email>user.email#address.com</Email>
<UserName>User Name</UserName>
<RoutingOrder>1</RoutingOrder>
<Sent>2010-06-26T09:19:18.883</Sent>
<Delivered>2010-06-26T09:19:40.723</Delivered>
<DeclineReason xsi:nil="true" />
<Status>Delivered</Status>
<RecipientIPAddress>::1</RecipientIPAddress>
<CustomFields />
<TabStatuses>
<TabStatus>
<TabType>Custom</TabType>
<Status>Active</Status>
<XPosition>364</XPosition>
<YPosition>52</YPosition>
<TabLabel>Radio</TabLabel>
<TabName>Two</TabName>
<TabValue />
<DocumentID>1</DocumentID>
<PageNumber>2</PageNumber>
<OriginalValue />
<ValidationPattern />
<RoleName>TestRole</RoleName>
</TabStatus>
</TabStatuses>
<AccountStatus>Active</AccountStatus>
<RecipientId>fb89d2ee-2876-4290-b530-ff1833d5d0d2</RecipientId>
</RecipientStatus>
</RecipientStatuses>
<TimeGenerated>2010-06-26T09:19:45.771206-07:00</TimeGenerated>
<EnvelopeID>0aa561b8-b4d9-47e0-a615-2367971f876b</EnvelopeID>
<Subject>CreateEnvelopeFromTemplates Test</Subject>
<UserName>User Name</UserName>
<Email> user.email#address.com </Email>
<Status>Delivered</Status>
<Created>2010-06-26T09:16:21.27</Created>
<Sent>2010-06-26T09:19:19.01</Sent>
<Delivered>2010-06-26T09:19:40.747</Delivered>
<ACStatus>Original</ACStatus>
<ACStatusDate>2010-06-26T09:16:21.27</ACStatusDate>
<ACHolder>ACHolder Name</ACHolder>
<ACHolderEmail> ACHolder.email#address.com </ACHolderEmail>
<ACHolderLocation>ACHolder Location</ACHolderLocation>
<SigningLocation>Online</SigningLocation>
<SenderIPAddress>::1 </SenderIPAddress>
<EnvelopePDFHash />
<CustomFields>
<CustomField>
<Name>Envelope Field 1</Name>
<Show>False</Show>
<Required>False</Required>
<Value />
</CustomField>
<CustomField>
<Name>Envelope Field 2</Name>
<Show>False</Show>
<Required>False</Required>
<Value />
</CustomField>
</CustomFields>
<AutoNavigation>true</AutoNavigation>
<EnvelopeIdStamping>true</EnvelopeIdStamping>
<AuthoritativeCopy>false</AuthoritativeCopy>
<DocumentStatuses>
<DocumentStatus>
<ID>1</ID>
<Name>Document_Name</Name>
<TemplateName>radio parents</TemplateName>
<Sequence>1</Sequence>
</DocumentStatus>
</DocumentStatuses>
</EnvelopeStatus>
<DocumentPDFs>
<DocumentPDF>
<Name>DocumentPDF_Name</Name>
<PDFBytes>PDFBytes_Information</PDFBytes>
</DocumentPDF>
</DocumentPDFs>
</DocuSignEnvelopeInformation>
Our software has been integrated with DocuSign since 2007. We've never included the notification element and the company's using the integration have always been able to use the DocuSign Admin to control those Settings. For some reason it is no longer working. I'm using the Demo environment for my testing. Has there been a change at DocuSign?
Here is an example CreateAndSendEnvelope request.
<?xml version="1.0" encoding="Windows-1252"?>
<Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<AccountId xmlns="http://www.docusign.net/API/3.0">7ee2da0d-256c-4f73-8e7d-cd1bf921b2c1</AccountId>
<Documents xmlns="http://www.docusign.net/API/3.0">
<Document>
<ID>1067</ID>
<Name>Test DocuSign Lead</Name>
<PDFBytes>JVBERi0xLjMNCjEgMCBvYmoNClsvUERGIC9UZXh0IC9JbWFnZUIgL0ltYWdlQyAvSW1hZ2VJXQ0KZW5kb2JqDQo1IDAgb2JqDQo8PCAvTGVuZ3RoIDY0NyAvRmlsdGVyIC9GbGF0ZURlY29kZSA+PiBzdHJlYW0NCnicrZZNb5tAEIbvkfwf5tj2sGE/BnZzqRS7bVJVVVMj9WDlQPDWcW0gxU6j/PvOLrZLDFixqZBWfOy8z7yzy8Dg7DdEggU0gAo1nYTKjaWFH5AP6KmW7qZBGjEIaOSq9vwyhvOPEgwzxkD8EwJ/lDNQKFjENcRfvAIPSYNmcQHxFN58W9pkZWE1n+XwXDyWkBb5ukzSNdzZZfHE3kL8C+J38CEenN24LIzLUSGlpoCH0SlpOAlKQ4WCmdBn8TnJLQyXSblo8KTEGlDjKUCv8ZIIHcZU8Epj3B/txpTaYiZjKuyVLe1t05hSvYFeY484LJKHB4dtIiuLXP4HizzaAUfJutteL9jOXo3m7R1CSh2yQJq+TGmCl8yvSdbC9CWVGLwWeeB9kLhbxFGRPmY2X8PVfLUuyme4Hl1AZFA3+FVTQOO4p9G3TSGU+02BErBl1RXuknwBOVXgopGB0PyYFNpq7iX2cphcErK95t4zCt6n5hvXKHBb86viCbLH9B6mhfMMWbKw7zvcHgE/5LdGn1znaZFZ3uE2lP7T0GuBZbi/wFN7N19D9txcVB55KhcMBSA1UKb0URa9wB51UsccJUJ1irASGZ4sQoVDU4k0q1wZxghdu+pjGOnjqqKehlFrJjdVG58sQtuFY6dhLXruK6+wt8TDe5su5vmsA4dGuQ3Vj1ev8Dj5Q7RVR1t2iL5/KZLrg1255SskmaC4QFYtItIsoi1FOZsNf3PhkNVZPURBmsH5daZgVAAJVql9/wSu7zzB5JauphQhmNS0T0P3hhrIqJcIxsW/O0sYHwpG7meGqCh2e4P4jciAYQu2mlmjtoW+gLqZQY25ua7F+eod+gW++QuC+HBbDQplbmRzdHJlYW0NCmVuZG9iag0KMiAwIG9iag0KPDwgL1R5cGUgL1BhZ2UgL1BhcmVudCA2IDAgUiAvTWVkaWFCb3ggWzAgMCA2MTIuMCA3OTIuMF0gL0NvbnRlbnRzIDUgMCBSIC9SZXNvdXJjZXMgPDwgL1Byb2NTZXQgMSAwIFIgL1hPYmplY3QgPDwgL0ltNCA0IDAgUiA+PiAvRm9udCA8PCAvRjMgMyAwIFIgPj4gPj4gPj4NCmVuZG9iag0KNCAwIG9iag0KPDwgL1R5cGUgL1hPYmplY3QgL1N1YnR5cGUgL0ltYWdlIC9Db2xvclNwYWNlIC9EZXZpY2VSR0IgL0JpdHNQZXJDb21wb25lbnQgOCAvRmlsdGVyIC9GbGF0ZURlY29kZSAvTWFzayBbMCAwIDAgMCAwIDBdIC9XaWR0aCAxIC9IZWlnaHQgMSAvTGVuZ3RoIDExID4+DQpzdHJlYW0NCnicY2BgAAAAAwABDQplbmRzdHJlYW0NCmVuZG9iag0KOCAwIG9iag0KPDwgL0xlbmd0aCAxNDkgL0ZpbHRlciAvRmxhdGVEZWNvZGUgPj4gc3RyZWFtDQp4nH2OwQrCMBBE74X+wxxVMCbttk2ugp48WFjwXGtalNJgWhH/3qQnT7LDY9kZhk2TJ6pMyABQqcNSUqS3uGBMg7vNdRHPJrKQMlDRT2LP2B1zGGGMAXeQy/geVGSiUhp8ih0kjKbQEnIqA9+wOg+2mSymez/i414erRtn37QzrnZwb7EGP8AbHDhN6kX/X62/AxwvCQ0KZW5kc3RyZWFtDQplbmRvYmoNCjcgMCBvYmoNCjw8IC9UeXBlIC9QYWdlIC9QYXJlbnQgNiAwIFIgL01lZGlhQm94IFswIDAgNjEyLjAgNzkyLjBdIC9Db250ZW50cyA4IDAgUiAvUmVzb3VyY2VzIDw8IC9Qcm9jU2V0IDEgMCBSIC9YT2JqZWN0IDw8ID4+IC9Gb250IDw8IC9GMyAzIDAgUiA+PiA+PiA+Pg0KZW5kb2JqDQozIDAgb2JqDQo8PCAvVHlwZSAvRm9udCAvU3VidHlwZSAvVHlwZTEgL0Jhc2VGb250IC9IZWx2ZXRpY2EgL0VuY29kaW5nIC9XaW5BbnNpRW5jb2RpbmcgPj4NCmVuZG9iag0KNiAwIG9iag0KPDwgL1R5cGUgL1BhZ2VzIC9LaWRzIFsgMiAwIFIgNyAwIFIgXSAvQ291bnQgMiA+Pg0KZW5kb2JqDQo5IDAgb2JqDQo8PCAvVHlwZSAvQ2F0YWxvZyAvUGFnZXMgNiAwIFIgPj4NCmVuZG9iag0KMTAgMCBvYmoNCjw8IC9UaXRsZSA8ZmVmZjAwNTQwMDY1MDA3MzAwNzQwMDQ0MDA2ZjAwNjMwMDc1MDA1MzAwNjkwMDY3MDA2ZT4NCi9BdXRob3IgPD4NCi9TdWJqZWN0IDw+DQovQ3JlYXRvciAoTWljcm9zb2Z0IFJlcG9ydGluZyBTZXJ2aWNlcyAxMi4wLjAuMCkNCi9Qcm9kdWNlciAoTWljcm9zb2Z0IFJlcG9ydGluZyBTZXJ2aWNlcyBQREYgUmVuZGVyaW5nIEV4dGVuc2lvbiAxMi4wLjAuMCkNCi9DcmVhdGlvbkRhdGUgKEQ6MjAxOTA0MjUxODU4MTktMDQnMDAnKQ0KPj4NCmVuZG9iag0KeHJlZg0KMCAxMQ0KMDAwMDAwMDAwMCA2NTUzNSBmDQowMDAwMDAwMDEwIDAwMDAwIG4NCjAwMDAwMDA3ODkgMDAwMDAgbg0KMDAwMDAwMTU1MyAwMDAwMCBuDQowMDAwMDAwOTYzIDAwMDAwIG4NCjAwMDAwMDAwNjUgMDAwMDAgbg0KMDAwMDAwMTY1MyAwMDAwMCBuDQowMDAwMDAxMzkwIDAwMDAwIG4NCjAwMDAwMDExNjQgMDAwMDAgbg0KMDAwMDAwMTcyMSAwMDAwMCBuDQowMDAwMDAxNzczIDAwMDAwIG4NCnRyYWlsZXIgPDwgL1NpemUgMTEgL1Jvb3QgOSAwIFIgL0luZm8gMTAgMCBSID4+DQpzdGFydHhyZWYNCjIwNTINCiUlRU9G</PDFBytes>
</Document>
</Documents>
<Recipients xmlns="http://www.docusign.net/API/3.0">
<Recipient>
<ID>97461</ID>
<UserName>Jane Clark</UserName>
<Email>smcmillan#gmail.com</Email>
<Type>Signer</Type>
<AccessCode>6541</AccessCode>
<RoutingOrder>1</RoutingOrder>
</Recipient>
</Recipients>
<Tabs xmlns="http://www.docusign.net/API/3.0">
<Tab>
<DocumentID>1067</DocumentID>
<RecipientID>97461</RecipientID>
<AnchorTabItem>
<AnchorTabString>[SignHere]</AnchorTabString>
</AnchorTabItem>
<Type>SignHere</Type>
</Tab>
<Tab>
<DocumentID>1067</DocumentID>
<RecipientID>97461</RecipientID>
<AnchorTabItem>
<AnchorTabString>[Date]</AnchorTabString>
</AnchorTabItem>
<Type>DateSigned</Type>
</Tab>
<Tab>
<DocumentID>1067</DocumentID>
<RecipientID>97461</RecipientID>
<AnchorTabItem>
<AnchorTabString>[BankName]</AnchorTabString>
</AnchorTabItem>
<Type>Custom</Type>
<Name>Custom Bank Name</Name>
<TabLabel>Custom Bank Label</TabLabel>
<CustomTabType>Text</CustomTabType>
<CustomTabWidth>200</CustomTabWidth>
<CustomTabHeight>25</CustomTabHeight>
</Tab>
</Tabs>
<Subject xmlns="http://www.docusign.net/API/3.0">CreditSoft - DocuSign</Subject>
<EmailBlurb xmlns="http://www.docusign.net/API/3.0">Please click link to sign the document</EmailBlurb>
Did the account settings get changed? There is a default set at the account level.
In your testing, do you get the notifications?
The setting is via the Admin Tool: Signing and Sending / Reminders and Expiration In my demo account, it appears that the default for reminders and expiring warnings is off.
Admin tool screenshot:
Update from DocuSign that a bit over a year ago they made Notification.UseAccountDefaults required. In testing I also had to set Notification.UseAccountDefaultsSpecified to be true as well. Once that was complete my envelopes showed the correction expiration and reminder Settings in the Demo account.
Dim Notification As Notification = New Notification
Notification.UseAccountDefaults = True
Notification.UseAccountDefaultsSpecified = True
envelope.Notification = Notification
I have the code written which is using envelopes to request a signature from the client like in this tutorial:
https://www.docusign.com/developer-center/recipes/request-a-signature-via-email-using-a-template
My question is, how can I define a web hook URL which can be used to update the envelope's status? I would like to be notified and to be able to update the envelope status in my database once the client signs the documents. Is this possible?
Does EnvelopeDefinition class expose some property which allows me to define the web hook's url?
Updated
We now have new series of recommended WebHook code examples which use serverless functions and cloud-based reliable queuing services. These example enable you to receive and process the DocuSign webhook notifications inside your firewall with no changes to your filewall.
Examples are available now for Node. Examples for C#, Java, PHP, and Python are being written.
AWS listener and worker Node.js examples
Azure listener and worker Node.js examples
Google Cloud listener and worker Node.js examples
The format of the webhook XML messages is documented.
Note The Connect guide (March, 2016 date on page 2) is old, and is incorrect in many cases. A new guide is in production. This guide is useful for the XML format information.
WSDL file, including the notification messages format is available.
To see the XML messages that are returned, here's a sample notification for a completed envelope:
<?xml version="1.0" encoding="utf-8"?>
<DocuSignEnvelopeInformation xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.docusign.net/API/3.0">
<EnvelopeStatus>
<RecipientStatuses>
<RecipientStatus>
<Type>Signer</Type>
<Email>signer_email#example.com</Email>
<UserName>Signer's name</UserName>
<RoutingOrder>1</RoutingOrder>
<Sent>2020-05-23T12:43:07.22</Sent>
<Delivered>2020-05-23T12:43:14.767</Delivered>
<Signed>2020-05-23T12:43:18.22</Signed>
<DeclineReason xsi:nil="true"/>
<Status>Completed</Status>
<RecipientIPAddress>141.226.182.70</RecipientIPAddress>
<ClientUserId>1000</ClientUserId>
<CustomFields/>
<TabStatuses>
<TabStatus>
<TabType>SignHere</TabType>
<Status>Signed</Status>
<XPosition>427</XPosition>
<YPosition>531</YPosition>
<TabLabel>Sign Here</TabLabel>
<TabName>SignHere</TabName>
<TabValue/>
<DocumentID>1</DocumentID>
<PageNumber>1</PageNumber>
</TabStatus>
</TabStatuses>
<AccountStatus>Active</AccountStatus>
<RecipientId>56e11847-da17-43c3-95f6-d4b675af8621</RecipientId>
</RecipientStatus>
</RecipientStatuses>
<TimeGenerated>2020-05-23T12:43:38.7282968</TimeGenerated>
<EnvelopeID>cd67ff4a-6cb1-42f3-87d3-f7c149031549</EnvelopeID>
<Subject>Please sign the attached document</Subject>
<UserName>Larry Kluger</UserName>
<Email>larry#worldwidecorp.us</Email>
<Status>Completed</Status>
<Created>2020-05-23T12:43:06.753</Created>
<Sent>2020-05-23T12:43:07.253</Sent>
<Delivered>2020-05-23T12:43:14.83</Delivered>
<Signed>2020-05-23T12:43:18.22</Signed>
<Completed>2020-05-23T12:43:18.22</Completed>
<ACStatus>Original</ACStatus>
<ACStatusDate>2020-05-23T12:43:06.753</ACStatusDate>
<ACHolder>Larry Kluger</ACHolder>
<ACHolderEmail>larry#worldwidecorp.us</ACHolderEmail>
<ACHolderLocation>DocuSign</ACHolderLocation>
<SigningLocation>Online</SigningLocation>
<SenderIPAddress>208.113.165.37 </SenderIPAddress>
<EnvelopePDFHash/>
<CustomFields>
<CustomField>
<Name>Team</Name>
<Show>True</Show>
<Required>False</Required>
<Value/>
</CustomField>
<CustomField>
<Name>Office</Name>
<Show>True</Show>
<Required>False</Required>
<Value/>
</CustomField>
<CustomField>
<Name>Order ID</Name>
<Show>True</Show>
<Required>False</Required>
<Value/>
</CustomField>
<CustomField>
<Name>AccountId</Name>
<Show>false</Show>
<Required>false</Required>
<Value>4197223</Value>
<CustomFieldType>Text</CustomFieldType>
</CustomField>
<CustomField>
<Name>AccountName</Name>
<Show>false</Show>
<Required>false</Required>
<Value>World Wide Corp</Value>
<CustomFieldType>Text</CustomFieldType>
</CustomField>
<CustomField>
<Name>AccountSite</Name>
<Show>false</Show>
<Required>false</Required>
<Value>demo</Value>
<CustomFieldType>Text</CustomFieldType>
</CustomField>
</CustomFields>
<AutoNavigation>true</AutoNavigation>
<EnvelopeIdStamping>true</EnvelopeIdStamping>
<AuthoritativeCopy>false</AuthoritativeCopy>
<DocumentStatuses>
<DocumentStatus>
<ID>1</ID>
<Name>Example document</Name>
<TemplateName/>
<Sequence>1</Sequence>
</DocumentStatus>
</DocumentStatuses>
</EnvelopeStatus>
<TimeZone>Pacific Standard Time</TimeZone>
<TimeZoneOffset>-7</TimeZoneOffset>
</DocuSignEnvelopeInformation>
There are two possible ways to do this.
One is to set up an account wide Connect Configuration within the DS WebApp, this will send the requested event notifications on every envelope sent/completed to the URL: https://www.docusign.com.au/sites/default/files/connect-guide_0.pdf#page=5
You can also define this per envelope with the eventNotification parameter. However, the parameter is not baked into the provided recipes. EDIT: I stand corrected, see Larry's response below https://www.docusign.com.au/p/RESTAPIGuide/Content/REST%20API%20References/Send%20an%20Envelope.htm
Another way to test your "Listener" is to get the DocuSign XML response using
https://webhook.site
From there you will see the POST request with the complete XML body for your envelope.
TEST THE CREATE ENVELOPE FIRST
Before I would test my Listener, I wanted to confirm that my C# code would trigger the WebHook (via EnvelopeDefinition.EventNotification) in the DocuSign Envelope.
EnvelopeDefinition.EventNotification sets 2 lists of objects for EnvelopeEvent & RecipientEvents. Properly configuring these will fire the trigger in DocuSign Connect (Webhook).
All that was needed was to set the EventNotification.Url = the custom URL created for me on https://webhook.site
I locally ran my C# API code to create a DocuSign Envelope that would trigger the Webhook. Then I used the the DocuSign email (received moments after creating the envelope) to sign the document - which again fired the Webhook to my test listener.
GET THE XML
My properly configured code fired the DocuSign Connect (Webhook) POST event. I can see the POST request (and its XML body) on my custom URL at https://webhook.site
RESEND THE XML
Finally, copy the POST request XML sent from DocuSign and paste that XML in PostMan. Then I can locally use PostMan to "resend" that POST request (and XML body) to test my local Listener API that I am developing.
I'm new in wso2 esb.
I am trying to make a secure proxy to protect a non secure web service.
I follow different tutorials and I do the following configuration for my proxy:
`<proxy xmlns="http://ws.apache.org/ns/synapse"
name="ProxyStockeSecure"
transports="https,http,local"
statistics="disable"
trace="disable"
startOnLoad="true"><target inSequence="LogAndRemoveHeader" outSequence="LogSeqResponse">
<endpoint>
<address uri="http://localhost:9000/services/SimpleStockQuoteService"/>
</endpoint></target><publishWSDL uri="http://localhost:9000/services/SimpleStockQuoteService?wsdl"/><enableSec/><policy key="sec_policy"/><description/></proxy>
The LogAndRemoveHeader sequence removes the security Header and log the flow.
<sequence xmlns="http://ws.apache.org/ns/synapse" name="LogAndRemoveHeader"><log level="full"></log><header xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" name="wsse:Security" scope="default" action="remove"></header><log level="full"></log></sequence>
When I send a signed request to the secure proxy I can see that the proxy validates it well (thanks to rampart).
But when I look at the log on the back end server, I see that the Security header is still present while I remove it in the "LogAndRemoveHeader" sequence.
In the WSO2 server, I can see that the Security is correctly removed:
TID: [0] [ESB] [2015-03-19 01:20:31,508] INFO {org.apache.synapse.mediators.builtin.LogMediator} - To: /services/ProxyStockeSecure, WSAction: urn:getSimpleQuote, SOAPAction: urn:getSimpleQuote, MessageID: urn:uuid:7d951378-9a98-4b60-bcba-cded778ee977, Direction: request, Envelope: <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:ser="http://services.samples"><soap:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1150340834">
<ser:getSimpleQuote>
<!--Optional:-->
<ser:symbol>1</ser:symbol>
</ser:getSimpleQuote></soap:Body></soap:Envelope>
But, on the back end server, the security header is back and I feel that wso2 has re-signed the request. Indeed, the DigestValue or SignatureValue differs from the original request...
Use send mediator to send your request to backend service inside your LogAndRemoveHeader sequence. Here is the sample send mediator code.
<send>
<endpoint>
<address uri="http://localhost:9000/services/SimpleStockQuoteService"></address>
</endpoint>
</send>
When using Connect to receive a docusign envelope via a web service we have received invalid XML for one of our envelopes. Personal data and PDFBytes have been removed from this copy.
<?xml version="1.0" encoding="utf-8"?><DocuSignEnvelopeInformation xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.docusign.net/API/3.0"><EnvelopeStatus><RecipientStatuses><RecipientStatus><Type>Signer</Type><Email>#ymail.com</Email><UserName>o</UserName><RoutingOrder>1</RoutingOrder><Sent>2013-07-03T13:36:59.257</Sent><Delivered>2013-07-04T09:35:13.23</Delivered><Signed>2013-07-04T10:01:21.447</Signed><DeclineReason xsi:nil="true" /><Status>Completed</Status><RecipientIPAddress>_</RecipientIPAddress><CustomFields /><TabStatuses><TabStatus><TabType>Custom</TabType><Status>Signed</Status><XPosition>927</XPosition><YPosition>1162</YPosition><TabLabel>SSN</TabLabel><TabName>SSN</TabName><TabValue>_</TabValue><DocumentID>1</DocumentID><PageNumber>1</PageNumber><ValidationPattern /><CustomTabType>SSN</CustomTabType></TabStatus><TabStatus><TabType>FirstName</TabType><Status>Signed</Status><XPosition>100</XPosition><YPosition>1166</YPosition><TabLabel>First Name</TabLabel><TabName>First Name</TabName><TabValue>_</TabValue><DocumentID>1</DocumentID><PageNumber>1</PageNumber></TabStatus><TabStatus><TabType>LastName</TabType><Status>Signed</Status><XPosition>462</XPosition><YPosition>1166</YPosition><TabLabel>Last Name</TabLabel><TabName>Last Name</TabName><TabValue>_</TabValue><DocumentID>1</DocumentID><PageNumber>1</PageNumber></TabStatus><TabStatus><TabType>Custom</TabType><Status>Signed</Status><XPosition>1072</XPosition><YPosition>1291</YPosition><TabLabel>Data Field 5</TabLabel><TabName>Text</TabName><TabValue>1</TabValue><DocumentID>1</DocumentID><PageNumber>1</PageNumber><ValidationPattern /><CustomTabType>Text</CustomTabType></TabStatus><TabStatus><TabType>Custom</TabType><Status>Signed</Status><XPosition>664</XPosition><YPosition>1193</YPosition><TabLabel>Exemptions</TabLabel><TabName>Single</TabName><TabValue>X</TabValue><DocumentID>1</DocumentID><PageNumber>1</PageNumber><ValidationPattern /><CustomTabType>Radio</CustomTabType></TabStatus><TabStatus><TabType>SignHere</TabType><Status>Signed</Status><XPosition>406</XPosition><YPosition>1420</YPosition><TabLabel>Signature 9</TabLabel><TabName>Sign Here</TabName><TabValue /><DocumentID>1</DocumentID><PageNumber>1</PageNumber></TabStatus><TabStatus><TabType>Custom</TabType><Status>Active</Status><XPosition>756</XPosition><YPosition>1193</YPosition><TabLabel>Exemptions</TabLabel><TabName>Married</TabName><TabValue /><DocumentID>1</DocumentID><PageNumber>1</PageNumber><ValidationPattern /><CustomTabType>Radio</CustomTabType></TabStatus><TabStatus><TabType>Custom</TabType><Status>Active</Status><XPosition>845</XPosition><YPosition>1193</YPosition><TabLabel>Exemptions</TabLabel><TabName>Married but Single</TabName><TabValue /><DocumentID>1</DocumentID><PageNumber>1</PageNumber><ValidationPattern /><CustomTabType>Radio</CustomTabType></TabStatus><TabStatus><TabType>Custom</TabType><Status>Active</Status><XPosition>100</XPosition><YPosition>1208</YPosition><TabLabel>Address</TabLabel><TabName>Address Line 1</TabName><TabValue /><DocumentID>1</DocumentID><PageNumber>1</PageNumber><ValidationPattern /><CustomTabType>Text</CustomTabType></TabStatus><TabStatus><TabType>DateSigned</TabType><Status>Signed</Status><XPosition>989</XPosition><YPosition>1493</YPosition><TabLabel>Date Signed</TabLabel><TabName>Date Signed</TabName><TabValue>7/4/2013 </TabValue><DocumentID>1</DocumentID><PageNumber>1</PageNumber></TabStatus></TabStatuses><RecipientAttachment><Attachment><Data>_</Data><Label>DSXForm</Label><Type>.xml</Type></Attachment></RecipientAttachment><AccountStatus>Active</AccountStatus><EsignAgreementInformation><AccountEsignId>79e2c3d5-971c-4e7b-8b34-575e21896435</AccountEsignId><UserEsignId>ae45b756-aa08-44d6-bc46-be76ed123a5a</UserEsignId><AgreementDate>2013-07-04T09:35:13.213</AgreementDate></EsignAgreementInformation><FormData><xfdf><fields><field name="SSN"><value>_</value></field><field name="FirstName"><value>_</value></field><field name="LastName"><value>_</value></field><field name="Data Field 5"><value>1</value></field><field name="Exemptions"><value>Single</value></field><field name="Address"><value /></field><field name="DateSigned"><value>7/4/2013 </value></field></fields></xfdf></FormData><RecipientId>1c70c533-4787-4ed2-8d0f-3b56e5bad87a</RecipientId></RecipientStatus></RecipientStatuses><TimeGenerated>2013-07-09T07:02:59.5158647</TimeGenerated><EnvelopeID>daff200b-0d82-480a-83d1-e253d50e4cbb</EnvelopeID><Subject>_</Subject><UserName>_</UserName><Email>_</Email><Status>Completed</Status><Created>2013-07-03T13:36:58.523</Created><Sent>2013-07-03T13:36:59.303</Sent><Delivered>2013-07-04T09:35:13.323</Delivered><Signed>2013-07-04T10:01:21.507</Signed><Completed>2013-07-04T10:01:21.507</Completed><ACStatus>Original</ACStatus><ACStatusDate>2013-07-03T13:36:58.523</ACStatusDate><ACHolder>Onboarding</ACHolder><ACHolderEmail>_</ACHolderEmail><ACHolderLocation>DocuSign</ACHolderLocation><SigningLocation>Online</SigningLocation><SenderIPAddress>_</SenderIPAddress><EnvelopePDFHash /><CustomFields><CustomField><Name>taskId</Name><Show>True</Show><Required>True</Required><Value>CDFA8755-1FE4-E211-80E5-005056A930BA</Value></CustomField></CustomFields><AutoNavigation>true</AutoNavigation><EnvelopeIdStamping>true</EnvelopeIdStamping><AuthoritativeCopy>false</AuthoritativeCopy><DocumentStatuses><DocumentStatus><ID>1</ID><Name>fw4.pdf</Name><TemplateName>W4</TemplateName><Sequence>1</Sequence></DocumentStatus></DocumentStatuses></EnvelopeStatus><DocumentPDFs><DocumentPDF><Name>fw4.pdf</Name><PDFBytes>_____________________________________________________________</PDFBytes><DocumentType>CONTENT</DocumentType></DocumentPDF></DocumentPDFs></DocuSignEnvelopeInformation>_____________________________________________________________</PDFBytes><DocumentType>CONTENT</DocumentType></DocumentPDF></DocumentPDFs></DocuSignEnvelopeInformation>
The errror is after the first closing tag, additional (different) PDFBytes and tags are given.
Why is data sent after the closing DocuSignEnvelopeInformation tag?
Republishing the XML for this envelope should help determine if it was a one off or if there's a bug with the Connect service. You should be able to republish the XML through your DocuSign Console settings, if you do that do you still get malformed XML?