What are the options in and formats for using the header "X-DocuSign-Authentication" when used for REST and SOAP?
Asked
Active
Viewed 5,761 times
1 Answers
8
X-DocuSign-Authentication [HTTP HEADER]
- Best Practice: Use an obfuscated username and password in the api authentication header
- Definition: Send On Behalf Of Rights (API) is SOBO.
Given the following values:
- Username == API Service User == “service.account.user.member@domain.com” == USERID “cdcd3fc7-2b3c-40d4-98ed-ff90add317ca”
- Password == “yourpassword” = EncryptedAPIPassword == “/A5hpPhSczID+JNEKZbg5mYf7+7=”
- SOBOUser == “user.member@domain.com” == USERID “eacd3fc7-2b3c-40d4-98ed-ff90add317ff“
- Integratorkey == “YDMN-339fa93c-fcf0-4390-8141-2e0f071ffa2e”
Your code needs to result in a http header value for the HTTP header X-DocuSign-Authentication of:
XML format:
NON-SOBO
<DocuSignCredentials><Username>cdcd3fc7-2b3c-40d4-98ed-ff90add317ca</Username><Password>/A5hpPhSczID+JNEKZbg5mYf7+7=</Password><IntegratorKey>YDMN-339fa93c-fcf0-4390-8141-2e0f071ffa2e </IntegratorKey></DocuSignCredentials>
SOBO
<DocuSignCredentials><Username>cdcd3fc7-2b3c-40d4-98ed-ff90add317ca</Username><Password>/A5hpPhSczID+JNEKZbg5mYf7+7=</Password><IntegratorKey>YDMN-339fa93c-fcf0-4390-8141-2e0f071ffa2e</IntegratorKey><SendOnBehalfOf>eacd3fc7-2b3c-40d4-98ed-ff90add317ff </SendOnBehalfOf></DocuSignCredentials>
JSON format:
NON-SOBO
{"Username":"cdcd3fc7-2b3c-40d4-98ed-ff90add317ca","Password":"/A5hpPhSczID+JNEKZbg5mYf7+7=","IntegratorKey":"YDMN-339fa93c-fcf0-4390-8141-2e0f071ffa2e"}
SOBO
{"Username":"cdcd3fc7-2b3c-40d4-98ed-ff90add317ca","Password":"/A5hpPhSczID+JNEKZbg5mYf7+7=","SendOnBehalfOf":"eacd3fc7-2b3c-40d4-98ed-ff90add317ff","IntegratorKey":"YDMN-339fa93c-fcf0-4390-8141-2e0f071ffa2e"}
API Service user Service Account doesn’t need to be Admin, unless you are creating users, but must have SOBO and Account Wide rights.
SOBO User SOBO User doesn’t need to be Admin, but must have the permission to send and be a user in the account of the Service Account user. You only use this userid when you are doing an action as that user like sending or voiding.
Here is a link to the full sized Infographic I created to assist with this shown below
mkl
- 90,588
- 15
- 125
- 265
David W Grigsby
- 1,554
- 1
- 13
- 23
-
Great detailed answer Grigs! – Ergin Nov 05 '14 at 19:46
-
How do I generate "obfuscated username" and "encrypted password"? – Enthusiastic Nov 12 '15 at 15:40
-
what's the encryption I should be using? – Enthusiastic Nov 12 '15 at 15:40
-
make the api call /restapi/v2/login_information?api_password=true (notice the parameter for api_password=true. and look for the node at the bottom of the response "apiPassword": "encrpytedpassword" – David W Grigsby Dec 14 '16 at 00:50