DocuSign eSignature types, part II
In my previous post, I covered the different types of eSignature that can be used with DocuSign and the implications of using them. In this post, I’ll present a code example for using eIDAS-compliant advanced electronic signatures.
European Union Advanced Electronic Signatures (AES)
When using advanced electronic signatures, you can specify if you would like the signer to sign using an AES certificate from DocuSign or an AES certificate stored on the senders’ DocuSign Signature appliance. The signer will receive the envelope and sign as usual while having the certificate applied in the sender’s desired form. It’s important to note that embedded signing also works with AES.
Provisioning AES Signatures for your account
This code example uses the DocuSign DS EU Advanced signature feature. To have the feature added to your developer account, contact customer service. To have it added to your production account, contact sales.
Sending an envelope with an AES signature
There are a few API objects and attributes that you need to make sure are in your API call when creating an envelope with advanced electronic signatures:
- recipientSignatureProviders: The parent object required to define the electronic signature parameters.
- signatureProviderName: The name of the electronic signature provider for the signer to use. For details, see the current provider list or list the types available on your account by using the AccountSignatureProviders::List method.
- signatureProviderOptions: Contains information about the authentication method for the signer, such as a one-time password or one time pin delivered via SMS.
- oneTimePassword: One of the authentication methods that can be used to authenticate a signer. The password is a pre-shared, case-sensitive secret created by the sender and provided to the signer so that they can authenticate. You must use either a one-time password, SMS, or both for the signers who will use the DS EU Advanced signature type.
- sms: The mobile phone number used to authenticate the signer. The format is a + sign, followed by the country code, followed by the full mobile phone number without any spaces or special characters. You should also omit leading zeros (for instance, a fictitious mobile phone number in Spain would be entered as “+34123456789)”. You must use either SMS, one-time password, or both when using AES.
Other objects and attributes can be added to the call; for a full list, please view our API Reference. For this example, I’ll be using DocuSign’s own eIDAS AES-compliant signature, DS EU Advanced. The following code shows the JSON definition for an envelope that has one example signer and uses a one-time password to authenticate the signer. There is also just one signature tag tied to an anchor string of “/sig1/”. If you would like to test this code in your own environment, you will need to make sure that the document you use includes this anchor string.
Code example
{
"emailSubject": "Please sign the attached document",
"status": "sent",
"documents": [
{
"documentBase64": "base64_file",
"name": "Example document",
"fileExtension": "pdf",
"documentId": "1"
}
],
"recipients": {
"signers": [
{
"email": "example@example.com",
"name": "Request Builder Tester",
"recipientId": "1",
"recipientSignatureProviders": [
{
"signatureProviderName": "universalsignaturepen_opentrust_hash_tsp",
"signatureProviderOptions": {
"oneTimePassword": "1111"
}
}
],
"tabs": {
"signHereTabs": [
{
"anchorString": "/sig1/",
"anchorXOffset": "20",
"anchorUnits": "pixels"
}
]
}
}
]
}
}
If you would like to obtain this code for one of the DocuSign SDKs, you can use our JSON to SDK tool to transform the call into C#, Java, Node.js, PHP, Python, Ruby, or VB.NET. In the next blog post, I’ll present example code for a Qualified Electronic Signature.
