Trending Topics: Latest from our forums (July 2020)
Here are some of the latest popular questions that the DocuSign developers community asked on Stack Overflow in the month of July 2020. You too can ask questions by using the tag docusignapi in Stack Overflow.
Summary: The developer is trying to generate a recipient view to embed inside their application. They are getting a 400 error wherein the DocuSign eSignature REST API reports a “bad request message.”
Answer: There are two ways to use embedded signing. In one case, you want to send the envelope to a user that already has a membership in a DocuSign account. In that case, you need to provide their APIUserId, which is a unique identifier (GUID) that corresponds to their user. This has to be provided in the clientUserId parameter, but the information for the recipient (email and name) must also match exactly what is stored for that user in DocuSign. In the second case, you can use a user that has no membership in a DocuSign account and just provide any string for the clientUserID, so long as it’s unique for this envelope. The recipientID must also match between the envelope definition and the request for an embedded signing view.
Summary: The developer is attempting to use JWT authentication using Visual Basic.NET and the DocuSign.eSign.dll (SDK) to obtain an access token. Using the SDK method is not working, so they have to call the API directly and are running into issues.
Answer: Encoding the private RSA key using Visual Basic may be a bit tricky. Here is a working VS code that the developer was able to use:
Dim PrivateKey As String = "MIIEowIBAAKCAQEAjtTe7UUP/CBI9s……......JfwZ2hHqFPXA9ecbhc0".Replace(vbLf, "").Replace(vbCr, "") Dim ar1 As JObject = New JObject() ar1.Add("typ", "JWT") ar1.Add("alg", "RS256") Dim header As String = Base64UrlEncoder.Encode(ar1.ToString) Dim ar2 As JObject = New JObject() ar2.Add("iss", "INTEGRATION_ID") ar2.Add("sub", "GUID_VERSION_OF_USER_ID") ar2.Add("iat", DateDiff(DateInterval.Second, New Date(1970, 1, 1), Now().ToUniversalTime)) ar2.Add("exp", DateDiff(DateInterval.Second, New Date(1970, 1, 1), DateAdd(DateInterval.Hour, 1, Now().ToUniversalTime))) ar2.Add("aud", "account-d.docusign.com") ar2.Add("scope", "signature") Dim body As String = Base64UrlEncoder.Encode(ar2.ToString) Dim stringToSign As String = header & "." & body Dim bytesToSign() As Byte = Encoding.UTF8.GetBytes(stringToSign) Dim keyBytes() As Byte = Convert.FromBase64String(PrivateKey) Dim privKeyObj = Asn1Object.FromByteArray(keyBytes) Dim privStruct = RsaPrivateKeyStructure.GetInstance(privKeyObj) Dim sig As ISigner = SignerUtilities.GetSigner("SHA256withRSA") sig.Init(True, New RsaKeyParameters(True, privStruct.Modulus, privStruct.PrivateExponent)) sig.BlockUpdate(bytesToSign, 0, bytesToSign.Length) Dim signature() As Byte = sig.GenerateSignature() Dim sign As String = Base64UrlEncoder.Encode(signature) Return header & "." & body & "." & sign
Summary: The developer is wondering how their application should handle errors with authentication and specifically about expired refresh tokens.
Answer: The answer to the developer's specific question is that the error message returned from the API when the refresh token has expired is “The provided authorization grant or refresh token is invalid, expired, revoked.” Here are a few other common authentication errors you may encounter.
A couple of additional points about this question:
- When requesting a new token using a refresh token, the API also sends back a new refresh token. If you keep refreshing your refresh token, you should not have to worry about that token expiring.
- We recommend that you don’t try to handle each and every potential error message that the API may send you back, but instead have a general way to capture API errors. Only in specific circumstances, when you have a very clear understanding of what the error is, you should do so. Error messages may change in the future without notice, and you should not rely on them in your code.