Trending Topics: Latest from our forums (September 2022)

Here are some of the latest popular questions that the Docusign developers community asked on Stack Overflow in the month of September 2022. You too can ask questions by using the tag docusignapi in Stack Overflow.

Thread: Docusign SMS Authentication : Mask phone number and show only last 4 digits

Summary: The developer is using Docusign phone authentication, which enables senders to use either SMS (text) message or a voice phone call to provide a numeric code by signers to enhance security of sent envelopes. They want to mask part of the phone number to help maintain the privacy of the recipients.

Answer: Docusign provides the means to customize the authentication workflow for recipients. To do so, you have to use the Docusign web app (“Settings” in the top menu) and find the Identity Verification menu in the left nav. There, you can either modify the existing workflows or create your own custom workflows used to validate recipients. One of the options you can set for workflows is the ability to mask a portion of the phone number. You can then use the workflowId property in the API call you make to create an envelope and you’ll get the phone number masking as requested. 

Thread: How to use SMS-Authentication in Docusign

Summary: This developer is using C# and is attempting to use recipient authentication with SMS (text) messages. They are getting an error, “INVALIDAUTHENTICATIONSETUP: Authentication is not setup correctly for the recipient”, and are not sure what they are doing wrong. 

Answer: The C# code (using the C# eSignature SDK) for this scenario is available on GitHub. You can also find the How to require phone authentication for a recipient article on the Docusign Developer Center, which shows the step-by-step approach to completing this task. One of the steps is obtaining the workflowId associated with the phone authentication workflow. If the call to get a list of workflows returns an empty array, you should contact Docusign Customer Support so that they can enable this feature in your account.

Thread: PHP: Calling Docusign userinfo endpoint after OAuth returns an "unauthorized_client" error

Summary: The developer is using PHP and is attempting to obtain an access token using Authorization Code Grant in order to make API calls. They are getting an “unauthorized_client” error from the endpoint.

Answer: The developer incorrectly tried to send the body of the POST request encoded as JSON. The correct Content-Type header needed for this call is application/x-www-form-urlencoded.

You can find an example of this call in the How to get an access token with Authorization Code Grant page on the Developer Center.

We also recommend that you use the Quickstart tool, as it supports PHP and can create a simple minimal web project that uses Authorization Code Grant. Moreover, the Quickstart configures all the necessary information directly in your developer account automatically.

Additional resources

Inbar Gazit
Inbar Gazit
Sr. Manager, Developer Content