Trending Topics: Latest From Our Forums (March 2020)

Here are some of the latest popular questions that the DocuSign developers community  asked on Stack Overflow in the month of March 2020. You too can ask questions by using the tag docusignapi in Stack Overflow.

Thread: Is DocuSign using up-to-date TLS cipher suites?

Summary: The developer is setting up eventNotification in the envelope so that they can get DocuSign Connect events from DocuSign servers to their servers. This communication is using TLS protocol for encryption. The developer is interested in using a modern set of cyphers that includes some new TLS 1.3 cyphers that are not yet supported by DocuSign.

Answer: DocuSign continuously evaluates new industry security standards and ensures that all our services are using the most secure communication. At present time, some newer TLS cyphers that use TLS 1.3 protocol are not yet implemented. We hope to have these updates in the future.

Thread: DocuSign From Demo to Live

Summary: The developer is using legacy authentication and is having an issue after they promoted their integration from demo to production. They’re getting an error message that says “One or both of Username and Password are invalid” despite entering valid credentials.

Answer: when building applications using DocuSign APIs, developers have to start first by using the developer sandbox (“demo”), and once ready, promote to production. The production environment includes many different datacenters with different URLs, unlike demo, which only includes a single datacenter with its URL. Therefore, if you make an authentication call to the wrong URL in production and you’re using legacy authentication, you’ll get an error message saying your password is invalid even when it's the correct password. DocuSign highly recommends that you do not use legacy authentication, as it’s not as secure and is outdated. If you do still choose to use legacy authentication, you will have to determine which set of servers or which URL to call when making the authentication API call.

Thread: DocuSign embedded signing - how to get the URL of the document that contains signature?

Summary: The developer is asking how they can programmatically obtain a URL that can be used to facilitate envelope signing. Answer: This is what we call embedded signing, and is one of the most common ways developers use the eSignature API. There are lots of ways to learn how to use this functionality. For example, we have a code example, available in different languages, that showcases and explains how to use embedded signing so that you can obtain a URL for this purpose.


Additional resources


Inbar Gazit
Inbar Gazit
Sr. Manager, Developer Content
Related Topics