X-DocuSign-Authentication [HTTP HEADER]
- Best Practice: Use an obfuscated username and password in the api authentication header
- Definition: Send On Behalf Of Rights (API) is SOBO.
Given the following values:
- Username == API Service User ==
“[email protected]” == USERID
“cdcd3fc7-2b3c-40d4-98ed-ff90add317ca” - Password == “yourpassword” = EncryptedAPIPassword ==
“/A5hpPhSczID+JNEKZbg5mYf7+7=” - SOBOUser == “[email protected]” == USERID
“eacd3fc7-2b3c-40d4-98ed-ff90add317ff“ - Integratorkey == “YDMN-339fa93c-fcf0-4390-8141-2e0f071ffa2e”
Your code needs to result in a http header value for the HTTP header
X-DocuSign-Authentication of:
XML format:
NON-SOBO
<DocuSignCredentials><Username>cdcd3fc7-2b3c-40d4-98ed-ff90add317ca</Username><Password>/A5hpPhSczID+JNEKZbg5mYf7+7=</Password><IntegratorKey>YDMN-339fa93c-fcf0-4390-8141-2e0f071ffa2e </IntegratorKey></DocuSignCredentials>
SOBO
<DocuSignCredentials><Username>cdcd3fc7-2b3c-40d4-98ed-ff90add317ca</Username><Password>/A5hpPhSczID+JNEKZbg5mYf7+7=</Password><IntegratorKey>YDMN-339fa93c-fcf0-4390-8141-2e0f071ffa2e</IntegratorKey><SendOnBehalfOf>eacd3fc7-2b3c-40d4-98ed-ff90add317ff </SendOnBehalfOf></DocuSignCredentials>
JSON format:
NON-SOBO
{"Username":"cdcd3fc7-2b3c-40d4-98ed-ff90add317ca","Password":"/A5hpPhSczID+JNEKZbg5mYf7+7=","IntegratorKey":"YDMN-339fa93c-fcf0-4390-8141-2e0f071ffa2e"}
SOBO
{"Username":"cdcd3fc7-2b3c-40d4-98ed-ff90add317ca","Password":"/A5hpPhSczID+JNEKZbg5mYf7+7=","SendOnBehalfOf":"eacd3fc7-2b3c-40d4-98ed-ff90add317ff","IntegratorKey":"YDMN-339fa93c-fcf0-4390-8141-2e0f071ffa2e"}
API Service user
Service Account doesn’t need to be Admin, unless you are creating users, but must have SOBO and Account Wide rights.
SOBO User
SOBO User doesn’t need to be Admin, but must have the permission to send and be a user in the account of the Service Account user. You only use this userid when you are doing an action as that user like sending or voiding.
Here is a link to the full sized Infographic I created to assist with this shown below
