如何在SPA中实施Docusign而不要求最终用户通过DocuSign进行身份验证 [英] How to implement Docusign in a SPA without requiring end users to authenticate w/ DocuSign

问题描述

我正在遵循此处显示的React OAuth隐式示例： https：/ /github.com/docusign/eg-02-react-implicit-grant ，我对React SPA的最终用户应该如何能够为自己创建信封而无法访问感到困惑我们的管理员帐户密码。

I'm following the React OAuth Implicit example shown here: https://github.com/docusign/eg-02-react-implicit-grant and I'm confused as to how an end user of our React SPA is supposed to be able to create an envelope for themselves without having access to our Admin account password.

作为我们应用注册过程的一部分，我们让最终用户填写一张表格，该表格会预先填充一个信封，供他们通过Docusign进行签名。我们以为，我们的Docusign管理员帐户将代表这些用户在幕后对我们的应用程序进行身份验证，使他们可以立即进入嵌入式签名仪式。

As part of our app's sign up process, we have our end users fill out a form which prefills an envelope for them to sign via Docusign. We imagined that our Docusign admin account would authenticate our application on behalf of these users behind the scenes, allowing them to move on immediately to the embedded signing ceremony.

例如，但是，通过Docusign UI提示最终用户登录我们的管理员帐户，以便继续使用Docusign的API方法。

In the linked example, however, an end user is prompted via the Docusign UI to sign into our Admin account in order to continue using Docusign's API methods.

我们如何避免要求结束用户登录？还是使用隐式授予模型时这不可能？

How can we avoid asking the end user to sign in? Or is this not possible when using the implicit grant model?

预先感谢。

推荐答案

一个好问题。 DocuSign集成应用程序有很多用例：

Excellent question. There are many uses cases for DocuSign-integrated applications:

签名者不需要DocuSign帐户。仅签名请求的发件人需要一个帐户。

Signers don't need DocuSign accounts. Only the sender of the signing request needs an account.

最简单的方法处理此用例的方法是使用 DocuSign PowerForm。 PowerForm是由DocuSign系统隐式发送的DocuSign信封模板。然后，签名者可以使用其姓名和其他详细信息填写表单，然后对文档进行签名。

The easiest way to handle this use case is to use a DocuSign PowerForm. A PowerForm is a DocuSign envelope template that is implicitly sent by the DocuSign system. The signer can then fill in the form with their name and other details, and then sign the document(s).

这里是视频，用于演示Powerform解决方案。

Here's a video that demonstrates the Powerform solution.

您可以通过查询代表签名人填写表单参数。请参阅此 SO答案。将您的应用程序与PowerForm集成起来很容易，但是信封的某些方面可能无法通过模板进行设置。参见这篇文章，详细介绍如何设置用户在完成签名后将重定向到的URL。

You can fill in the form on behalf of the signer via query parameters. See this SO answer. Integrating your app with a PowerForm is easy but there may be some aspects of the envelope that can't be set via the template. See this article for details on how to set the URL the user will be redirected to when they finish signing.

一个更强大的选项是让您的应用自行创建信封。您需要付费DocuSign用户的访问令牌才能发送信封。我不会使用系统管理员帐户，而只会使用普通的DocuSign帐户用户。

A more capable option is for your app to create the envelope yourself. You need an access token for a paid DocuSign user to send the envelope. I wouldn't use a system administrator account, just a regular DocuSign account user.

类似以下内容：

1. 创建您的DocuSign帐户中的用户（例如 HR@your_company.com）


2. 设置后端（服务器应用程序）以使用DocuSign JWT身份验证来模拟HR@your_company.com。用户。参见 eg-01系列代码示例可用多种语言提供。


3. 编写SPA来创建信封本身（从后端获取访问令牌后）或使用私有API来询问后端创建信封。创建信封后，获取签名仪式的URL。


4. 您的SPA现在将用户重定向到签名仪式（不要使用iFrame）。用户签名后，她将连同事件信息（已签名）一起重定向回您的SPA。一个示例是DocuSign代码示例启动器eg-03系列中的嵌入式签名仪式工作流（第一个工作流）。这是 Node.js示例。

1. Create a user in your DocuSign account such as "HR@your_company.com"
2. Set up a backend (server app) to use DocuSign JWT authentication to impersonate the HR@your_company.com "user." See the eg-01 series of code examples available in multiple languages.
3. Write your SPA to either create the envelope itself (after obtaining the access token from the backend) or use a private API to ask the backend to create the envelope. After the envelope is created, obtain the URL for the Signing Ceremony.
4. Your SPA now redirects the user to the Signing Ceremony (don't use an iFrame). After the user has signed, she will be redirected back to your SPA along with the event info (that she signed). An example of this is the Embedded Signing Ceremony workflow (the first workflow) in the DocuSign Code Example Launchers, the eg-03 series. Here's the Node.js example.

注释。

1. 由于签署仪式需要整个屏幕，因此请勿使用iFrame。确实不需要100％iFrame，因为SPA可以通过cookie或本地存储将会话中的状态保存下来。


2. 您可以将DocuSign签名仪式设置为ping服务器（AJAX ping）以


3. 如果您有SPA创建信封，则需要设置CORS网关以使SPA与DocuSign通信云。在eg-02示例的文章中对此进行了详细说明。


4. 如上所述，为签名者创建信封可以使您最大程度地控制信封，包括可能包含附件，付款，等等。

1. Don't use an iFrame since the Signing Ceremony needs the entire screen. A 100% iFrame is not really needed since the SPA can save state in the session via cookies or local storage.
2. You can set the DocuSign Signing Ceremony to ping your server (AJAX pings) to keep the session alive, serve as a heartbeat, etc.
3. If you have your SPA create the envelope then you'll need to setup a CORS gateway to enable the SPA to communicate with the DocuSign cloud. This is detailed in the eg-02 example's write-up.
4. Creating an envelope for the signer as described above gives you maximum control over the envelope including the potential inclusion of attachment documents, payments, etc.

用例：您的员工正在使用您的SPA应用程序

在这种情况下，您的员工可以进行身份​​验证通过SPA与DocuSign一起使用，然后通过SPA和DocuSign API与DocuSign一起使用。例如：

Use case: Your employee is using your SPA app

In this case, your employee can authenticate with DocuSign via the SPA, and then anything with DocuSign via the SPA and the DocuSign API. Eg:

• 发送信封


• 发送信封，然后让签名人（亲自）对信封进行签名。例如，在银行员工允许亲自签名者打开帐户的银行应用程序中。


• 监视已发送的信封


• 随便

• Sending envelopes
• Sending the envelope and then having the signer (in person) sign the envelope. Eg a banking application where the bank employee is enabling the in-person signer to open an account.
• Monitoring sent envelopes
• Whatever

这是eg-02 React示例所演示的用例。

This is the use case being demonstrated by the eg-02 React example.

这篇关于如何在SPA中实施Docusign而不要求最终用户通过DocuSign进行身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！