问题
The URL returned by the embedded signing url API method EnvelopeViews:createRecipient only lasts 5 minutes.
How can I get an embedded signing URL that will last longer?
回答1:
The embedded signing URL time to live is only 5 minutes.
So the answer is to give your signers a customized url to your application. Then, when your signer clicks it, your application first obtains an embedded signing URL from DocuSign and then responds to the signer with a redirect to the URL.
Creating the customized URL
Create a database table in your application with columns:
- ID
- url_lookup_guid
- account_id
- envelope_id
- signer_email
- signer_name
- signer_clientUserId
- envelope_expiration_date (optional, see below)
When you want to create a unique URL for an embedded signer:
- generate a guid. It will be used as the url_lookup_guid value
- Create a record in the database table.
- The url will be something like myapp.mycompany.com/sign/[url_lookup_guid value]
Creating the embedded signing ceremony
- The user opens (GET call) the url you gave them. Eg myapp.mycompany.com/sign/1234567-1234-1234-123456789
- Pull out the guid valid from the URL
- Look up the record in your database
- Use the other values in the record to make a call to EnvelopeViews:createRecipient
- Receive the embedded signing URL response to the API call
- Redirect the signer to the URL
- Remove the database record or mark it as used.
Clearing old database entries
As noted above, you can delete database rows once they're used.
To clear out entries that were never used, a batch process can check the database each day for obsolete entries where the envelope has expired.
Either record the expiration date, or auto-create an insertion date in the database. Then, once your account's default expiration time has been exceeded, make an API call to DocuSign to check that the envelope has indeed expired. (Its expiration date may have been extended.)
Notes
- The URLs that you create can last as long as you wish, or until the envelope expires within DocuSign, whichever comes sooner.
- The URL will enable the person to sign the envelope, so you'd probably want to include additional signer authentication from DocuSign to ensure that the signer is who they say they are.
- Don't use the database's ID as the lookup key since you want to ensure that someone can't guess the ID of a record. Use a random guid as the look up key.
- Your app will need an access token to make the API call to DocuSign. Since this is an autonomous task, use the OAuth JWT grant flow.
- Don't create a new access token per invocation, cache the current access token.
- Since it can take a couple of seconds to create the redirect URL (or more time if you need to obtain a new access token too), you might want to first return an intermediate page that shows a please stand by message and makes an Ajax call to your app to obtain the URL for the redirect.
来源:https://stackoverflow.com/questions/64488509/docusign-create-a-long-lived-embedded-signing-url