Reputation: 21
smsAuthentication XML API DOCUSIGN
Is it possible to send an sms text of an accesscode defined in the API send doc call to a specified phone number? The tag is smsAuthentication in signers recipient section.
"</document>" +
"</documents>" +
"<recipients>" +
"<signers>" +
"<signer>" +
"<recipientId>1</recipientId>" +
"<email>[email protected]</email>" +
"<accessCode>1234</accessCode>" +
"<addAccessCodeToEmail>true</addAccessCodeToEmail>" +
"<smsAuthentication>" +
"<senderProvidednumbers>5555555555</senderProvidednumbers>" +
"</smsAuthentication>" +
Upvotes: 1
Views: 663
Answers (2)
Reputation: 698
When using SMS via REST with XML you'll need a couple more parameters:
"<recipientId>1</recipientId>" +
"<email>[email protected]</email>" +
"<requireIdLookup>true</requireIdLookup> +
"<idCheckConfigurationName>SMS Auth $</idCheckConfigurationName>" +
"<smsAuthentication>" +
"<senderProvidednumbers>5555555555</senderProvidednumbers>" +
"</smsAuthentication>" +
The requireIdLookup says that an extended authentication is required while idCheckConfigurationName specifies what security configuration should be used. The numbers you list will be displayed to the signer so they can choose which one to use at the time of signing.
Upvotes: 2
Reputation: 49104
DocuSign has many different ways to authenticate signers. You seem to be mixing the AccessCode and SMS Authentication methods. They are different. Use one or the other:
AccessCode -- You (the sender) supply an Access Code for 2 Factor Authentication (2FA) of the signer (Email and the Access Code). You should send the Access Code to the signer using some transmission method that is NOT email. A common example is to use a "pre-shared secret" such as the last 4 digits of the signer's Social Security number (US) or other identifier.
You should never use the DocuSign envelope option "addAccessCodeToEmail" since it turns a 2FA process back into a single factor authentication process (all of the needed information would be in the email).
See the DocuSign Documentation.
SMS Authentication This is a different 2FA process for authenticating signers. In this scenario, the DocuSign platform generates a 5 digit code and then sends it via SMS to the signer during the signing ceremony. You can customize the SMS message via the DocuSign "Branding" settings. (Changing the Branding for a DocuSign account is not available for all account types.)
If you want to generate your own "AccessCode" and then send it via SMS, then you will need to send it yourself. There are many SMS gateways available. Note that you will not know when to send the code since the best time to send the code is during the signing ceremony. Your SMS would show up at a different time and would not provide a good User Experience.
I recommend the SMS Authentication as provided by DocuSign.
Upvotes: 0
Related Questions
- Docusign Authentication
- How to add sms Authentication to template roles?
- Docusign Service Integration Authentication
- DocuSign Android SDK integration
- DocuSign REST Phone Authentication with Template
- Docusign API embedded signature smsAuthentication not sent
- DocuSign Connect Not Sending Out XML Messages
- RECIPIENT_SMS_AUTH_PHONE_MISSING error for SMS Authentication
- AuthenticationStatusCode for SMSAuthentication for DocuSign Connect API
- Using SMS Authentication