Reputation: 332
Does DocuSign Connect work with basic HTTP auth details?
I am using DocuSign connect to update the state of my app after an event happens on a document.
I have set up my account like so:
At the moment my "URL to Publish" looks something similar to https://key:[email protected]. However when I look in the logs I always seem to receive something similar to:
error: Exception in EnvelopeIntegration.RunIntegration: key :: https://key:[email protected]/webhook :: Error - The remote server returned an error: (401) Unauthorized
When I copy the Envelope Data into a file locally (complete-webhook.xml) and I run the following command through the command line it seems to run successfully:
curl -i -X POST -d @complete-webhook.xml https://key:[email protected]/webhook
Has anybody got any ideas as to the reason why this could be happening?
Upvotes: 0
Views: 909
Answers (1)
Reputation: 49114
When you use a url such as https://username:[email protected]/, your client takes the username:password part of the url and uses it to create an Authorization: Basic header.
You can try it yourself, create a requestb.in and then use the curl command
curl -X POST -d "fizz=buzz" http://username:[email protected]/12345
# where 12345 is your requestb.in address
The result on requestb.in:
- A request to just
/12345(the incoming url does not include the username or password) - The request includes the header
Authorization: Basic dXNlcm5hbWU6cGFzc3dvcmQ=
If you put dXNlcm5hbWU6cGFzc3dvcmQ= through a base64 decoder, you get username:password
Answer, at this point, the Connect system does not support sending basic authentication information when it calls listeners. I have filed an internal feature request.
Work-around
Your listener url can include a query parameter that serves as a password. eg. `example.com/webhook/?pw=9e47a953-c105-44c5-ba5c-4bb77d63694d
Then, in your listener, simply reject any request that does not include the pw query parameter and the value that you chose.
In its requests to your listener, the Connect system will use any query parameters that you originally set when you added the Connect subscription.
Upvotes: 1
Related Questions
- How does DocuSign specify the message format for Envelope Connect?
- Docusign UserInfo endpoint returns 401 Unauthorized when access token is provided
- Problem with DocuSign Signature appliances DSA Rest Examples
- DocuSign Connect how to configure envelope to receive notifications on authentication failure?
- DocuSign Connect Webhook with .Net Core 3
- Does Docusign Basic API support Oauth JWT grant?
- Problems using different login credentials to connect to DocuSign API
- Docusign developer webhook not allowing http
- Going live with PHP SDK: Error 401 Unauthorized
- DocuSign Connect - Webservice to see POST