API Integrator Key, Redirect URI, dynamic values possible?

Question

I am trying to integrate Docusign into one of our systems and am trying to do an OAuth integration by using the process that calls out to the DocuSign system and the user gives consent to allow our system to send on their behalf.

I am trying to configure my API Integrator key's callback / redirect URI. I need to pass a value to DocuSign and have that value returned. That value needs to be unique for each request. The best I can tell, when I add a Redirect URI to my APO Integrator Key, that URI can't contain any dynamic values.

For example, my URI is currently set as follows: http://localhost/mysystem/pages/DocuSignAuth.aspx

When the user sees the DocuSign page, all is good. However, I need to pass a value on that URL, so in reality, my callback URL is: http://localhost/mysystem/pages/DocuSignAuth.aspx?Id=SomeUniqueValue

Since the return URL no longer exactly matches the Redirect URI defined in my API Integrator Key, the user can't accept/decline.

Is there a way to put a dynamic value on that URL and have it returned when the user accepts?

Answer 1

You can use a cookie from your server to hold the dynamic information.

When the browser is redirected to your server after OAuth is complete, the browser will include the cookie it received previously.

Many software webstacks will automatically maintain the cookie and related state for you a session for your app.

If you do manage the cookie via your app, you should encrypt it to guard against a bad guy manipulating the cookie's value.

Answer 2

I think you are implementing Authentication Code Grant, so you can send dynamic value in state parameter Using State Parameter, whatever value you will set in state parameter, same value will be returned by DocuSign once flow is redirected back to Redirect Callback URI. And yes you are correct that RedirectUri should exactly match with the one sent at the time of Authentication Code Grant.