Welcome to ShenZhenJia Knowledge Sharing Community for programmer and developer-Open, Learning and Share
menu search
person
Welcome To Ask or Share your Answers For Others

Categories

I read through the instructions here, which works if you're using Connect at the "account level" (i.e. all envelopes get sent through one account).

Our use case involves requiring a customer to log into DocuSign using their own account, so I'm now setting a callback on the envelope. When I receive the callback in this scenario, the HMAC signature headers aren't sent (X-DocuSign-Signature-1, X-DocuSign-Signature-2, etc.).

Has anyone experienced this? I'm in ruby/rails, using the docusign_esign gem, version 2.0.0.

I see an include_hmac parameter in DocuSign_eSign::ConnectCustomConfiguration, but it's not clear to me if you can use a custom configuration with an envelope-level callback.

Any help is appreciated.

question from:https://stackoverflow.com/questions/65852366/hmac-webhook-validation-from-envelope-callback

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
thumb_up_alt 0 like thumb_down_alt 0 dislike
1.0k views
Welcome To Ask or Share your Answers For Others

1 Answer

The eventNotification object now includes an attribute includeHMAC.

If HMAC is set up at the account level, and includeHMAC is set to "true" then the HMAC headers will be included for per-envelope webhooks.

Unfortunately, the API call for setting up HMAC at the account level is not currently available. So customers need to have account-wide Connect to set the HMAC secret.

HMAC secrets are added and managed via the Connect Keys button in the Connect section of the eSignature Admin app:Connect Keys button


与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
thumb_up_alt 0 like thumb_down_alt 0 dislike
Welcome to ShenZhenJia Knowledge Sharing Community for programmer and developer-Open, Learning and Share
...