EnvelopeViews: createRecipient

Returns a URL that enables you to embed the recipient view of the DocuSign UI in your applications. If the recipient is a signer, then the view will provide the signing ceremony.

Note: Please redirect the client to the URL. iFrames should not be used, especially if the recipient is using a mobile or tablet.

This method is only used with envelopes in the sent status.

Your application is responsible for authenticating the identity of the recipient or signer when you use this method. Use the parameters assertionId, authenticationInstant, authenticationMethod, clientUserId, and securityDomain to record information on how the recipient was authenticated. At a minimum, authenticationMethod and clientUserId are required. The information that you provide is included in the envelope's certificate of completion.

The event status parameter

After the signer completes or ends the signing ceremony, DocuSign will redirect the user's browser back to your app via the returnUrl that you supply. DocuSIgn appends an event query parameter to the URL with the outcome of the signing ceremony. Your app should use the event parameter to determine the next step for the envelope. Don't fetch the envelope's status via Envelopes: get or a similar method; that could break the DocuSign rule against polling.

The URL is time-limited

The URL returned by this method is valid for one use. It must be used/displayed within a couple of minutes after being generated. Once the recipient is redirected to the recipient view, they must interact with the DocuSign system periodically or their session will time out.

Because the URL is time-limited, it should not be stored or sent via email. Immediately redirect the user's browser to the URL after you receive it.

If you want to invite someone to an embedded signing session via email, the email invitation's URL must be to your application. When invoked, your app should request a recipientView URL from DocuSign and then redirect the signer to that URL.

Maintaining State

After the recipient completes the recipient view (or signing ceremony), they are redirected to your application. Your application can recover state information about the transaction by storing information in a cookie, or by including query parameters in the returnUrl field. Eg, https://myapp.eg.com/docusign_return?myState=12345 When the user is redirected to your app, the event query parameter will be appended. In this example, prevent spoofing by not using a guessable value as the state value.

Request

HTTP request

POST /v2.1/accounts/{accountId}/envelopes/{envelopeId}/views/recipient

Parameters

Parameter NameValueDescription
Path Parameters
accountIdstring

The external account number (int) or account ID GUID.

envelopeIdstring

The envelope's GUID.

Example: 93be49ab-afa0-4adf-933c-f752070d71ec

Responses

CodeDescriptionReference
201

Successful response.

EnvelopeViews
400

Error encountered.

errorDetails

SDK Method

Envelopes::createRecipientView

Definitions

errorDetails

This object describes errors that occur. It is only valid for responses and ignored in requests.

errorCodestring

The code associated with the error condition.

messagestring

A brief message describing the error condition.

recipientViewRequest

assertionIdstring

A unique identifier of the authentication event executed by the client application.

authenticationInstantstring

A sender-generated value that indicates the date and time that the signer was authenticated.

authenticationMethodstring

Required. Choose a value that most closely matches the technique your application used to authenticate the recipient / signer.

Choose a value from this list:

  • Biometric
  • Email
  • HTTPBasicAuth
  • Kerberos
  • KnowledgeBasedAuth
  • None
  • PaperDocuments
  • Password
  • RSASecureID
  • SingleSignOn_CASiteminder
  • SingleSignOn_InfoCard
  • SingleSignOn_MicrosoftActiveDirectory
  • SingleSignOn_Other
  • SingleSignOn_Passport
  • SingleSignOn_SAML
  • Smartcard
  • SSLMutualAuth
  • X509Certificate

This information is included in the Certificate of Completion.

clientUserIdstring

A sender-created value. If provided, the recipient is treated as an embedded (captive) recipient or signer.

Use your application's client ID (user ID) for the recipient. Doing so enables the details of your application's authentication of the recipient to be connected to the recipient's signature if the signature is disputed or repudiated.

Maximum length: 100 characters.

emailstring

Specifies the email of the recipient. You can use either email and userName or userId to identify the recipient.

pingFrequencystring

Only used if pingUrl is specified. This is the interval, in seconds, between pings on the pingUrl. The default is 300 seconds. Valid values are 60-1200 seconds.

pingUrlstring

A client Url to be pinged by the DocuSign Signing experience to indicate to the client that Signing is active. An HTTP Get is executed against the client. The response from the client is ignored. The intent is for the client to reset it's session timer when the request is received.

recipientIdstring

A local reference that senders use to map recipients to other objects, such as specific document tabs. Within an envelope, each recipientId must be unique, but there is no uniqueness requirement across envelopes. For example, many envelopes assign the first recipient a recipientId of 1.

returnUrlstring

The URL that the recipient is redirected to after the signing session has ended. DocuSign redirects to the URL and includes an event query parameter that can be used by your application.

Possible event parameter values include:

  • access_code_failed: Recipient used incorrect access code.
  • cancel: Recipient canceled the signing operation, possibly by using the Finish Later option.
  • decline: Recipient declined to sign.
  • exception: A system error occurred during the signing process.
  • fax_pending: Recipient has a fax pending.
  • id_check_failed: Recipient failed an ID check.
  • session_timeout: The session timed out. An account can control this timeout by using the Signer Session Timeout option.
  • signing_complete: The recipient completed the signing ceremony.
  • ttl_expired: The Time To Live token for the envelope has expired. After being successfully invoked, these tokens expire after 5 minutes or if the envelope is voided.
  • viewing_complete: The recipient completed viewing an envelope that is in a read-only/terminal state, such as completed, declined, or voided.

Ensure that you include https:// in the URL to prevent the redirect from failing on certain browsers.

securityDomainstring

The domain in which the user authenticated.

userIdstring

The user ID of the recipient. You can use either the user ID or email and user name to identify the recipient.

If userId is used and a clientUserId is provided, the value in the userId property must match a recipientId (which you can retrieve with a GET recipients call) for the envelope.

If a userId is used and a clientUserId is not provided, the userId must match the user ID of the authenticating user.

userNamestring

The username of the recipient. You can use either email and userName or userId to identify the recipient.

xFrameOptionsstring

Specifies whether a browser should be allowed to render a page in a frame or IFrame. Setting this property ensures that your content is not embedded into unauthorized pages or frames.

Valid values are:

  • deny: The page cannot be displayed in a frame.
  • same_origin: The page can only be displayed in a frame on the same origin as the page itself.
  • allow_from: The page can only be displayed in a frame on the origin specified by the xFrameOptionsAllowFromUrl property.

xFrameOptionsAllowFromUrlstring

When the value of xFrameOptions is allow_from, this property specifies the origin on which the page is allowed to display in a frame. If the value of xFrameOptions is allow_from, you must include a value for this property.

EnvelopeViews

Embedding Envelope views

urlstring

The view URL to be navigated to.

Examples

Generic JSON Request/Response

Request
{
  "clientUserId": "sample string 1",
  "userId": "sample string 2",
  "userName": "sample string 3",
  "email": "sample string 4",
  "recipientId": "sample string 5",
  "returnUrl": "sample string 6",
  "pingUrl": "sample string 7",
  "pingFrequency": "sample string 8",
  "authenticationMethod": "sample string 9",
  "assertionId": "sample string 10",
  "authenticationInstant": "sample string 11",
  "securityDomain": "sample string 12",
  "xFrameOptions": "sample string 13",
  "xFrameOptionsAllowFromUrl": "sample string 14"
}
Response
{
  "url": "sample string 1"
}
Generic XML Request/Response

Request
<recipientViewRequest xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.docusign.com/restapi">
  <assertionId>sample string 10</assertionId>
  <authenticationInstant>sample string 11</authenticationInstant>
  <authenticationMethod>sample string 9</authenticationMethod>
  <clientUserId>sample string 1</clientUserId>
  <email>sample string 4</email>
  <pingFrequency>sample string 8</pingFrequency>
  <pingUrl>sample string 7</pingUrl>
  <recipientId>sample string 5</recipientId>
  <returnUrl>sample string 6</returnUrl>
  <securityDomain>sample string 12</securityDomain>
  <userId>sample string 2</userId>
  <userName>sample string 3</userName>
  <xFrameOptions>sample string 13</xFrameOptions>
  <xFrameOptionsAllowFromUrl>sample string 14</xFrameOptionsAllowFromUrl>
</recipientViewRequest> 
Response
<viewUrl xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.docusign.com/restapi">
  <url>sample string 1</url>
</viewUrl> 
}} />