EnvelopeViews: createSharedRecipient

Returns a URL that enables you to embed the DocuSign UI recipient view of a shared envelope in your applications. This is the view that a user sees of an envelope that a recipient on the same account has shared with them.

Important: Due to screen space issues, iFrames should not be used for embedded operations on mobile devices. For iOS devices, DocuSign recommends using a WebView.

Note: You can revoke this URL by making the DELETE call to the same URL with no request body.


HTTP request

POST /restapi/v2.1/accounts/{accountId}/envelopes/{envelopeId}/views/shared


Parameter NameValueDescription
Path Parameters

The external account number (int) or account ID GUID.


The envelope's GUID.

Example: 93be49ab-xxxx-xxxx-xxxx-f752070d71ec



Successful response.


Error encountered.


SDK Method




This object describes errors that occur. It is only valid for responses and ignored in requests.


The code associated with the error condition.


A brief message describing the error condition.


The request body for the EnvelopeViews::createRecipient and EnvelopeViews::createSharedRecipient methods.


A unique identifier of the authentication event executed by the client application.


A sender-generated value that indicates the date and time that the signer was authenticated.


Required. Choose a value that most closely matches the technique your application used to authenticate the recipient / signer.

Choose a value from this list:

  • Biometric
  • Email
  • HTTPBasicAuth
  • Kerberos
  • KnowledgeBasedAuth
  • None
  • PaperDocuments
  • Password
  • RSASecureID
  • SingleSignOn_CASiteminder
  • SingleSignOn_InfoCard
  • SingleSignOn_MicrosoftActiveDirectory
  • SingleSignOn_Other
  • SingleSignOn_Passport
  • SingleSignOn_SAML
  • Smartcard
  • SSLMutualAuth
  • X509Certificate

This information is included in the Certificate of Completion.


A sender-created value. If provided, the recipient is treated as an embedded (captive) recipient or signer.

Use your application's client ID (user ID) for the recipient. Doing so enables the details of your application's authentication of the recipient to be connected to the recipient's signature if the signature is disputed or repudiated.

Maximum length: 100 characters.


(Required) Specifies the email of the recipient. You can use either email and userName or userId to identify the recipient.




Only used if pingUrl is specified. This is the interval, in seconds, between pings on the pingUrl. The default is 300 seconds. Valid values are 60-1200 seconds.


The client URL that the DocuSign Signing experience should ping to indicate to the client that Signing is active. An HTTP GET call is executed against the client. The response from the client is ignored. The intent is for the client to reset its session timer when the request is received.


A local reference that senders use to map recipients to other objects, such as specific document tabs. Within an envelope, each recipientId must be unique, but there is no uniqueness requirement across envelopes. For example, many envelopes assign the first recipient a recipientId of 1.


(Optional) The URL to which the user should be redirected after the signing session has ended. DocuSign redirects to the URL and includes an event query parameter that can be used by your application.

Maximum Length: 500 characters. If the returnUrl exceeds this limit, the user is redirected to a truncated URL.

Possible event parameter values include:

  • access_code_failed: Recipient used incorrect access code.
  • cancel: Recipient canceled the signing operation, possibly by using the Finish Later option.
  • decline: Recipient declined to sign.
  • exception: A system error occurred during the signing process.
  • fax_pending: Recipient has a fax pending.
  • id_check_failed: Recipient failed an ID check.
  • session_timeout: The session timed out. An account can control this timeout by using the Signer Session Timeout option.
  • signing_complete: The recipient completed the signing ceremony.
  • ttl_expired: The Time To Live token for the envelope has expired. After being successfully invoked, these tokens expire after 5 minutes or if the envelope is voided.
  • viewing_complete: The recipient completed viewing an envelope that is in a read-only/terminal state, such as completed, declined, or voided.

Ensure that you include https:// in the URL to prevent the redirect from failing on certain browsers.


The domain in which the user authenticated.


The user ID of the recipient. You can use either the user ID or email and user name to identify the recipient.

If userId is used and a clientUserId is provided, the value in the userId property must match a recipientId (which you can retrieve with a GET recipients call) for the envelope.

If a userId is used and a clientUserId is not provided, the userId must match the user ID of the authenticating user.


The username of the recipient. You can use either email and userName or userId to identify the recipient.


Specifies whether a browser should be allowed to render a page in a frame or IFrame. Setting this property ensures that your content is not embedded into unauthorized pages or frames.

Valid values are:

  • deny: The page cannot be displayed in a frame.
  • same_origin: The page can only be displayed in a frame on the same origin as the page itself.
  • allow_from: The page can only be displayed in a frame on the origin specified by the xFrameOptionsAllowFromUrl property.


When the value of xFrameOptions is allow_from, this property specifies the origin on which the page is allowed to display in a frame. If the value of xFrameOptions is allow_from, you must include a value for this property.



The endpoint to which webhook notification messages are sent via an HTTP/S POST request. For the DocuSign production platform, the url must start with https. For the demo platform, either http or https is ok.


Generic JSON Request/Response

  "clientUserId": "sample string 1",
  "userId": "sample string 2",
  "userName": "sample string 3",
  "email": "sample string 4",
  "recipientId": "sample string 5",
  "returnUrl": "sample string 6",
  "pingUrl": "sample string 7",
  "pingFrequency": "sample string 8",
  "authenticationMethod": "sample string 9",
  "assertionId": "sample string 10",
  "authenticationInstant": "sample string 11",
  "securityDomain": "sample string 12",
  "xFrameOptions": "sample string 13",
  "xFrameOptionsAllowFromUrl": "sample string 14",
  "frameAncestors": [
    "sample string 1"
  "url": "sample string 1"
Generic XML Request/Response

<recipientViewRequest xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.docusign.com/restapi">
  <assertionId>sample string 10</assertionId>
  <authenticationInstant>sample string 11</authenticationInstant>
  <authenticationMethod>sample string 9</authenticationMethod>
  <clientUserId>sample string 1</clientUserId>
  <email>sample string 4</email>
  <frameAncestors xmlns:d2p1="http://schemas.microsoft.com/2003/10/Serialization/Arrays">
    <d2p1:string>sample string 1</d2p1:string>
  <pingFrequency>sample string 8</pingFrequency>
  <pingUrl>sample string 7</pingUrl>
  <recipientId>sample string 5</recipientId>
  <returnUrl>sample string 6</returnUrl>
  <securityDomain>sample string 12</securityDomain>
  <userId>sample string 2</userId>
  <userName>sample string 3</userName>
  <xFrameOptions>sample string 13</xFrameOptions>
  <xFrameOptionsAllowFromUrl>sample string 14</xFrameOptionsAllowFromUrl>
<viewUrl xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://www.docusign.com/restapi">
  <url>sample string 1</url>
}} />