how to get approval id without api key
Monday, March 7, 2022 at 02:25pmHi,
Is it possible to get approval id for the signer without API call? as API call required API key, and we don't want to expose the API key.
As in on-prem v11.25, once launching the signing ceremony via token, there is signer approval id included in the response, but seems not from SaaS.
thanks,
Cindy
Reply to: how to get approval id without api key
Monday, March 7, 2022 at 02:56pmin the SaaS launching signign ceremony via token response, I saw something like below, what does it mean? approvalId is sesstionToken? how to reuse Session token to retrieve approval id?
root.__CEREMONY__ = {"approvalId":"sessionToken=MzlhYTk4NmItOTkzMS00ZTFjLWE1MmYtZDI3MWJlNWExMzM0","documentId":"sessionToken=MzlhYTk4NmItOTkzMS00ZTFjLWE1MmYtZDI3MWJlNWExMzM0","isPreviewEnabled":false,"isSenderJoinAdHoc":false,"isVirtualRoomView":false,"locale":{"cookie":"en","default":"en","header":"ar"},"parentRedirection":false,"transactionId":"05bYyM7TUHpO_3f8jPb54u4GQWk=","viewer":"pdf"};
Reply to: how to get approval id without api key
Monday, March 7, 2022 at 04:10pmHi Cindy,
May I know the reason behind your requirement that why you want the signer to get the approval ID? Could you give me an example of your workflow in version 11.25?
Duo
Duo Liang OneSpan Evangelism and Partner Integrations Developer
Reply to: how to get approval id without api key
Monday, March 7, 2022 at 04:15pmWe have regression automation test suites for signing ceremony which includes the signer to sign from SOA test/Postman
for example, for signing
Request: POST: https:sandbox.e-signalive.ca/graphql
payload:
{
"operationName": "signApproval",
"variables": {
"documentId": "${DOC_ID}",
"originalId": "${approval_Id}",
"transactionId": "${packageId}",
"value": "AQAAAN90x38Jeatu6i3/5x9+BgX5AUQCAwADAE4AAAADAAAA+QFEAiEAAAAC6+xABWAUYBZgFEAFYBVAB0AFQAdACkAHQAxABUAHQAVAVECCQLBAsFD2ULRQhlCIUEVQRZtwF3A0cEZwFGBSYCQ="
},
"query": "mutation signApproval($originalId: String!, $documentId: ID!, $transactionId: ID!, $value: String!) {\n signApproval(originalId: $originalId, documentId: $documentId, transactionId: $transactionId, value: $value) {\n id\n isAccepted\n isOptional\n isSignatureCaptureEnforced\n fromFileData {\n value\n type\n __typename\n }\n fields {\n id\n acceptedDate\n value\n __typename\n }\n __typename\n }\n}\n"
}
Reply to: how to get approval id without api key
Monday, March 7, 2022 at 04:24pmI see. How did you create the transaction? Can you specify the approval ID like how your script retrieved the package ID and document ID?
Duo
Duo Liang OneSpan Evangelism and Partner Integrations Developer
Reply to: how to get approval id without api key
Tuesday, March 8, 2022 at 06:58amHi Duo,
currently I retrieve approval id via API call , it's working for me. my question is if it's possible to retrieve approval id without API call ? the purpose is not to use API key.
thanks,
Cindy
Reply to: how to get approval id without api key
Tuesday, March 8, 2022 at 09:42amHi Cindy,
Although it's not suggested to interpret the Signing Ceremony traffic and analyze the response, it's actually possible to use the "sessionToken" as an alternative of API Key:
root.sessionToken = "56b19cb6f24bd5e171e546fc8679aeef072635b2401ba1f9";
It's a token authenticating the signer's session. You'd set it as a cookie in header in order to authenticate an API, for example:
GET /api/packages/{package}
Cookie: ESIGNLIVE_SESSION_ID=56b19cb6f24bd5e171e546fc8679aeef072635b2401ba1f9;
Duo
Duo Liang OneSpan Evangelism and Partner Integrations Developer
Reply to: how to get approval id without api key
Tuesday, March 8, 2022 at 09:44amHi Duo,
thanks for the information. I will try it and let you know if it's working or not.
thanks,
Cindy
Reply to: how to get approval id without api key
Tuesday, March 8, 2022 at 10:07amthanks, it works.