Versions Compared

Old Version 11

changes.mady.by.user Manuel Gierlinger

Saved on

compared with

New Version Current

changes.mady.by.user Alexander Scheipner

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info
titleAttention

Please note that this documentation and the links refer to the api v6. For more information please see the  migration guide and the documentation related to v5.

Introduction


Info

REST API /v3 and /v4 DEPRECATION: The 23.76 (published March 2024) will be the last LTS version that includes these API versions. By early June 2024, the REST API routes to v3/v4 will be deactivated on DEMO. Early December 2024, the REST API routes to v3/v4 will be removed from feature stream releases. Note that there is no date communicated yet to discontinue REST APIv5 (and where v5 refers to v4 routes, these will still remain); however we recommend to use the /v6 API specification already.

Introduction

On this page you will find the eSAW API description. First we start with a basic overview of the API. If you are looking for examples we recommend the Postman Sample, On this page you will find the eSAW API description. First we start with a basic overview of the API. If you are looking for examples we recommend the Postman Sample, v6 Envelope structure and our Stories and Examples.

...

Table of Contents

...

style

...

...

...

circle

Principles of Api v6

Detailed information about all changes between api v5 and api v6 can be found here: migration guide.

  • Reduced HTTP verbs
    • Only HTTP GET and POST
  • Consistent naming and symmetric structures within api v6
  • Consistency between Web User Interface (WebUI) and api v6 in features but also naming
    • Positive wording (e.g. prevent sharing with team changed to share with team) 
  • Simplified terminology and structures
  • No abstract types any more

Changes has been made on api method level as well as the JSON structures and the envelope status values changed.

Overview and references

The API is for developers, who want to integrate eSignAnyWhere into their application and for administrators, who want to script interactions with eSignAnyWhere (e.g. user synchronization).

Quick Overview: eSAW uses REST (with JSON) as API. The basic workflow is to upload a document  and then send the envelope with a envelope configuration. Optional, before sending the envelope, it is possible to prepare the envelope to get the workstep configuration for sending the envelope. For more information about the envelope configuration please also have a look at the Envelope Structure. The configuration consists out of the envelope part (workflow configuration) and for each action a definition and a signing configuration (workstep configuration). The workstep configuration is the description (as JSON for REST) of tasks for signer (e.

Overview and references

The API is for developers, who want to integrate eSignAnyWhere into their application and for administrators, who want to script interactions with eSignAnyWhere (e.g. user synchronization).

Quick Overview: eSAW uses REST (with JSON) as API. The basic workflow is to upload a document  and then send the envelope with a envelope configuration. Optional, before sending the envelope, it is possible to prepare the envelope to get the workstep configuration for sending the envelope. For more information about the envelope configuration please also have a look at the Envelope Structure. The configuration consists out of the envelope part (workflow configuration) and for each action a definition and a signing configuration (workstep configuration). The workstep configuration is the description (as JSON for REST) of tasks for signer (e.g. Signature Fields, Form-Fields) and additional document configurations.

The easiest way to start is enabling the DeveloperMode for a user. As developer (and power user) you can send envelopes via eSignAnywhere in the UI and download the complete envelope configuration (including the workstep configurations). So eSAW can be a seen as configuration designer, where you can easily prepare the envelope configuration. After you downloaded the configuration you just have to replace the recipient information and configuration.

Resources

REST API Reference (Swagger)   | >= 3.1 |https://demo.esignanywhere.net/Api
REST tutorialsThis turorials help getting familiar with the API technology and the most common tools to do first tests of API calls already before implementing your own integration code.
visit REST tutorial using Postman
Tutorial: Hello World*

This tutorial allows to dig into the API integration of eSignAnyWhere a bit deeper. It focuses on audience already familiar with tools to run API calls, such as Postman or SoapUI.

visit Hello World Tutorial

Developer mode*visit developer mode
Sample Code in Java

Here you can find the java sample: Download. (Contains example with REST, developed with JavaSE-12)

SignAnyWhere Viewer 2019

Redesign Image Modified

visit SignAnyWhere Viewer 2019 Information
SignAnyWhere Viewer Extended Customizationvisit SignAnyWhere Viewer Extended Customization
Integration & Use Casesvisit Integration & Use Cases
Developer FAQvisit Developer FAQ
eSAW Error Codesvisit eSAW Error Codes

* Recommended

The User Guide, Signer Guide and Administration Guide (for on-premise customers) can be also helpful.

General conncepts

Authorization

This section covers the authorization options for REST-API integrations. For the authorization you have different options with REST API; as described in the next chapters. If you are authorized you will get a HTTP/200 Ok info. Otherwise you will get a 401 Unauthorized error.

Authorization

We recommend to use user-specific API tokens. Therefore, each user can create several tokens for different application integrations. The apiToken has to be provided as HTTP Header. Image Removed

Please see the next sample authorization (Bearer token):

...

Object validation

String and array objects are validated. If hovering over an object in the model section on e.g. https://demo.esignanywhere.net/Api/swagger/ui/index you can see which validation is performed. In the following sample the validation for the Documents array is such that at least one document must be added and maximum of 50 documents are allowed.

Model Items LimitationImage Added

For string objects, the length is validated. In the following sample, a maximum of 100 characters is checked for the string Name.

Model Length LimitationImage Added

Ids have a fixed length, therefore the minimum and maximum values are the same:

Model Lengths LimitationImage Added

Authorization

This section covers the authorization options for REST-API integrations. For the authorization you have different options with REST API; as described in the next chapters. If you are authorized you will get a HTTP/200 Ok info. Otherwise you will get a 401 Unauthorized error.

Authorization

We recommend to use user-specific API tokens. Therefore, each user can create several tokens for different application integrations. The apiToken has to be provided as HTTP Header. Image Added

Please see the next sample authorization (Bearer token):

KeyValue
"Authorization"e.g. "Bearer asdfngtmvv8pfmsuaxpzz85zux3e63dd9zttrwitx9mln6qka6tds83du3p3lroe"

Please see the next sample authorization (api token):

KeyValue
"ApiToken""asdfngtmvv8pfmsuaxpzz85zux3e63dd9zttrwitx9mln6qka6tds83du3p3lroe"


Such an user api token can be created in Settings→API Tokens and Apps; Section "API Tokens".

Tokens created by eSAW are currently 64-digit alphanumeric strings - but the length and set of allowed characters may be changed with future product versions.

Format Specification

 Note that the key can be any 64 digit alphanumeric value; not necessarily following the GUID format! The length and set of allowed characters may be changed with future product versions.

Callbacks

The API allows the definition of several callbacks. Please note, that only the envelope callback (directly from eSignAnyWhere) is fired, when the envelope is in a final state. The status update callback is fired by a sub-component and you may require to wait a post-processing time that the envelope reaches its final state.

Please see the next sample authorization (api token):

...

Such an user api token can be created in Settings→API Tokens and Apps; Section "API Tokens".

Tokens created by eSAW are currently 64-digit alphanumeric strings - but the length and set of allowed characters may be changed with future product versions.

Format Specification

 Note that the key can be any 64 digit alphanumeric value; not necessarily following the GUID format! The length and set of allowed characters may be changed with future product versions.

Callbacks

The API allows the definition of several callbacks. Please note, that only the envelope callback (directly from eSignAnyWhere) is fired, when the envelope is in a final state. The status update callback is fired by a sub-component and you may require to wait a post-processing time that the envelope reaches its final state.

Time of RetryTotal time after t00 minT0: Initial Callback Event
will retry (see next row) if no HTTP 2xx response, or in case of timeoutT1 = T0 + 5 min5 min2nd Attempt (= 1st Retry)
Time of RetryTotal time after t0

0 minT0: Initial Callback Event

will retry (see next row) if no HTTP 2xx response, or in case of timeout
T2
T1 =
T1 +
T0 + 5 min5 min2nd Attempt (= 1st Retry)
will retry (see next row) if no HTTP 2xx response, or in case of timeout
T2 = T1 + 10 min15 min3rd Attempt
T3 = T2 + 15 min30 min...
T4 = T3 + 20 min50 min...
.........
T9 = T8 + 40 min180 min
= 3h		10th Attempt
if still no HTTP 2xx response => listed as "warning" in errors view (assuming default value "10" configured in _global.xml for "notificationErrorThreshold")
.........
T29 = T28 + 145 min2175 min
= 36.25h		30th Attempt
if still no HTTP 2xx response => listed as "error" in errors view & permanent give-up (assuming default value "30" configured in _global.xml for "notificationMaximumRetries"); but can be triggered from UI / errors view) again

Callback Types

  • CallbackConfiguration

  • Draft Callbacks

...

Consider, that our system expects the full callback url, including the parameter list you expect, with the placeholders that should be replaced by values at runtime. You can also add your own paramter parameter for that envelope (e.g. internal references). Moreover, on our shared SaaS environments only HTTPS callbacks (port 443, and 1025-65535) callbacks are allowed.

Placehoder for callback URL:

...

Consider, that our system expects the full callback url, including the parameter list you expect, with the placeholders that should be replaced by values at runtime. You can also add your own paramter parameter for that envelope (e.g. internal references). Moreover, on our shared SaaS environments only HTTPS callbacks (port 443, and 1025-65535) callbacks are allowed.

Sample:

https://www.mycallback.at?envelope=##EnvelopeId##&action=##Action##

...

Code Block
languagejava
themeEclipse
  "CallbackConfiguration": {
    "CallbackUrl": "string",
    "StatusUpdateCallbackUrl": "string",
    "StepActionCallbackConfigurationActivityActionCallbackConfiguration": {
      "Url": "string",
      "ActionCallbackSelection": {
        "ConfirmTransactionCode": true,
        "DefaultEventType": true,
        "AgreementAccepted": true,
        "AgreementRejected": true,
        "RequestPrepareAuthenticationInformationSuccess": true,
        "PrepareAuthenticationSuccess": true,
        "AuthenticationFailed": true,
        "AuthenticationRejected": true,
        "AuthenticationSuccess": true,
        "ReAuthenticationFailed": true,
        "AuditTrailRequested": true,
        "AuditTrailXmlRequested": true,
        "CalledPage": true,
        "WhoIsInformation": true,
        "DocumentDownloaded": true,
        "FlattenedDocumentDownloaded": true,
        "AddedAnnotation": true,
        "AddedAttachment": true,
        "AppendedDocument": true,
        "FormsFilled": true,
        "ConfirmReading": true,
        "PageViewChanged": true,
        "SendTransactionCode": true,
        "PrepareSignWorkstepDocument": true,
        "SignWorkstepDocument": true,
        "UndoAction": true,
        "WorkstepCreated": true,
        "WorkstepFinished": true,
        "WorkstepRejected": true,
        "DisablePolicyAndValidityChecks": true,
        "EnablePolicyAndValidityChecks": true,
        "AppendFileToWorkstep": true,
        "AppendTasksToWorkstep": true,
        "SetOptionalDocumentState": true,
        "PreparePayloadForBatch": true
      }
    }
  },

...

These events are fired by the Workstep Controller (internal component) and are fired before the data in eSAW is complete updated (some post-processing is required). Therefore this event callbacks are used only in rare integrations.

Available Event Types

For more information please see https://demo.esignanywhere.net/Api/swagger/ui/index#!/Envelope/Envelope_Send section EnvelopeSendActionCallbackSelection

Available Event Types

TypeDescription
ConfirmTransactionCode A transaction code was sent
AgreementAccepted The user accepted the agreement
AgreementRejectedThe user rejected the agreement
PrepareAuthenticationSuccessThe prepare authentication process succeeded
AuthenticationFailedThe user failed to authenticate
AuthenticationSuccessThe user succeeded to authenticate
AuditTrailRequestedThe audittrail was requested
AuditTrailXmlRequestedThe audittrail XML was requested
CalledPageThe viewer site was requested
DocumentDownloadedThe document download was requested
FlattenedDocumentDownloadedThe flattened document download was requested
AddedAnnotationAn annotation was added
AddedAttachmentAn attachment was added
AppendedDocumentA document was appended
FormsFilledA form field was filled
ConfirmReadingA reading task was completed
PageViewChangedNote: This event is only used for the audit trail, no notification is sent to the configured URL. The user changed the page view (e.g. by scrolling through the document).
SendTransactionCodeThis event is raised, when a TransactionCode for a signature with type TransactionCode has been sent using the IdentityServer or the TransactionCodeSenderPlugin
PrepareSignWorkstepDocumentA signature is prepared for signing
SignWorkstepDocumentTry to sign a signature
UndoActionAn action was undone
WorkstepCreatedA workstep was created
WorkstepFinishedA workstep was finished
WorkstepRejectedA workstep was rejected
DisablePolicyAndValidityChecksThe policy and validity checks have been disabled. 
EnablePolicyAndValidityChecksThe policy and validity checks have been enabled. 
AppendFileToWorkstepA file was appended to the workstep
AppendTasksToWorkstepA task was added to the workstep
SetOptionalDocumentStateA optional document became either active or inactive
PreparePayloadForBatchThe payload is getting prepared for batch signing
TypeDescriptionConfirmTransactionCode A transaction code was sentDefaultEventType Not specially defined event typeAgreementAccepted The user accepted the agreementAgreementRejected The user rejected the agreementRequestPrepareAuthenticationInformationSuccess The request for additional authentication infos was requestedPrepareAuthenticationSuccess The prepare authentication process succeededAuthenticationFailed The user failed to authenticateAuthenticationRejected The user rejected the authentication processAuthenticationSuccess The user succeeded to authenticateReAuthenticationFailed The reauthentication process failedAuditTrailRequested The audittrail was requestedAuditTrailXmlRequested The audittrail XML was requestedCalledPage The viewer site was requestedWhoIsInformationWHOIS information has been requested. DocumentDownloaded The document download was requestedFlattenedDocumentDownloaded The flattened document download was requestedAddedAnnotation An annotation was addedAddedAttachment An attachment was addedAppendedDocument A document was appendedFormsFilled A form field was filledConfirmReading A reading task was completedPageViewChanged The user changed the page view (e.g. by scrolling through the document). Note: This event is used for the audit trail, but not sent to the configured notification URL.SendTransactionCode This event is raised, when a TransactionCode for a signature with type TransactionCode* has been sent using the IdentityServer or the TransactionCodeSenderPluginPushTransactionCode This event is raised, when a TransactionCode for a signature with type TransactionCode has been sent using the TransactionCodePushPlugin GetPushResult This event is raised, when the result of the push plugin method GetPushResult returns a successful authentication GetGenericSigningPluginAuthenticationStatus This event is raised, when the result of the GenericSigningPlugin method GetAuthenticationStatus returns a successful authentication PrepareSignWorkstepDocument A signature is prepared for signingPrepareSignPkcs7WorkstepDocument A signature is prepared for P7M (PKCS7) signing. FinalizeSignPkcs7WorkstepDocument A signature is prepared for P7M (PKCS7) signing. SignWorkstepDocument Try to sign a signatureUndoAction An action was undoneWorkstepCreated A workstep was createdWorkstepFinished A workstep was finishedWorkstepFinishedStarted A workstep started to finish. WorkstepRejected A workstep was rejectedDisablePolicyAndValidityChecks The policy and validity checks have been disabled. EnablePolicyAndValidityChecks The policy and validity checks have been enabled. FinalizeActionAutomaticSignature A finalize action with an automatic signature was applied FinalizeActionTimeStamp A finalize action with a time stamp was applied FinalizeLockForms A finalize action with all forms getting locked AppendFileToWorkstep A file was appended to the workstepAppendTasksToWorkstep A task was added to the workstepSetOptionalDocumentState A optional document became either active or inactiveStartBatch A batch signing process started (not used anymore)EndBatch A batch signing process ended (not used anymore)WorkstepExpired A workstep was set to expired. PreparePayloadForBatch The payload is getting prepared for batch signingPreparePayloadForMultipleWorksteps The payload is getting prepared for multiple worksteps. ApplyPayloadForMultipleWorksteps The payload is used while signing for multiple worksteps. ExtendPayloadForBatch The payload is getting extended for batch signing. ExtendPayloadForMultipleWorksteps The payload is getting extended for multiple worksteps. StartExternalSigningProcess Starting a signing process via an external service FinishExternalSigningProcess Finishing a signing process via an external service PrepareGenericSigningPlugin Prepares to sign a signature via an Generic Signing Plugin SignGenericSigningPlugin Signs a signature via an Generic Signing Plugin ExternalAuthentication External authentication succeeded LogClientSettings Used to log client-side settings like viewer preferences in the audit trail 

Draft Callbacks

Draft callbacks are fired, if a draft is used or deleted. The draft callback is set in the “CreateDraftOptions” (“AfterSendCallbackUrl”: “”), via the following call: https://demo.esignanywhere.net/Api/v6/envelope/create

  • ##DraftId##
  • #Action##
    • draftDiscarded
    • draftSent

Sample:

, via the following call: https://

...

demo.

...

Error

In general, our REST endpoint returns different HTTP status codes:

...

  • 400 BadRequest (envelope description is incorrect)
  • 401 Unauthorized (User is not authorized)
  • 404 NotFound
  • 415 UnsupportedMediaType

esignanywhere.net/Api/swagger/Draft/Draft_Create

  • ##DraftId##
  • #Action##
    • draftDiscarded
    • draftSent

Sample:

https://www.mycallback.at?draft=##DraftId##

...