0 votes


please suggest what are suitable and best authentication tokens (user, sender, signer etc.,) that we should implement if we will have to get the unassigned docs signed through OSS





Reply to: Authentication

0 votes

Hi Naresh,


First, it's important to be aware that if you use an API to sign a document, the audit trail will record the fact that it's your application's IP that signed the document, not the actual signer him/herself.

Given this background, if you still decided to do so

-to sign on behalf of a signer, you need to follow a three step approach documented in this guide, and the authentication token used in this scenario is signer authentication token

-to sign on behalf of the API Key holder, you can directly use the call in this guide

-if the sender is different from the API Key holder (the API Key holder sends the package on behalf of the actual sender), you can use sender authentication token instead in the three step approach.



Duo Liang OneSpan Evangelism and Partner Integrations Developer

Hello! Looks like you're enjoying the discussion, but haven't signed up for an account.

When you create an account, we remember exactly what you've read, so you always come right back where you left off