Get Senders Roles (Rights)
Saturday, November 21, 2020 at 03:13pmWe are using subaccounts and I want to see what senders have rights in the main account and each subaccount. Any suggestions on the API call to use? I have access to the sender API keys and unique IDs if that helps.
Reply to: Get Senders Roles (Rights)
Tuesday, October 4, 2022 at 02:14pmHi Richard,
Sorry for the late reply! As you may have known, because the Roles & Permissions and Subaccounts are still evolving features, for the time being, OneSpan Sign doesn't suggest integrated users to leverage these features. However if you already get started, there's an API to get sender roles:
GET /api/account/senders/{senderId}/account/{subaccountId}/roles
Example Response:
[
{
"permissions": [
"sender_admin.custom_fields",
......
"sender_admin.role"
],
"enabled": true,
"description": "esl.account.account_role.default_role.owner.description",
"predefined": true,
"inherited": false,
"numericId": 2,
"id": "owner",
"name": "esl.account.account_role.default_role.owner.name",
"data": null
},
{
"permissions": [
"transaction.change_signer",
"sender_admin.event_notification",
"groups.group_signing_management",
"sender_admin.subscription",
"sender_admin.reports"
],
"enabled": true,
"description": "My Customized Role Description",
"predefined": false,
"inherited": false,
"numericId": 73,
"id": "dc996466-8a0a-40d2-a9fb-461de2c2fab7",
"name": "My Customized Role",
"data": null
}
]
If you authenticate this API with account owner's API Key under the main account level, it returns you the specific sender roles under a certain subaccount.
This requires you to invoke sender numbers * subaccount numbers APIs which is not desired, but I temporary didn't find a better way to bulk pull the data.
I've also created some sample codes if you want to follow this path:
string apiKey = "your_api_key";
string apiUrl = "https://sandbox.esignlive.com/api";
OssClient client = new OssClient(apiKey, apiUrl);
//step1: get a list of senders (IDs)
List<Sender> senderList = new List<Sender>();
IDictionary<string, Sender> accountMembers;
int i = 1;
do
{
accountMembers = client.AccountService.GetSenders(Direction.ASCENDING, new PageRequest(i, 100));
senderList.AddRange(accountMembers.Values);
i += 100;
} while (accountMembers.Count == 100);
//step2: get a list of subaccount IDs
IList<Account> subaccountList = client.AccountService.getSubAccounts();
//step3: loop through the list and query sender roles
foreach (Account subaccount in subaccountList)
{
string subaccountId = subaccount.Id;
foreach (Sender sender in senderList)
{
string senderId = sender.Id;
HttpClient myHttpClient = new HttpClient();
myHttpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Basic", apiKey);
myHttpClient.DefaultRequestHeaders.Add("Accept", "application/json");
var response = myHttpClient.GetAsync(new Uri(apiUrl + $"/account/senders/{senderId}/account/{subaccountId}/roles")).Result;
JArray senderRoles = JArray.Parse(response.Content.ReadAsStringAsync().Result);
var defaultRoles = new Dictionary<string, string>()
{
{ "esl.account.account_role.default_role.owner.name", "Admin"},
{ "esl.account.account_role.default_role.manager.name", "Manager"},
{ "esl.account.account_role.default_role.member.name", "Sender"}
};
StringBuilder sb = new StringBuilder(50);
foreach (JObject senderRole in senderRoles)
{
string name = senderRole.GetValue("name").ToString();
if (defaultRoles.ContainsKey(name)) {
name = defaultRoles[name];
}
sb.Append(name).Append("; ");
}
Debug.WriteLine($"subaccount: {subaccountId}; sender: {senderId}; roles: {sb.ToString()}");
}
}
Duo
Reply to: Get Senders Roles (Rights)
Tuesday, October 4, 2022 at 02:14pmThank you for the code. I'm willing to use Roles, Subaccounts and the rest of it while OneSpan finishes it's enhancements. We need the reports for the Annual Security Audits required by State policy.
Reply to: Get Senders Roles (Rights)
Tuesday, October 4, 2022 at 02:14pmUsing the code below:
OssClient oClient = new OssClient(GlobalVars.CurrentapiKey, GlobalVars.CurrentapiUrl);
//Sender s = oClient.AccountService.GetSender();
// s.`
//step1: get a list of senders (IDs)
List<Sender> senderList = new List<Sender>();
IDictionary<string, Sender> accountMembers;
int i = 1;
do
{
accountMembers = oClient.AccountService.GetSenders(Direction.ASCENDING, new PageRequest(i++, 100));
senderList.AddRange(accountMembers.Values);
} while (accountMembers.Count == 100);
from the sample it thinks I have over 22K users, which with only about 300 seems like an issue. Is that because of subaccounts or something in the code?
Reply to: Get Senders Roles (Rights)
Tuesday, October 4, 2022 at 02:15pmDo you mean that you can't retrieve 300 (out of all 22K) senders through the ".GetSenders()" function? If that's the case, could you send your account owner's email to [email protected] so that I can take a closer look at your account's structure?
Otherwise, did you hit any specific error?
Duo
Reply to: Get Senders Roles (Rights)
Tuesday, October 4, 2022 at 02:15pmI mean the code returns over 22K users but I only have around 300.
I got it to "work" by just grabbing 300 and calling it "all" of them but the logic getting them would be a better long term solution. It was returning names more than once from what I could tell.
Reply to: Get Senders Roles (Rights)
Tuesday, October 4, 2022 at 02:15pmHi Richard,
You are right! I made a mistake in the code logic, and didn't find it because I didn't have a 100+ senders account to test. Sorry about that!
int i = 1;
do
{
accountMembers = client.AccountService.GetSenders(Direction.ASCENDING, new PageRequest(i, 100));
senderList.AddRange(accountMembers.Values);
i += 100;
} while (accountMembers.Count == 100);
Duo