Signature properties in active documents
Wednesday, July 21, 2021 at 06:04amHello,
In the attached image, a signature properties interface we can see the Location: Client IP 172.16.4.81
My question is how can I edit this IP. Have been trying to send the "x-forwarded-for" header for the sign request, but the value sent is not applied.
Even though I can see a change when I use that header in the request.
When I use that header I can see the value changes from 172.16.4.81 to 172.16.4.80, but this are not the values I sent in the "x-forwarded-for" header.
Reply to: Signature properties in active documents
Wednesday, July 21, 2021 at 09:14amHi Motard,
If you are signing on behalf of signer via API or SDK function, then you can't and shouldn't tamper the request IP address, as the process evidence is the key proof of what exactly transpired during an online e-signing session. Even though you're signing on behalf of a signer, it is really your application that signed the document and both the sealed certificate and the audit trail will point out that the signature has been signed from the source IP address.
Duo
Duo Liang OneSpan Evangelism and Partner Integrations Developer
Reply to: Hi Motard, If you are…
Thursday, July 22, 2021 at 01:34amHello Duo,
Yes, I am signing via API. So what you are saying is that the source IP address is the IP of my application (an esignLive instance)?
Reply to: Signature properties in active documents
Friday, July 23, 2021 at 04:07amHello Duo.
One more thing that I noticed. When I sign a document using native OSS signing front end to sign a document, and when I check that signature properties interface I can see my own public IP reflected there.
So my question is, why when I sign via API call I get one IP, like the one I put above, this one 172.16.4.81, and when I sign using OSS native signing front end I can see my actual public IP?
Reply to: Hello Duo. One more thing…
Monday, July 26, 2021 at 09:32amHi Motard,
Is your goal to get rid of the private IP (e.g. 172.16.4.81) and to display the actual public IP in the certificate as well as the audit trail?
First, please kindly be aware of the two points I mentioned above: (1)when signing on behalf of a signer, the signed certificate and the audit trail will point out the signature has been signed from the application's IP address (2)you shouldn't trying to tamper this IP
On top of that, I agree with you that it's abnormal to show an internal IP in the certificate. When you mentioned "sign via API call", where the API client was hosted? Your local machine or a remote server? Does it connect to internet directly or via firewall/proxy?
Duo
Duo Liang OneSpan Evangelism and Partner Integrations Developer
Reply to: Hi Motard, Is your goal…
Monday, August 2, 2021 at 04:23amHello Duo,
Yes that is my goal, to get rid of the private IP and display the actual public IP.
And the API client is hosted on a remote server. And I will need to get back to you regarding your question "Does it connect to internet directly or via firewall/proxy", because I am waiting for the sysadmin to give me feed back on that.