pascal_eric_servais | Posts: 6

Signer Id's Validation

Wednesday, August 25, 2021 at 09:05am
0 votes

Hi!

I am using the SDK to create a ceremony with a custom signer id and I need to use the signer's email.

The SignerBuilder.withCustomId(String) method's javadoc says the following:

Sets the ID of the signer for this package.
E.g.: the signer's email makes for a good unique ID. [email protected]
Params:
id – the signer's ID @size(min="1", max="64")
Returns:
the signer builder itself

But, when specifying an email, I get the following error:

{ "status": "500", "error": "Internal Server Error", "code": "CODE-XXXX", "message": "Could not create a new package in one-step Exception: HTTP POST on URI https://XXX/api/packages resulted in response with status code: [400, Bad Request]. Optional details: {\"messageKey\":\"error.validation.invalidID\",\"message\":\"There are some invalid characters in the Role ID '[email protected]'. Valid characters are specified in the regex '[a-zA-Z0-9_\\\\-.]+'.\",\"code\":400}", }

What am I missing?

Note: I actually use the SDK version 11.36

Thanks

Duo_Liang | Posts: 3776

Reply to: Signer Id's Validation

Wednesday, August 25, 2021 at 09:59am
0 votes

Hi pascal_eric_servais,

 

Thanks for your post! As per the error message indicates, the only allowed characters in the role ID is a-z, A-Z, 0-9, dash, underscore and period. Other special characters like @ or accent characters are not allowed. I believe this is because the role ID will be used as a part of the API URL, which is composed from a limited set of characters. For example when querying a certain signer, you'd use GET /api/packages/{packageId}/roles/{roleId}.

 

Duo

pascal_eric_servais | Posts: 6

Reply to: Signer Id's Validation

Wednesday, August 25, 2021 at 12:01pm
0 votes

Hi Duo_Liang,

Thank you for your quick answer.

I understand this validation is practical from a technical point of view. But, functionnally, the signer's email address is the ideal candidate for its identifier. Is there any way to get around this issue?

Regards

Pascal-Eric

Duo_Liang | Posts: 3776

Reply to:

Wednesday, August 25, 2021 at 12:17pm
0 votes

Hi Pascal-Eric,

 

I see, in that case, one of the potential solutions might be to URL encode the email so that it meets the role ID validation, and you are also able to decode the role ID and revert to their email. The only thing is the % seems not supported in OneSpan Sign role ID, you may have to replace all the occurrences with a certain pattern, something like ".pct.".

 

Duo

 

pascal_eric_servais | Posts: 6

Reply to: Signer Id's Validation

Wednesday, August 25, 2021 at 12:29pm
0 votes

Hi Duo Liang,

I don't think this would help because our goal is to have the email specified as ID in the signature's properties:

Signature's properties

pascal_eric_servais | Posts: 6

Reply to: Signer Id's Validation

Wednesday, August 25, 2021 at 12:54pm
0 votes

Hi Duo,

I am a newbie in the OneSpan esign world. Do you have an idea where I should place the decoding fonctionnality to make sure the id is decoded when it is displayed within the signature's properties?

Regards

Pascal-Eric

Duo_Liang | Posts: 3776

Reply to:

Wednesday, August 25, 2021 at 01:00pm
0 votes

Hi Pascal-Eric,

 

Because the certificate has already implies the signer email "Reason: E-SIGNED by John Smith ([email protected])", do you have a specific reason why the role ID also have to be the same? - I thought you just don't want to create an additional custom ID, and don't want the ID to be inconsistent to the real email address.

 

Duo

Hello! Looks like you're enjoying the discussion, but haven't signed up for an account.

When you create an account, we remember exactly what you've read, so you always come right back where you left off

LoginSign Up