REST API
OneSpan Sign has created a Digital Lending Solution that can store a loan or other related document (e.g., contract, chattel paper) in a digital vault.
Certain REST API settings associated with a OneSpan Sign transaction can specify which document should be vaulted, and in which organization and vault it should be stored. After a document's authoritative copy is vaulted, it is replaced in OneSpan Sign's database by either a watermarked non-authoritative copy (default) or a blank document.
Creating a transaction or template with the REST API always involves certain standard settings — see Java SDK.
If you want to view all existing calls, see our interactive Open API Specification. From there you can download the YAML file for our REST API, search for specific endpoints in that API, and even try a few calls yourself.
Whenever an attempt to eDeposit documents in an eOriginal vault fails, OneSpan Sign sends a notification to the Sender of the associated transaction via a Callback Event. Once the effort to vault a document suffers a non-recoverable error, OneSpan Sign sends the Sender an email about the failure. That email’s template cannot be customized.
Using an eOriginal Vault for Digital Lending Transactions
Currently, the use of Optional Signatures with eOriginal is not supported. By default, when using eOriginal, documents are vaulted as soon as the last signature has been signed by the last signer. However, when using optional signatures it is possible to complete a transaction without completing all signature fields. In this case, the document would not be vaulted.
If you want to store a document in an eOriginal vault, the first thing you need to do is to ask our Support Team to enable this functionality for your account.
To instruct OneSpan Sign to store a document in an eOriginal vault, integrators must add to the transaction's data
field the vaulting_data
JSON field described below.
eOriginal vaults a lending document from a OneSpan Sign transaction together with the transaction's Audit Log.
As of the 11.37 release of OneSpan Sign, if a transaction has multiple loan documents: (1) an eOriginal vault can store all those documents for the transaction; (2) eOriginal's Audit Trail lists all events related to the transaction and its multiple documents.
vaulting_data
This field should be a Base-64-encoded JSON string. When the field is decoded, the parameters in the following table can be viewed.
Parameter | Required? | Description |
---|---|---|
vaultTransactionTypeName | No | This allows vaulting customers to pass their desired transaction type name to the system using the transactiontypename parameter. This allows users to distinguish the source of certain transactions when vaulting from multiple sources they want to track. |
vaultCredentials | Yes |
This JSON object contains the authentication credentials for accessing eOriginal's eCore service API. This object must contain the following required fields:
This JSON object also contains the following optional field (a default value will be used if the endpoint field is not specified):
|
documentsToVault | Yes |
This is a JSON array that must contain the following required fields. Each entry of the array contains vaulting information for a specific document.
loanId, loanAmount, and lender are only sent to eOriginal for the first item in the array. For subsequent items these values are not sent to eOriginal. |
version | No |
Version of the protocol to be used. Currently the only supported value is Lending-2.0. |
postRegisterOption | No |
After the authoritative copy of a document is vaulted in an eOriginal vault, it is removed from OneSpan Sign. This parameter specifies how this authoritative copy will be replaced in OneSpan Sign. The supported values are:
Note: Clients cannot download the authoritative copy of a document that will be deposited in an eOriginal vault. If they try to do so, they will end up downloading a flattened non-authoritative copy whose every page will bear the watermark Non-Authoritative Copy. |
customFields | No |
This JSON object contains data that will be added to the eOriginal transaction as Custom Fields. This object can contain any field as long as its name matches that of a Custom Field configured for your eOriginal eCore service Customer Org. |
Example
Here is an example of a Base64-decoded "vaulting_data
" value:
{ "postRegisterOption":"watermark_doc", "vaultTransactionTypeName":"OneSpan Sign eTest", "vaultCredentials":{ "username":"SampleUsername", "orgName":"SampleOrganization", "apiKey":"ok0Sample0ApiKey0Just0An0Example", "endpoint":"previewondemand" }, "documentsToVault":[ { "documentId":"DocumentName01", "loanId":"loanId_001", "loanAmount":"99999", "lender":"ABC Corporation", "type":"Loan Contract" }, { "documentId":"DocumentName02", "loanId":"N/A", "loanAmount":"0", "lender":"N/A", "type":"Ancillary" } ] }
Parameter | Required? | Description |
---|---|---|
vaults | Yes | |
registryRecords | Yes | |
version | No | |
postRegisterOption | No |
Email Template for a Vaulting Failure
If an attempt to vault a document fails, OneSpan Sign uses the following template to send the associated transaction's Sender an email about the failure.
This template cannot be customized.
<?xml version="1.0" encoding="UTF-8"?> <email-template xmlns="urn:schema.awsng.silanis.com" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <from> <email>[email protected]</email> <display_name>OSS Support</display_name> </from> <to> <address> <email>%USER_EMAIL;</email> <display_name>%USER_FIRST_NAME; %USER_LAST_NAME;</display_name> </address> </to> <subject>e-Sign Ceremony Failure Notification</subject> <body> <content-type>text/html; charset="UTF-8"</content-type> <content> Dear %USER_FIRST_NAME; %USER_LAST_NAME;,<br/> <br/> An error has occurred for your package: <br/> <br/> %NOTIFICATION_MESSAGE;<br/> <br/> Should you have any problem, please contact OSS Support at [email protected] <br/> <br/> Thank you for e-signing.<br/> <br/> OSS Support </content> </body> <priority>1</priority> </email-template>
The above failure notification will not be sent if any of the following errors occurs within the vaulting_data
JSON field:
Error | What the POST request /api/packages returns |
---|---|
The documentId field for the parameter documentsToVault is incorrect (i.e., it is not a documentID in the transaction). | 200 |
The username field for the parameter vaultCredentials is incorrect. | 200 |
The apiKey field for the parameter vaultCredentials is incorrect. |
500 "messageKey": "error.internal.default","technical": "error.eslx.validation.eoclient.loginError” |
The orgName field for the parameter vaultCredentials is incorrect, but the apiKey field is correct. |
500 "messageKey": "error.internal.default","technical": "error.eslx.validation.eoclient.loginError” |
Incorrect JSON – e.g., referencing vaultCredentials as valutCredentials. | 200 |