Enabling the Request Signature with DocuSign Option in the Laserfiche Web Client

The Laserfiche web client includes an integration that allows you to directly request a DocuSign signature on existing documents in your Laserfiche repository. Enabling this option in the Laserfiche web client requires additional configuration:

Note: The DocuSign integration is only used with the Laserfiche web client. It is not supported with the Laserfiche Windows client.

Configuring WebAccessConfig.xml

  1. Log in to the DocuSign website with an administrator account and view Settings.
  2. Under the Users and Groups section, click Users.
  3. Open the user that you want the Laserfiche web client to use to connect to DocuSign.
  4. Ensure that the Allow send on behalf of other users through API permission has been enabled for this user.
  5. Note the email address, application password, and API Account ID for this user (they will be used in later steps).
  6. Enable the Send on Behalf Of Rights option for this account.
  7. Browse to C:\Program Files\Laserfiche\Web Access\Web Files\Config, and open WebAccessConfig.xml with a text editor.
  8. Above </WebAccessConfiguration>, add a DocuSignSettings element with 3 attributes, using the API Account ID, email address, and password you noted in step 5.
    • APIAccountId
    • APIUserEmail
    • Password
  9. Set the values of the three attributes to the appropriate DocuSign values you noted using steps 1-6. The xml should look similar to the following:
    <DocuSignSettings APIAccountId="1234abcd-1234-abcd-1234-1234abcd5678" 
     APIUserEmail="YourDocuSignAccount@SampleCompany.com" Password="password" />
  10. If you are upgrading from an existing version of the Laserfiche web client, you should also append the following <DocuSignConversionSettings> element above </WebAccessConfiguration>:
    <DocuSignConversionSettings SupportedExtensions="doc;docx;docm;dotm;dotx;
     xls;xlsx;xlsm;xltx;xltm;slxb;xlam;ppt;pptx;pptm;potx;ppam;ppsx;ppsm;sldx;
     sldm;txt;rtf;png;jpg;gif;tif;tiff;bmp;pdf" />  
  11. Save your changes to WebAccessConfig.xml.
  12. Optional: You can choose to encrypt the APIAccountId and Password attribute values using the WebAccessConfigEncryptionToggle.exe utility. This utility is installed in the same location as WebAccessConfig.xml. Run the utility from an administrator command prompt. Run the utility again to decrypt the values in order to modify attribute values.

Configuring X.509 Certificate Signing on DocuSign API Calls

By default, DocuSign enables X.509 validation on incoming API requests. X.509 validation on API calls is an optional feature and can be disabled by contacting your DocuSign account manager. While providing an additional layer of security, DocuSign already requires SSL on communication between the DocuSign API server and the Laserfiche web client.

To enable X.509 validation

  1. Obtain a X.509 certificate from VeriSign or Thawte.
  2. Provide the public key for your certificate to DocuSign (either through the DocuSign website or by directly contacting your DocuSign account manager).
  3. Install the certificate on the Laserfiche web client server's local machine store.
  4. Configure Windows Communication Foundation (WCF)to use X.509 by modifying the Laserfiche web client's web.config file. Browse to C:\Program Files\Laserfiche\Web Access\Web Files and open web.config with a text editor.
  5. Locate the opening tag of the <system.serviceModel> element and create a <behaviors> block within the <system.serviceModel> block. It should look similar to the following:
    <behaviors>
        <endpointBehaviors>
            <behavior name="APIServiceSoapBehavior">
                <clientCredentials>
                    <clientCertificate findValue="AA8258BB6CCE8240DD323248E5D420226786AA78" 
                     x509FindType="FindByThumbprint" storeLocation="LocalMachine" />
                 </clientCredentials>
            </behavior>
        </endpointBehaviors>
    </behaviors>

    Make sure to specify the appropriate value for findValue that matches your X.509 certificate.

  6. Still within the <system.serviceModel> block, locate this element:
    <endpoint name="APIServiceSoap" address="https://www.docusign.net/api/3.0/api.asmx" 
    contract="DocuSignAPI.APIServiceSoap" binding="basicHttpBinding" bindingConfiguration="APIServiceSoap" />

    Add a behaviorConfiguration attribute and set it to the behavior that we defined in step 5. The final output should look like:

    <endpoint name="APIServiceSoap" address="https://www.docusign.net/api/3.0/api.asmx" 
    contract="DocuSignAPI.APIServiceSoap" binding="basicHttpBinding" 
    bindingConfiguration="APIServiceSoap" behaviorConfiguration="APIServiceSoapBehavior" />
  7. Save your changes to the web.config file.

Tip: See http://msdn.microsoft.com/en-us/library/ms731323.aspx and http://www.codeproject.com/Articles/36683/9-simple-steps-to-enable-X-509-certificates-on-WCF for more detailed information on specifying a X.509 certificate for use with WCF.

Associating your DocuSign account with your Laserfiche user account

Each user in the Laserfiche web client who wants to send documents to DocuSign must associate their Laserfiche user account with a DocuSign account. The Laserfiche web client uses this account to retrieve DocuSign templates and address book information.

  1. Sign in to the Laserfiche web client with your account.
  2. Click the Options link under your name in the upper right corner of the site.
  3. In the Options page, view the Advanced tab.
  4. In the DocuSign Account section, type in your DocuSign credentials (as noted in the Configuring WebAccessConfig.xml section, above) and click Validate.

Related Links