Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Stringency of DocuSign Certification

Tags:

docusignapi

From the DocuSign "API Requirements Information":

[Y]our API certification review involves verifying that you do not exceed 1 status request per unique envelope per 15 minutes for polling compliance for the following methods: ...

REST API: GET /accounts/{accountId}/envelopes

How stringent are these requirements? If 99% of my users will only make 1 status request, but a few (who sign up around midnight) will make 2 requests in close proximity to each other, will my API access be revoked? How risky is this?

like image 734
Simon Lepkin Avatar asked Nov 01 '22 01:11

Simon Lepkin


1 Answers

The guidelines mean that you should not allow end users to continously click through to docusign to fetch latest status.

As Jeff says in the comments, you should use the Connect api, or per-envelope callback, or cache the status responses, making an actual request to docusign no more than once every 15 minutes per envelope.

Maximum polling frequency and status architecture is one of the key issues that the certification process seeks to investigate.

You could also disable your "status" button for 15 minutes after a request. But that wouldn't be a good ux. Better to effectively disable it via a 15 minute cache. - - like the close button on elevators.

Added

The per-envelope callback parameter is eventNotification.

like image 80
Larry K Avatar answered Jan 04 '23 14:01

Larry K