get-the-access-token

In order to invoke the Sign APIs, your application must first get an OAuth access token on behalf of an Adobe Sign user.

 

Using HTTP

Copy and paste the following URL in a browser window and change the values for redirect_uri and client_id:

https://secure.echosign.com/public/oauth?
    redirect_uri=https://myserver.com&
    response_type=code&
    client_id=CBAThIsIsNoTaReAlmPBvPF&
    scope=user_login:self+agreement_send:account

The scope parameter that is provided during the OAuth Authorization Request is a space-delimited set of the scopes (and optionally modifiers) specified duting the OAuth configuration setup.

For example, "agreement_send:account user_login:self" would allow the application to send on behalf of any user in the account and also login on behalf of the user that authorized the request.

Click Allow Access to receive the authorization code

Once you click Allow Access, the page gets redirected to the following URL:

https://myserver.com/?
    code=CBNCKBAThIsIsNoTaReAlcs_sL4K32wCzs4N&
    api_access_point=https://api.echosign.com&
    web_access_point=https://secure.echosign.com

Note the code CBNCKBAThIsIsNoTaReAlcs_sL4K32wCzs4N in the request. This is the authorization code that you will use to get the OAuth access token.

You can send the authorization code along with the Client ID and Client Secret to the Sign Service to get the token. Use the same api_access_point that you got from the previous response.

POST http://api.echosign.com/oauth/token?
    code=CBNCKBAThIsIsNoTaReAlcs_sL4K32wCzs4N&
    client_id=CBAThIsIsNoTaReAlmPBvPF&
    client_secret=319UThIsIsNoTaReAl2-4OxkVo9ycU&
    redirect_uri=https://myserver.com&
    grant_type=authorization_code HTTP/1.1

Content-Type: application/x-www-form-urlencoded

You will get the following JSON body containing the access token and the refresh token:

{
    "access_token": "3AAABLblThIsIsNoTaReAlToKeNPr6Cv8KcZ9p7E93k2Tf",  
    "refresh_token": "3AAABLblThIsIsNoTaReAlToKeNWsLa2ZBVpD0uc*",  
    "token_type": "Bearer",  
    "expires_in": 3600
}

Note the following tokens in the reponse body:

  • Access Token - You need to use this token to access any Adobe Sign API endpoint.
  • Refresh Token - If your access token expires, use the refresh token to request for a new access token. You need to keep your Client ID and Client Secret handy to request for a new access token from a refresh token.

 

Using the Java SDK

You can also obtain the access token for the required scopes using the oAuthApi Java class:

OAuthApi oAuthApi = new OAuthApi();

Now, populate the required scope with the correct type and modifier:

ArrayList myScopes = new ArrayList<>();

//Provide the scope type and modifier
myScopes.add(new Scope("user_write", "account"));

The next step is to get the authorization URL:

//The first argument is the Client ID
AuthorizationInfo authorizationInfo = new AuthorizationInfo("CBAThIsIsNoTaReAlmPBvPF", "https://myserver.com", myScopes, "myState", "code");    
String authorizationUrl = oAuthApi.getAuthorizationUrl(authorizationInfo);

Open the authorization URL in a browser window to allow access. You can either programmatically open a browser and load the authorization URL or use Java FX WebView in your app:

Once you click Allow Access, the page gets redirected to the following URL:

https://myserver.com/?
    code=CBNCKBAThIsIsNoTaReAlcs_sL4K32wCzs4N&
    api_access_point=https://api.echosign.com&
    web_access_point=https://secure.echosign.com

Note the code CBNCKBAThIsIsNoTaReAlcs_sL4K32wCzs4N in the request. This is the authorization code that you will use to get the OAuth access token.

Now that you have the authorization code, you can get the access token:

//Fetch the access token.
//The first 2 arguments are Client ID and Client Secret
//The third argument is the redirect URL
//The fourth argument is the authorization code
//The fifth argument is the grant type
AccessTokenInfo accessTokenInfo = new AccessTokenInfo("CBAThIsIsNoTaReAlmPBvPF", "319UThIsIsNoTaReAl2-4OxkVo9ycU", "https://myserver.com", "CBNCKBAThIsIsNoTaReAlcs_sL4K32wCzs4N", "authorization_code");
AccessTokenResponse accessTokenResponse = oAuthApi.getAccessToken(accessTokenInfo);

//Get the access token
String accessToken = accessTokenResponse.getAccessToken();

//Get the refresh token
String accessToken = accessTokenResponse.getAccessToken();

//Get token expiry period
int tokenExpiryTime = accessTokenResponse.getExpiresIn();

Using the JavaScript SDK for Node.js

If you are using the JavaScript SDK for Node.js, you can obtain the access token for the required scopes using the oAuthApi:

var context = new AdobeSignSdk.Context();        
var oAuthApi = new AdobeSignSdk.OAuthApi(context);        
var oAuthModel = AdobeSignSdk.OAuthModel;                

//Fetch the access token.        
var accessTokenRequest = new oAuthModel.AccessTokenRequest();        
accessTokenRequest.setClientId("CLIENT_ID_HERE");        
accessTokenRequest.setClientSecret("CLIENT_SECRET_HERE");        
accessTokenRequest.setRedirectUri("https://myserver.com");        
accessTokenRequest.setCode("AUTH_CODE_HERE");        
accessTokenRequest.setGrantType("authorization_code");        

oAuthApi.getAccessToken(accessTokenRequest)                
        .then(function (accessTokenResponse) {                    
                console.log(accessTokenResponse.getAccessToken())                
        })                
        .catch(function (apiError) {                    
                console.log(apiError);                
        });