1 Reply Latest reply on May 15, 2015 3:54 AM by SimonATS

    Client Application Authorization via REST API v3




      I am researching options to to connect our application to our own EchoSign account via REST API v3. I am running into issue with user interaction required to obtain initial Authorization Code. In our case, there is no human user to perform the action - the application users do not interact with EchoSign directly, the idea is to use our own account to providing agreement signing capability. The noted OAuth specification (RFC 6749) addresses this case in section 1.3.3 Resource Owner Password Credentials.However, EchoSign REST API 3.0 documentation says that the only supported type of the Access Token request is authorization code.


      Does REST API 3.0 support RFC 6749 section 1.3.3?


      Does REST API 3.0 in any way support API / integration key authentication?


      Arguably we can establish initial Access Token manually and let the application to use provided Refresh Token as needed to obtain fresh Access Token. However, other posts in the forum indicate the open issue with Refresh Tokens actually expiring. So this doesn't seem to be an option at the moment either.


      Is there an estimate when the token issue will be resolved?


      Thanks in advance