- 06 May 2025
- 6 Minutes to read
- Print
- DarkLight
- PDF
Authentication Tokens
- Updated on 06 May 2025
- 6 Minutes to read
- Print
- DarkLight
- PDF
The content discusses various types of authentication tokens used to obtain valid sessions for users in a system. The main types include userAuthToken, senderAuthToken, signerAuthToken, and singleUseSignerAuthToken, with the exception of signerAuthToken, all being single-use. Each token has a default expiry time of 30 minutes. User authentication tokens provide complete account access, while sender tokens grant access to specific packages. Signer tokens can be used multiple times or as single-use tokens. The document provides code examples for creating these tokens and accessing the OneSpan Sign account or specific transactions through constructed URLs. Additionally, it mentions the use of HTTP requests for generating these tokens in different SDKs, including Java, .NET, REST API, and APEX SDKs, emphasizing the importance of authentication in managing user sessions securely.
Java SDK .NET SDK REST API APEX SDK
Java SDK
To download the full code sample see our Code Share site.
An authentication token is used to obtain a valid session for a particular user of the system. This topic introduces the following types of authentication tokens:
userAuthToken
senderAuthToken
signerAuthToken
singleUseSignerAuthToken.
With the exception of signerAuthToken these tokens are all single-use. The default expiry time for all these tokens is 30 minutes.
The Code
User Authentication Tokens
A user authentication token is a token that can be used to obtain a session for a user with complete access to the account. The following code will create a user authentication token:
// Generate a user authentication token using the eSignLive client
String userAuthToken = eslClient
.getAuthenticationTokensService() // Access the authentication tokens service
.createUserAuthenticationToken(); // Create a new user authentication token
Using the user authentication token, you can access your OneSpan Sign account by building the following URL:
https://sandbox.esignlive.com/auth?authenticationToken={userToken}&target=https://sandbox.esignlive.com/a/dashboard
Sender Authentication Tokens
A sender authentication token is token that can be used to obtain a session for a sender with access only to a specific package.The following code will create a sender authentication token:
// Generate a sender authentication token using the eSignLive client
String senderAuthToken = eslClient
.getAuthenticationTokensService() // Access the authentication tokens service
.createsenderAuthenticationToken(packageId); // Create a new sender authentication token for the specified package
Using the sender authentication token, you can access the package by building the following URL:
https://sandbox.esignlive.com/auth?senderAuthenticationToken={senderToken}&target=https://sandbox.esignlive.com/a/transaction/{packageId}
Signer Authentication Tokens
A signer authentication token is a token that can be used to obtain a session for a signer with access to the Signer Experience.The following code will create a signer authentication token:
// Generate a signer authentication token using the eSignLive client
String signerAuthToken = eslClient
.getAuthenticationTokensService() // Access the authentication tokens service
.createSignerAuthenticationToken(packageId, signerId); // Create a new signer authentication token for the specified package and signer
The signer token above can be used multiple times.You can also create a signer token with a single use:
// Generate a single-use authentication token for a signer
String singleUseToken = eslClient
// Access the authentication tokens service from the client
.getAuthenticationTokensService()
// Create a single-use authentication token for the specified signer in the given package
.createSignerAuthenticationTokenForSingleUse(packageId, signerId, signerSessionFields);
Using the signer authentication token, you can obtain a signing session by building the following URL:
https://sandbox.esignlive.com/access?sessionToken={signerAuthToken}
.NET SDK
To download the full code sample see our Code Share site.
An authentication token is used to obtain a valid session for a particular user of the system. This topic introduces the following types of authentication tokens:
userAuthToken
senderAuthToken
signerAuthToken
singleUseSignerAuthToken.
With the exception of signerAuthToken these tokens are all single-use. The default expiry time for all these tokens is 30 minutes.
The Code
User Authentication Tokens
A user authentication token is a token that can be used to obtain a session for a user with complete access to the account. The following code will create a user authentication token:
string userAuthToken = eslClient
.AuthenticationTokenService
.CreateUserAuthenticationToken();
Using the user authentication token, you can access your OneSpan Sign account by building the following URL:
https://sandbox.esignlive.com/auth?authenticationToken={userToken}&target=https://sandbox.esignlive.com/a/dashboard
Sender Authentication Tokens
A sender authentication token is a token that can be used to obtain a session for a sender with access only to a specific package. The following code will create a sender authentication token:
string senderAuthToken = eslClient
.AuthenticationTokenService
.CreateSenderAuthenticationToken(new PackageId(packageId));
Using the sender authentication token, you can access the transaction by building the following URL:
https://sandbox.esignlive.com/auth?senderAuthenticationToken={senderToken}&target=https://sandbox.esignlive.com/a/transaction/{packageId}
Signer Authentication Tokens
A signer authentication token is a token that can be used to obtain a session for a signer with access to the Signer Experience.The following code will create a signer authentication token:
string signerAuthToken = eslClient
.AuthenticationTokenService
.CreateSignerAuthenticationToken(new PackageId(packageId), signerId);
The signer token above can be used multiple times.You can also create a signer token with a single use:
string singleUseToken = eslClient
.AuthenticationTokensService
.CreateSignerAuthenticationTokenForSingleUse(packageId, signerId, signerSessionFields);
Using the signer authentication token, you can obtain a signing session by building the following URL:
https://sandbox.esignlive.com/access?sessionToken={signerAuthToken}
REST API
To download the full code sample see our Code Share site.
An authentication token is used to obtain a valid session for a particular user of the system. This topic introduces the following types of authentication tokens:
userAuthToken
senderAuthToken
signerAuthToken
singleUseSignerAuthToken.
With the exception of signerAuthToken these tokens are all single-use. The default expiry time for all these tokens is 30 minutes.
The Code
User Authentication Tokens
A user authentication token is a token that can be used to obtain a session for a user with complete access to the account. The following code will create a user authentication token:
HTTP Request
POST /api/authenticationTokens/user
HTTP Headers
Accept: application/json
Authorization: Basic api_key
For a complete description of each field, see the Request Payload table below.
Response Payload
{
"value": "MjY0MjQ4MzgtMTJlOS00MzhjLTgzODMtMzJmMGNiZTg3ODBl"
}
Using the user authentication token, you can access your OneSpan Sign account by building the following URL:
https://sandbox.esignlive.com/auth?authenticationToken={userToken}&target=https://sandbox.esignlive.com/a/dashboard
Sender Authentication Tokens
A sender authentication token is a token that can be used to obtain a session for a sender with access only to a specific package. The following code will create a sender authentication token:
HTTP Request
POST /api/authenticationTokens/sender
HTTP Headers
Accept: application/json
Content-Type: application/json
Authorization: Basic api_key
Request Payload
{
"packageId": "5vjLRY5MWrDJ6MzRAEyCKOy5IH0="
}
Response Payload
{
"value": "MjY0MjQ4MzgtMTJlOS00MzhjLTgzODMtMzJmMGNiZTg3ODBl"
}
Using the sender authentication token, you can access the transaction by building the following URL:
https://sandbox.esignlive.com/auth?senderAuthenticationToken={senderToken}&target=https://sandbox.esignlive.com/a/transaction/{packageId}
Signer Authentication Tokens
A signer authentication token is a token that can be used to obtain a session for a signer with access to the Signer Experience. The following code will create a signer authentication token:
HTTP Request
POST /api/authenticationTokens/signer/multiUse
HTTP Headers
Accept: application/json
Content-Type: application/json
Authorization: Basic api_key
Request Payload
{
"packageId": "5vjLRY5MWrDJ6MzRAEyCKOy5IH0=","signerId": "8b734331-bc5b-4843-9784-d4ece4b7dc22"
}
Response Payload
{
"packageId": "5vjLRY5MWrDJ6MzRAEyCKOy5IH0=","signerId": "8b734331-bc5b-4843-9784-d4ece4b7dc22",
"value": "ZDNmMDNiNGUtNGYxOC00YWZiLTkwMmUtNWE5YmIwZTRjZDg1"
}
The signer token above can be used multiple times. You can also create a signer token with a single use:
HTTP Request
POST /api/authenticationTokens/signer/singleUse
HTTP Headers
Accept: application/json
Content-Type: application/json
Authorization: Basic api_key
Request Payload
{ "packageId":"s-wy6PFASBlAKfnLJjcbzoaMyTg=","signerId":"cd9lbzvjgblygdncdz3x@esignlive.com" }
Response Payload
{
"packageId": "s-wy6PFASBlAKfnLJjcbzoaMyTg=","signerId": "cd9lbzvjgblygdncdz3x@esignlive.com"
}
Using the signer authentication token, you can obtain a signing session by building the following URL:
https://sandbox.esignlive.com/access?sessionToken={signerAuthToken}
Request Payload Table
Property | Type | Editable | Required | Default | Sample Values |
---|---|---|---|---|---|
packageID | string | No | No | n/a | 5vjLRY5MWrDJ6MzRAEyCKOy5IH0= |
signerId | string | Yes | No | n/a | 8b734331-bc5b-4843-9784-d4ece4b7dc22 |
value | string | No | No | n/a | ZDNmMDNiNGUtNGYxOC00YWZiLTkwMmUtNWE5YmIwZTRjZDg1 |
APEX SDK
To download the full code sample see our Code Share site.
An authentication token is used to obtain a valid session for a particular user of the system. This topic introduces the following types of authentication tokens:
userAuthToken
senderAuthToken
signerAuthToken
singleUseSignerAuthToken.
With the exception of signerAuthToken these tokens are all single-use. The default expiry time for all these tokens is 30 minutes.
The Code
User Authentication Tokens
A user authentication token is a token that can be used to obtain a session for a user with complete access to the account. The following code will create a user authentication token:
public String createUserAuthenticationToken() {
// Your implementation here
}
Using the user authentication token, you can access your OneSpan Sign account by building the following URL:
https://sandbox.esignlive.com/auth?authenticationToken={userToken}&target=https://sandbox.esignlive.com/a/dashboard
Sender Authentication Tokens
A sender authentication token is token that can be used to obtain a session for a sender with access only to a specific package. The following code will create a sender authentication token:
public String createsenderAuthenticationToken(String packageId) {
// Your implementation here
}
Using the sender authentication token, you can access the transaction by building the following URL:
https://sandbox.esignlive.com/auth?senderAuthenticationToken={senderToken}&target=https://sandbox.esignlive.com/a/transaction/{packageId}
Signer Authentication Tokens
A signer authentication token is a token that can be used to obtain a session for a signer with access to the Signer Experience. The following code will create a signer authentication token:
public String createSignerAuthenticationTokenForMultiUse(String packageId, String signerId)
The signer token above can be used multiple times. You can also create a signer token with a single use:
public String createSignerAuthenticationTokenForMultiUse(String packageId, String signerId) {
// Your implementation here
}
Signer ID in this function can also be replaced by Signer Email.Using the signer authentication token, you can obtain a signing session by building the following URL:
https://sandbox.esignlive.com/access?sessionToken={signerAuthToken}