Authentication Tokens

  • Updated on May 11, 2026
  • Published on Oct 10, 2024
  • 7 minute(s) read
Prev Next

Java SDK

To download the full code sample see our Code Share site.

An authentication token is used to obtain a valid session for a particular user of the system. This topic introduces the following types of authentication tokens:

  • userAuthToken

  • senderAuthToken

  • signerAuthToken

  • singleUseSignerAuthToken.

With the exception of signerAuthToken these tokens are all single-use. The default expiry time for all these tokens is 30 minutes.

An optional Sender Authentication Token feature is also available. Previously, when you requested a sender authentication token, you needed to specify a transaction ID. The sender authentication token that was then generated could have been used to access that specific transaction or any other transaction available to the sender. Using a Sender Authentication token you can also restrict the access rights of the sender to just the transaction used to generate it. To enable this feature, contact our Support Team.

The Code

User Authentication Tokens

A user authentication token is a token that can be used to obtain a session for a user with complete access to the account. The following code will create a user authentication token:

 // Generate a user authentication token using the eSignLive client
String userAuthToken = eslClient
    .getAuthenticationTokensService()  // Access the authentication tokens service
    .createUserAuthenticationToken();  // Create a new user authentication token

Using the user authentication token, you can access your OneSpan Sign account by building the following URL:

https://sandbox.esignlive.com/auth?authenticationToken={userToken}&target=https://sandbox.esignlive.com/a/dashboard

Sender Authentication Tokens

A sender authentication token is token that can be used to obtain a session for a sender with access only to a specific package.The following code will create a sender authentication token:

// Generate a sender authentication token using the eSignLive client
String senderAuthToken = eslClient
    .getAuthenticationTokensService()  // Access the authentication tokens service
    .createsenderAuthenticationToken(packageId);  // Create a new sender authentication token for the specified package

Using the sender authentication token, you can access the package by building the following URL:

https://sandbox.esignlive.com/auth?senderAuthenticationToken={senderToken}&target=https://sandbox.esignlive.com/a/transaction/{packageId}/designer

Signer Authentication Tokens

A signer authentication token is a token that can be used to obtain a session for a signer with access to the Signer Experience.The following code will create a signer authentication token:

// Generate a signer authentication token using the eSignLive client
String signerAuthToken = eslClient
    .getAuthenticationTokensService()  // Access the authentication tokens service
    .createSignerAuthenticationToken(packageId, signerId);  // Create a new signer authentication token for the specified package and signer

The signer token above can be used multiple times.You can also create a signer token with a single use:

// Generate a single-use authentication token for a signer
String singleUseToken = eslClient
    // Access the authentication tokens service from the client
    .getAuthenticationTokensService()
    // Create a single-use authentication token for the specified signer in the given package
    .createSignerAuthenticationTokenForSingleUse(packageId, signerId, signerSessionFields);

Using the signer authentication token, you can obtain a signing session by building the following URL:

https://sandbox.esignlive.com/access?sessionToken={signerAuthToken}

.NET SDK

To download the full code sample see our Code Share site.

An authentication token is used to obtain a valid session for a particular user of the system. This topic introduces the following types of authentication tokens:

  • userAuthToken

  • senderAuthToken

  • signerAuthToken

  • singleUseSignerAuthToken.

With the exception of signerAuthToken these tokens are all single-use. The default expiry time for all these tokens is 30 minutes.

An optional Sender Authentication Token feature is also available. Previously, when you requested a sender authentication token, you needed to specify a transaction ID. The sender authentication token that was then generated could have been used to access that specific transaction or any other transaction available to the sender. Using a Sender Authentication token you can also restrict the access rights of the sender to just the transaction used to generate it. To enable this feature, contact our Support Team.

The Code

User Authentication Tokens

A user authentication token is a token that can be used to obtain a session for a user with complete access to the account. The following code will create a user authentication token:

string userAuthToken = eslClient
    .AuthenticationTokenService
    .CreateUserAuthenticationToken();

Using the user authentication token, you can access your OneSpan Sign account by building the following URL:

https://sandbox.esignlive.com/auth?authenticationToken={userToken}&target=https://sandbox.esignlive.com/a/dashboard

Sender Authentication Tokens

A sender authentication token is a token that can be used to obtain a session for a sender with access only to a specific package. The following code will create a sender authentication token:

 string senderAuthToken = eslClient
    .AuthenticationTokenService
    .CreateSenderAuthenticationToken(new PackageId(packageId));

Using the sender authentication token, you can access the transaction by building the following URL:

https://sandbox.esignlive.com/auth?senderAuthenticationToken={senderToken}&target=https://sandbox.esignlive.com/a/transaction/{packageId}/designer

Signer Authentication Tokens

A signer authentication token is a token that can be used to obtain a session for a signer with access to the Signer Experience.The following code will create a signer authentication token:

string signerAuthToken = eslClient
    .AuthenticationTokenService
    .CreateSignerAuthenticationToken(new PackageId(packageId), signerId);

The signer token above can be used multiple times.You can also create a signer token with a single use:

string singleUseToken = eslClient
    .AuthenticationTokensService
    .CreateSignerAuthenticationTokenForSingleUse(packageId, signerId, signerSessionFields);

Using the signer authentication token, you can obtain a signing session by building the following URL:

https://sandbox.esignlive.com/access?sessionToken={signerAuthToken}

REST API

To download the full code sample see our Code Share site.

An authentication token is used to obtain a valid session for a particular user of the system. This topic introduces the following types of authentication tokens:

  • userAuthToken

  • senderAuthToken

  • signerAuthToken

  • singleUseSignerAuthToken.

With the exception of signerAuthToken these tokens are all single-use. The default expiry time for all these tokens is 30 minutes.

An optional Sender Authentication Token feature is also available. Previously, when you requested a sender authentication token, you needed to specify a transaction ID. The sender authentication token that was then generated could have been used to access that specific transaction or any other transaction available to the sender. Using a Sender Authentication token you can also restrict the access rights of the sender to just the transaction used to generate it. To enable this feature, contact our Support Team.

The Code

User Authentication Tokens

A user authentication token is a token that can be used to obtain a session for a user with complete access to the account. The following code will create a user authentication token:

HTTP Request

POST /api/authenticationTokens/user

HTTP Headers

Accept: application/json   
Authorization: Basic api_key

For a complete description of each field, see the Request Payload table below.

Response Payload

{
    "value": "MjY0MjQ4MzgtMTJlOS00MzhjLTgzODMtMzJmMGNiZTg3ODBl"
}

Using the user authentication token, you can access your OneSpan Sign account by building the following URL:

https://sandbox.esignlive.com/auth?authenticationToken={userToken}&target=https://sandbox.esignlive.com/a/dashboard

Sender Authentication Tokens

A sender authentication token is a token that can be used to obtain a session for a sender with access only to a specific package. The following code will create a sender authentication token:

HTTP Request

POST /api/authenticationTokens/sender

HTTP Headers

Accept: application/json   
Content-Type: application/json   
Authorization: Basic api_key

Request Payload

{
    "packageId": "5vjLRY5MWrDJ6MzRAEyCKOy5IH0="
}

Response Payload

{
     "packageId": "5vjLRY5MWrDJ6MzRAEyCKOy5IH0=""value": "MjY0MjQ4MzgtMTJlOS00MzhjLTgzODMtMzJmMGNiZTg3ODBl"
}

Using the sender authentication token, you can access the transaction by building the following URL:

https://sandbox.esignlive.com/auth?senderAuthenticationToken={senderToken}&target=https://sandbox.esignlive.com/a/transaction/{packageId}/designer

Signer Authentication Tokens

A signer authentication token is a token that can be used to obtain a session for a signer with access to the Signer Experience. The following code will create a signer authentication token:

HTTP Request

POST /api/authenticationTokens/signer/multiUse

HTTP Headers

Accept: application/json   
Content-Type: application/json   
Authorization: Basic api_key

Request Payload

{
    "packageId": "5vjLRY5MWrDJ6MzRAEyCKOy5IH0=","signerId": "8b734331-bc5b-4843-9784-d4ece4b7dc22"
}

Response Payload

{
    "packageId": "5vjLRY5MWrDJ6MzRAEyCKOy5IH0=","signerId": "8b734331-bc5b-4843-9784-d4ece4b7dc22",
    "value": "ZDNmMDNiNGUtNGYxOC00YWZiLTkwMmUtNWE5YmIwZTRjZDg1"
}

The signer token above can be used multiple times. You can also create a signer token with a single use:

HTTP Request

POST /api/authenticationTokens/signer/singleUse

HTTP Headers

Accept: application/json   
Content-Type: application/json   
Authorization: Basic api_key

Request Payload

 {   "packageId":"s-wy6PFASBlAKfnLJjcbzoaMyTg=","signerId":"cd9lbzvjgblygdncdz3x@esignlive.com"   }

Response Payload

{
    "packageId": "s-wy6PFASBlAKfnLJjcbzoaMyTg=","signerId": "cd9lbzvjgblygdncdz3x@esignlive.com"
}

Using the signer authentication token, you can obtain a signing session by building the following URL:

https://sandbox.esignlive.com/access?sessionToken={signerAuthToken}

Request Payload Table

Property

Type

Editable

Required

Default

Sample Values

packageID

string

No

No

n/a

5vjLRY5MWrDJ6MzRAEyCKOy5IH0=

signerId

string

Yes

No

n/a

8b734331-bc5b-4843-9784-d4ece4b7dc22

value

string

No

No

n/a

ZDNmMDNiNGUtNGYxOC00YWZiLTkwMmUtNWE5YmIwZTRjZDg1

APEX SDK

To download the full code sample see our Code Share site.

An authentication token is used to obtain a valid session for a particular user of the system. This topic introduces the following types of authentication tokens:

  • userAuthToken

  • senderAuthToken

  • signerAuthToken

  • singleUseSignerAuthToken.

With the exception of signerAuthToken these tokens are all single-use. The default expiry time for all these tokens is 30 minutes.

An optional Sender Authentication Token feature is also available. Previously, when you requested a sender authentication token, you needed to specify a transaction ID. The sender authentication token that was then generated could have been used to access that specific transaction or any other transaction available to the sender. Using a Sender Authentication token you can also restrict the access rights of the sender to just the transaction used to generate it. To enable this feature, contact our Support Team.

The Code

User Authentication Tokens

A user authentication token is a token that can be used to obtain a session for a user with complete access to the account. The following code will create a user authentication token:

 public String createUserAuthenticationToken() {
    // Your implementation here
}

Using the user authentication token, you can access your OneSpan Sign account by building the following URL:

https://sandbox.esignlive.com/auth?authenticationToken={userToken}&target=https://sandbox.esignlive.com/a/dashboard

Sender Authentication Tokens

A sender authentication token is token that can be used to obtain a session for a sender with access only to a specific package. The following code will create a sender authentication token:

public String createsenderAuthenticationToken(String packageId) {
    // Your implementation here
}

Using the sender authentication token, you can access the transaction by building the following URL:

https://sandbox.esignlive.com/auth?senderAuthenticationToken={senderToken}&target=https://sandbox.esignlive.com/a/transaction/{packageId}/designer

Signer Authentication Tokens

A signer authentication token is a token that can be used to obtain a session for a signer with access to the Signer Experience. The following code will create a signer authentication token:

 public String createSignerAuthenticationTokenForMultiUse(String packageId, String signerId)

The signer token above can be used multiple times. You can also create a signer token with a single use:

public String createSignerAuthenticationTokenForMultiUse(String packageId, String signerId) {
    // Your implementation here
}

Signer ID in this function can also be replaced by Signer Email.Using the signer authentication token, you can obtain a signing session by building the following URL:

https://sandbox.esignlive.com/access?sessionToken={signerAuthToken}