Title Index
Recently Changed
Page Hierarchy
Incomplete
Tags
Kappris Filer allows opening of documents from iManage or NetDocuments, external signing with LegalEsign or DocuSign and saving of the completed PDF back to the system that it came from.
These are the components required (current versions at time of writing):
- KapprisFiler.1.0.0.20309.zip
- KapprisSigningServerDeployment.1.0.2.20293.zip
- KapprisWebViewerAPIDeployment.1.0.0.20309.zip
- KapprisWebViewerUI.1.0.0.20309.zip
- WebViewerIManage10Extension.1.0.0.20309.zip
- WebViewerNetDocsExtension.1.0.0.20309.zip
- KFDocusignDeployment.1.0.0.20309.zip
- KFImanage10Deployment.1.0.0.20309.zip
- KFLegalEsignDeployment.1.0.0.20309.zip
- KFNetDocumentsDeployment.1.0.0.20309.zip
Install the websites and plugins
These can be installed and uninstalled by using SetUpWebSite.ps1 from PowerShell
.\SetUpWebSite.ps1 -install -zipFileName KapprisFiler.1.0.0.20309.zip -commitChanges
To uninstall, use the -uninstall switch instead of -install, and you won't need -commitChanges either.
Each of the KF* zip files contains a KapprisFiler plugin. Once you've installed the main KapprisFiler website you can install each plugin with a command line like this:
.\SetUpWebSite.ps1 -install -zipFileName KFImanage10Deployment.1.0.0.20309.zip
This results in the creation and population of a folder like this:
C:\Program Files (x86)\Kutana\Kappris Filer\Plugins\KFImanage10
KapprisFiler scans the .\Plugins folder and loads whatever plugins it finds. This architecture lets us implement multiple plugins targeting various signing agencies and Document Management Systems, and the customer can cherry pick which of them are required.
As the KapprisFiler website needs external access you will need to add some extra bindings for localhost and a blank to allow connection via the IP address.
Set up external access to the KapprisFiler server
Make the changes in external DNS and route the incoming traffic to the KapprisFiler server - information is here
LegalEsign configuration
- Login to the LegalEsign portal at https://legalesign.com/auth/login/
- Click the down-arrow next to your name in the top right-hand corner of the page and select the API item.
- Note the username guid string from the web page, this will be the ClientID to be used later.
- Note the secret key string from the web page, this will be the ApiKey to be used later.
Now add a new API Callback pointing to the external URL of your KapprisFiler server:
NOTE: The LegalEsign hook NEEDS the port to be included. The DocuSign hook must NOT have the port. See DNS routing here
DocuSign configuration
In a web browser, go to https://developers.docusign.com/
- If there's a burger button in the top left-hand corner then click it and log in. Or if there's a Developer Account button in the top right-hand corner, click that and log in.
- If you don't already have a developer account, create one for yourself. This may involve entering a numeric confirmation security code sent via email by docusign.
- Once you're logged in, click the burger button (or the user image button in the top right) again, and this time select My Apps and Keys
- Note the API Account ID from the web page to be used later.
- Click the ADD APP AND INTEGRATION KEY button and specify a sensible name such as the name of your server.
- Note the Integration Key to be used later..
- Click the Add Secret Key button and note this to be used later. This secret key is only visible at its time of creation - you can't see it again in the portal afterwards but you can create a new one.
Now under Additional Settings, add your Redirect URIs:
https://KF-Server2019.kutana.co.uk:44343/ds/callback
https://KF-Server2019.kutana.co.uk:44361/ds/callback
Generate an RSA key pair:
Save the Public Key text as e.g. KutanaPublicKey.pem and the Private Key text as e.g. KutanaPrivateKey.pem
Save these files in a shared location and add an entry in the KapprisFiler appsettings.json as below:
"PrivateKey": "\\\\busdata\\company\\Docusign\\KapprisTestPrivate.pem",
HMAC Security
This is only triggered if a company is using Connect in DocuSign (optional DocuSign component)
Add setting "ConnectHmacKey" this allows us to get to the file containing the HMAC key used for connect, if not using connect this must be blank or not exist.
If we specify a HMACKey then the signed document must have a HMAC verification header, or if an envelope has a HMAC verification header it must match with our key. If not we ignore the hook payload as its not valid.
KSS now checks for ConnectHmacKey having a value and set up the event packet in the envelope to use HMAC
In the environment, add the below (see instructions and batch file further down the page):
SETX KapprisFiler__DocuSign__ConnectHmacKey "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" /m
To obtain the HMAC key, go to your DocuSign account and choose 'Connect' in the LH menu then 'Connect Keys'
DocuSign Admin
The admin login for DocuSign should be done using the DocuSign Admin Module which the client will need to add to their DocuSign account if they don't already have it.
Setup instructions for this can be found here
iManage10 configuration
First you will need to add the KapprisFiler app to iManage:
In iManage 10 Control Centre go to Settings | Applications and click Add Application:
Create a new application called KapprisFiler with a ClientID and Secret as below:
Note that only the top 2 callbacks are needed in a live environment (we have the other two for testing)
Set the security for an admin user.
NetDocuments configuration
In the NetDocs Partner Portal App Registration choose New Application as below:
Configure as below noting the ClientID and Secret
Add settings into the environment
Using the ClientIDs and Client Secrets that you noted earlier use the SETX command to add them to the environment
KapprisFiler__ConnectionStrings__QueueDatabase=Server=IW-SERVER2019;Database=KapprisFiler;User ID=kapprisfiler;Password=K@ppr1$
KapprisFiler__IManage10__BasePath=https://imanage.kutana.co.uk
KapprisFiler__IManage10__ClientId=6D32EEE4-E80E-42D9-8826-47B7F87402DF
KapprisFiler__IManage10__ClientSecret=6f824cca-9ef0-5f17-432e-25fbe5b44828
KapprisFiler__NetDocuments__AuthorizePath=https://eu.netdocuments.com
KapprisFiler__NetDocuments__BasePath=https://api.eu.netdocuments.com
KapprisFiler__NetDocuments__ClientId=AP-CAYW0PPQ
KapprisFiler__NetDocuments__ClientSecret=2YDMSTbujJu2Ikngm4yDNXdnCfkWO3FEmTdehtKCM2MVdgVg
KapprisShared__DocuSign__AccountId=593fcec7-1480-4e5b-bbaf-32430f2e53ea
KapprisShared__DocuSign__ApiUrl=https://demo.docusign.net/restapi
KapprisShared__DocuSign__AuthorizationHost=account-d.docusign.com
KapprisShared__DocuSign__ClientId=c20b5e8b-1554-4e67-a926-08155106c5b1
KapprisShared__DocuSign__ClientSecret=56141b73-4e78-4913-b42f-d2184d506505
KapprisShared__DocuSign__ConnectHmacKey=5CzBAhdLdTIzolzMwVCy8eSjXSU1Crxn2E4N2b+AVgk=
KapprisShared__DocuSign__FilerHook=https://kapprisfiler.kutana.co.uk/docusignagency/hook
KapprisShared__LegalEsign__ApiKey=4f20df3467499e330b5df5924a7ce1b3c4a8ad2c
KapprisShared__LegalEsign__ClientId=c34e606f-20ae-41ee-9365-358229d9abde
KapprisSigning__InternalSigning__CursiveFont=Brush Script MT
KapprisSigning__InternalSigning__CursiveFontSize=24
KapprisSigning__InternalSigning__DatabaseConnection=Data Source=IW-Server2019;Initial Catalog=KapprisWIS;Integrated Security=SSPI;
KapprisSigning__InternalSigning__DefaultAgency=O3.DocuSign
Edit this batch file KapprisSetEnvironment.bat to add the settings more easily.
Other settings and configuration
On the SQL server we need to create the KapprisFiler database and the SQL login account 'KapprisFiler' with the password shown above under KapprisFiler__ConnectionStrings__QueueDatabase.
The account needs db_owner roles for the KapprisFiler database. The structure of the database is created automatically on first use.
In the KapprisFiler AppSettings.json add:
"DocuSign": {
"PrivateKey": "\\\\busdata\\company\\Docusign\\KapprisTestPrivate.pem",
"RetrievalType": ""
},
"IManage10": {
"DocPattern": "[NAME] ([ID]) Signed [DATE]"
},
"NetDocuments": {
"DocPattern": "[NAME] ([ID]) Signed [DATE]"
},
"EmailConfiguration": {
"SmtpServer": "smtp.office365.com",
"SmtpPort": "587",
"UseSSL": false,
"SmtpUsername": "test@kutana.co.uk",
"SmtpPassword": "kutanaS1gn",
"From": "test@kutana.co.uk",
"AdditionalCc": "",
"AdditionalBcc": "",
"AdditionalTo": "dave.saycell@gmail.com"
},
Options:
- DocuSign RetrievalType
- "" empty string - means retrieve individual files
- "combined" - for one file
- "archive" - for zip (not supported),
- "certificate" - for just certificate
- "portfolio" - for a portfolio pdf
Email configuration is the email account and administrator details for alerts when KapprisFiler has been unable to collect and file the final document.
See explanation of DocPattern here
In the Kappris Signing Server AppSettings.json add:
"KapprisFiler": "https://kf-server2019.kutana.co.uk:44361",
In the Kappris WebViewerAPI AppSettings.json set:
"SigningService": "O3.Legalesign", (OR O3.DocuSign)
"OCRLibFolder": "\\\\kutana.local\\dev\\Download\\KofaxOmnipage\\CSDK22\\bin", (If using OCR)
KapprisFiler home and submissions pages
KapprisFiler homepage e.g. https://kf-server2019.kutana.co.uk:44361/ is where the customer's administrator will login to iManage/NetDocs with the admin account specified when you created the apps earlier.
LegalEsign doesn't require a login and DocuSign login is done via DocuSign Admin mentioned earlier
You can view submissions to KapprisFiler at e.g. https://kf-server2019.kutana.co.uk:44361/submissions
The Status should change from Pending - Signed - Retrieved - Filed as the document goes through the various signing stages.
Clicking on 'Details' allows you to see further information and change the status for resubmission or testing.
Testing external route to KapprisFiler
External test to confirm connection to KapprisFiler (see prerequisites here):
Browse to HTTPS://kapprisfiler.kutana.co.uk:44361/legalesignagency and you should see the number of hooks that are set:
Link to original instructions here