Integration review and access to the production environment
What is a Dokobit integration review?
It is an assessment of your integration with Dokobit services before providing access to the production environment. It is done to make sure that your integration meets our best practices and market quality standards. We will look through our logs for any discrepancies in the integration and give best-practice recommendations during the review. This is done to prevent significant issues before going live and ensure a smooth transition to the production environment.
When and where?
The review should be done once you have completed your integration in our sandbox environment. The integration review time is organized after your contract details are finalized and the contract is signed. We schedule a video conference call in which we ask you to demonstrate your integration from the user's perspective.
Once you are ready to have a review, please reach out to us at developers@dokobit.com.
We typically use Google Meet for integration reviews. We highly suggest checking if screen sharing, microphone, and audio work correctly to avoid any issues during the review. This article might help you troubleshoot any potential issues. If you can not use Google Meet for any reason, please let us know in advance to arrange an alternative method for the review.
Integration reviews can be done in English and Lithuanian languages.
How to prepare for the integration review?
To prepare for a successful integration review, we would highly suggest to you:
- Test the implemented workflow yourself (test data can be found here):
- Make sure the end-user can complete implemented tasks (e.g., authenticate, sign the document, add/remove signer, etc.).
- Ensure the flow is logical (e.g., the end-user is correctly redirected after authentication/signing).
- Check if errors are handled correctly for Identity API and Documents API solutions (the error handling guide can be found here).
- Check if localization is being handled correctly when multiple languages are used.
- Timeouts and request frequencies are logical (status checks are performed every few seconds and stop after a timeout, error, or cancellation).
- Check if your integration adheres to the What You See Is What You Sign (WYSIWYS) principle coming from ETSI TS 119 431-2 standard:
- The control code is clearly displayed.
- The end user can cancel the transaction from the front-end.
- The document is available for preview before signing (applies for signing solutions).
- Mobile-ID and Smart-ID services provided by SK ID Solutions in Lithuania, Latvia, and Estonia must follow the guidelines and placement requirements for Mobile-ID and Smart-ID brand elements available at their official webpages respectively: https://www.mobile-id.lt/en/logos-and-branding/ and https://www.smart-id.com/e-service-providers/smart-id-branding/.
Additional features
Please see a list of features and functionality available for different API products that you might find helpful for your use case. Information about implementation can be found in our documentation, code examples and Developer guides.
Universal API
- Internal and External signing flows can be combined. This means that you can add external participants to internal signing.
- An additional authentication step can be enabled for external participants before viewing and signing the document by providing the participant's personal and country code.
- Access to documents for pending participants can be removed by removing the participant from signing or deleting the signing.
- e-Sealing is supported.
- API documents can be made available in the Dokobit Portal for Enterprise plan administrators.
- Qualified validation service (limited liability) is available.
- Branding for the production environment can be set in the API Dashboard after the access token is generated and shared with our contract managers.
Portal API
- An additional authentication step can be enabled for accountless participants before viewing and signing the document by providing the participant's personal and country code. Participants with Dokobit Portal accounts are authenticated when accessing the Portal.
- Access to documents for pending participants can be removed by removing the participant from signing or deleting the signing.
- e-Sealing is supported.
- API documents can be made available in the Dokobit Portal for Enterprise plan administrators.
- Qualified validation service (limited liability) is available.
- Branding for the production environment can be set in the API Dashboard after the access token is generated and shared with our contract managers.
Identity Gateway
- You can host a CSS file that you manage on your end with the desired Identity Gateway UI changes for redirect based integration.
- You can directly customize the logo and primary colour of embedded integration through integration JS, as indicated in the documentation. More UI modifications can be overwritten with CSS using classes in https://id.dokobit.com/assets/style/identity/identity.css.
- User data provided in the API request will be prefilled for Mobile-ID, Smart-ID and Audkenni app.
Documents Gateway
- Documents Gateway stores uploaded files for 30 days. After this period, the document signing with all associated files will be deleted automatically. You should implement a mechanism to re-upload the files and create new signings if the document lifecycle needs to be longer.
- You can host a CSS file that you manage on your end with the desired Documents Gateway UI changes.
- e-Sealing is supported.
- You can validate e-seals and signatures (QES and AdES) using non-qualified validation functionality.
What happens after the review?
After an efficient integration review, we will send the production environment details to the person responsible according to the signed contract. If the integration review is unsuccessful, a second review must be organized once all outlined issues are addressed.
A review can be performed again if configuration or other changes are planned for your integration and you feel that our consultation would be beneficial.