Technical FAQs

When you’re looking to integrate a toolkit into your application, your first priority is assessing the capabilities. Once you’ve found the right fit, you need to make sure that the pricing matches your budget and makes sense for your needs.

Historically, Accusoft has offered a variety of different licensing options for our clients. Products were always licensed by core or number of installs, depending on which runtime fits best. 

These practices have been great for our clients so far, but we realized a missing piece that could help bridge the gap for new clients with smaller projects that dynamically scale based on workload.

Introducing a New Way to License

Barcode Xpress is the first product on the Accusoft line to offer metered licensing based on transaction. Metered licensing helps a variety of different clients scale up or down, when they need to. While our traditional licensing plan is great for projects with defined scope, smaller projects that have potential to grow need more flexible pricing options.

“The main reason we wanted to introduce metered licensing is to address SDKs used in scalable environments,” says Mark Hansen, Product Manager of SDKs. “Clients can use metered licensing to spin up their projects based on the traffic they’re getting, without the need to obtain additional licenses. While many companies opt for an ongoing usage, this new model allows for estimating a specific amount of use, so they only pay for what they need.”

The Benefit of Metered Licensing

Why would a company choose to specify the usage from the start? Metered licensing is great for short-term projects with a limited lifespan, as clients only pay for what they use. It’s also great for clients who don’t know the scale of their project and need to be cautious with how much they spend. 

Metered licensing is based on a pay-per-transaction model. A transaction is defined by the page. For example, if Barcode Xpress reads 30 pages with five barcodes on each page, the transaction total is 30 instead of 150.

This transaction-based model makes for a very low cost of entry, and a no-stress agreement. With this value in mind, clients don’t have to worry about how much they will use the integration after a specific project is complete. In addition, if the project grows, metered licensing allows the client to scale up.

Reliability of Metered Licensing

Accusoft understands that our customers are building mission-critical apps with our SDKs and has carefully architected the system to be extremely reliable. Our server-side authorization and reporting system runs in Amazon AWS and is split into online and offline parts. 

The online portion is built on AWS CloudFront and S3, two of the most reliable systems available on the Internet. All of Accusoft’s backend code is in the offline portion of the system and an outage in that portion of the system will have no effect whatsoever on our customers, even if it were down for several days. Nevertheless, we have 24/7 alerting in place so we will be notified soon after an outage occurs and will quickly get it back up.

Metered licensing is now available for Barcode Xpress 13.1 and following versions.

Adding viewing and document conversion capabilities to an application can be a daunting task, especially when a development team is facing resource constraints and a tight schedule. That’s why many developers turn to API-based viewing integrations like Accusoft PrizmDoc Viewer instead of building those features from the ground up. By leveraging the versatile power of HTML5 viewing, they can quickly expand software capabilities without having to rethink the basic framework of their products.

What’s Under the Hood of PrizmDoc Viewer?

To understand how PrizmDoc Viewer goes about rendering documents in a web application, it’s helpful to take a closer look at its underlying architecture. There are two primary components that work in concert with the application’s web server: the HTML5 viewer and the backend.

The HTML5 viewer is integrated to run in the browser, typically via a web page or portal that serves as the front-facing aspect of the application. This is where document content is rendered as SVG elements. Since the viewer uses HTML5 to display content, it isn’t dependent upon any specific word processing software or imaging program.

Most of the heavy lifting is handled by the PrizmDoc Viewer backend, which consists of the PrizmDoc Server and PrizmDoc Application Services (PAS). PrizmDoc Server is the core computing component. It performs the actual conversion process to convert document pages to SVG, but it doesn’t have any permanent storage. Converted content and annotation markups are instead stored in PAS. The PAS component primarily handles long-term storage and hands files off to the server for conversion or processing. 

Critically, PAS also has privileged access to other storage locations used by the application, such as file systems or databases. This allows it to easily retrieve source documents and hand off tasks to the server.

The Role of the Web Application

The web application server sits between the HTML5 viewer component and the backend component. It functions as a reverse proxy that relays requests between the two, passing content requests from the viewer to the backend and then delivering converted SVG content from the backend to the viewer.

PrizmDoc Viewer doesn’t actually work with the source documents in the application’s storage. They remain safely unaltered while the backend generates a converted version for viewing and annotation. The web application typically only makes REST API calls to PAS. Background conversion that doesn’t involve the viewer, however, can be performed by making a direct call to PrizmDoc Server.

Making the HTML5 Magic Happen: Viewing a Document

When the web application has to open a stored document for viewing, each component of PrizmDoc Viewer plays a special role in the process. Everything begins with the web application sending a request to PAS to create a new viewing session. How this session is created depends upon how the backend is deployed. In most cases, it will be self-hosted as part of an on-premises deployment or through PrizmDoc Cloud services.

Once that session is created, PAS generates a new viewing session ID and passes it back to the application. All of this happens before any conversion or viewing begins, but the application can begin rendering to the HTML5 viewer by configuring it to use the viewing session ID. This brings up the viewing UI immediately, which will ultimately save time as the document is prepared.

The web application then uploads a copy of the source document to PAS, which can be in any number of formats supported by PrizmDoc Viewer. As soon as PAS receives the document, it begins handing off pages to PrizmDoc Server for conversion to SVG. Since pages are converted one at a time, PrizmDoc Viewer is able to open and view documents in the browser before the entire file is converted. That means less time is spent waiting around for large documents to be prepared for viewing.

As soon as the HTML5 viewer loads in the browser, it begins proxying requests to PAS through the web application for the first pages of content. Once the converted SVG content is available, PAS hands it back to the web application, which then passes it along to the HTML5 viewer, which displays that content in the browser. Additional pages are delivered as they’re ready, and the viewer may make subsequent requests as the user continues to interact with the document.

While the viewing process involves several steps, it is typically performed so quickly that the end user doesn’t experience any significant delays. Larger documents may take more time to render as SVG content, but even in these cases, PrizmDoc Server’s ability to render and deliver each page to the HTML5 viewer as it becomes available allows users to begin viewing documents within their browser right away.

Enhance Application Viewing Performance with PrizmDoc Viewer

As an API-based HTML5 viewing solution, PrizmDoc Viewer can be integrated into most web-based applications to support a broad range of file formats. Developers can use its annotation, redaction, document comparison, and conversion capabilities to deliver a full range of document management tools within their software platforms rather than having to build them from scratch.

To see how PrizmDoc Viewer will function in your application environment, sign up for a free evaluation trial. We provide ready-to-run Docker images in addition to installers for Windows and Linux. 

Technology trends are moving quickly in the legal industry as firms scramble to adapt to a shifting business landscape. Although many firms and organizations were already taking steps to break away from old fashioned processes and embrace the potential of LegalTech solutions, the COVID-19 pandemic has accelerated change initiatives and forced legal professionals to reassess their foundational business models. To get a better sense of the technology impact on law firms, developers would be wise to review recent tech surveys of the industry that assess how LegalTech software is being utilized.

LegalTech Technology Survey: A Closer Look 

According to a 2020 technology survey conducted by Bloomberg Law, legal firms are seeing tremendous benefits from the implementation of LegalTech tools. Four out of five firms and 73 percent of corporate legal departments have seen an increase in work volume, with both reporting that technology has also improved the quality of their work. On balance, high-value tasks are getting more attention, with 56 percent of respondents indicating that they spend at least somewhat more time on higher-level tasks. Low-value task loads have been reduced by an even larger rate, with 73% of respondents spending at least somewhat less time on less skilled, lower-level tasks.

Critically, these improvements seem to have come without also introducing a new set of challenges. One of the frequently cited concerns about implementing new LegalTech solutions is that it will create workflow disruptions or cause other difficulties with legal processes. In reality, such critiques appear to be largely unwarranted. Bloomberg Law’s 2020 tech survey found that large majorities of respondents did not believe LegalTech added to the number (78 percent) or difficulty (86 percent) of workflow impediments.

LegalTech Automation Needs

Despite the positive technology impact on firms, there are still many tasks being done manually that could be automated with software tools. In 2020, Accusoft conducted a technology survey of legal professionals about how they’re managing productivity and utilizing LegalTech applications. We discovered that while 54 percent of respondents were utilizing digital solutions to view and collaborate on documents, automation tools had yet to eradicate time-consuming manual tasks.

The Technology Impact on Law Firms in Business Terms

Failing to implement effective LegalTech tools, then, could very well be costing many firms business. Longstanding legal business models that focus on profit per partner (PEP) metrics and emphasize short-term priorities are already giving way to technology-driven models that deliver faster, more efficient services at more competitive price points for customers. While boutique “big law” firms may continue to resist automation trends due to the specialized and strategic nature of their business, smaller firms and legal departments will need to reorient their operations to deliver the routine, day-to-day services that most customers are seeking. 

Perhaps unsurprisingly, the COVID-19 pandemic has made many legal organizations more open to adopting technology solutions. Bloomberg Law’s report found that prior to 2020, only 40 percent of legal leaders described themselves as being “very open” to implementing new tech. Following the pandemic, that number has increased to 54 percent, perhaps acknowledging a new reality for the legal industry as existing business models are reconsidered.

Building the Future of LegalTech

LegalTech developers face several challenges as they work on designing the next generation of technology solutions for the industry. The first question almost always comes down to whether it makes sense to build application features from scratch or to buy and integrate proven solutions. Many legal organizations are looking for powerful software tools that incorporate the latest in process automation technology, which often demands substantial development resources to build and implement. For many software developers, it can be difficult to get products to market quickly without cutting some corners here and there in terms of features when they have to build everything from the ground up.

By incorporating ready-made functionality in the form of specialized integrations, developers can dedicate more of their resources to the innovative technology that powers their LegalTech solution. From HTML5 viewing that makes it easy to securely view a variety of file types to collaboration tools that allow for markup and redaction, software integrations can rapidly expand the capabilities of an application to make it more attractive to legal organizations.

Accusoft’s PrizmDoc Viewer allows developers to integrate versatile viewing and conversion functionality into their LegalTech solutions. It also features powerful annotation and redaction tools that can significantly streamline the eDiscovery process. Learn more about these and other solutions in our LegalTech Fact Sheet.

Few file formats are as widely recognized and used as PDF. In fact, PDFs have become so commonplace that it’s hard to imagine a time when they didn’t exist. Most users don’t even give them much thought, knowing that all they need to do is click on the file and trust that their PDF file viewer will be able to open and render it accurately. But things weren’t always quite so simple before PDF viewers.

Origins of PDF

It’s easy to take document viewing and printing for granted today, but to understand the development of the PDF format, it’s important to look back at the document challenges facing organizations in the early 1990s. Businesses, government agencies, and universities were already using local area networks to share digital documents, but there was no guarantee that a document would display the same way on every machine. In addition to multiple competing word processor formats (such as Microsoft Word and Corel WordPerfect), there was no reliable way of viewing files containing images or other layout elements across different software and operating systems.

Around that time, Adobe co-founder John Warnock became focused on the idea of creating a standardized document format that would work across all operating systems and effectively function like digital paper. The primary goal was to ensure that the document contents would look the same no matter where they were viewed. That meant solving complex challenges like replacing unsupported fonts without distorting the document’s layout and distilling graphic parameters to flatten the file so it would load within seconds instead of minutes.

Adobe released the first version of the Portable Document Format (PDF) in 1993, but it would take some time for the format to catch on. “The world didn’t get it,” Warnock recalled in a 2010 interview. “They didn’t understand how important sending documents around electronically was going to be.”

The early years were rocky, largely because PDF was just slightly ahead of its time. Early PDFs had limited functionality and were slightly too large to be sent quickly over the early internet connections. That began to change in 1996, however, when the Internal Revenue Service (IRS) used PDFs to provide downloadable tax return forms and instructions online. The IRS also started using PDF files to digitize their internal document processes, largely phasing out their reliance upon paper documents for auditing. This adoption convinced many hesitant organizations that if the format was good enough for the IRS, then it was good enough for them as well.

The Growth of PDF File Viewers

In the years following the introduction of PDF as an open format, a unique “freemium” model emerged that helped to promote its use across a variety of industries. While developers sold software that could be used to create, convert, edit, and secure PDFs, they also offered more streamlined PDF file viewers for free. This ensured that anyone could easily open and view PDF files no matter what kind of computer or operating system they were using. 

Although early readers were offered as separate software applications, they quickly became available as libraries that could be integrated into an existing application. By integrating a PDF file viewer directly into an application, developers could provide secure PDF support without having to rely upon any external software.

Today, there are multiple PDF file viewers available, which often makes it difficult to identify the one that provides the right combination of rendering performance and security for a particular industry’s needs.

The Rendering Challenge

Rendering a PDF file accurately is a deceptively complex task because not every file is constructed in the same way. In fact, prior to the PDF standard being taken over by the International Standards Organization (ISO) in 2007, Adobe’s documentation surrounding the format was rather infamously vague, resulting in the creation of poorly optimized PDFs that third party readers had difficulty viewing properly. Some PDF file viewers address this challenge by adding new code to accommodate known issues, but this has the unpleasant side effect of giving the reader a larger footprint and potentially impacting performance.

This challenge has become even more complex in recent years given the popularity of mobile devices. Effective PDF file viewers must be able to deliver a responsive viewing experience that can adjust their user interface (UI) to different sizes and types of screens.

The Security Challenge

Security has always been an important consideration for PDF file viewers, but it has become a much more prominent concern since the first virus capable of embedding itself in PDF files was uncovered in 2001. Unfortunately, security vulnerabilities continue to be a problem with third party PDF readers, as evidenced by the multiple vulnerabilities discovered in Adobe’s PDF products in 2020. While developers have more PDF file viewers to choose from than ever before, finding a solution that doesn’t introduce security risks has become a high priority when building a new application.

One of the best solutions for resolving security challenges is to build PDF capabilities directly into their already secure applications. Viewing or creating a PDF file in an external program, such as third party software or even within a web browser, introduces a potential functionality and control gap. It’s difficult to control what can be done with a PDF once it travels outside the confines of a secure application environment, allowing it to be downloaded, viewed, and potentially altered. With PDFs set to continue as the de facto standard for digital documents, it makes more sense than ever for developers to give their applications the ability to manage those files natively, without having to interface with external software dependencies.

Find the PDF File Viewer That’s Best for You

Developers have many choices when it comes to integrating PDF viewing capabilities, which is why Accusoft has developed a broad range of PDF integrations to address every potential use case. Our Accusoft PDF Viewer delivers a high-speed, lightweight JavaScript library that offers out-of-the-box mobile support and requires only a few lines of code to install. Available as a free-to-use integration, it’s the fastest way to add dynamic PDF viewing capabilities to your application without any configuration headaches. 

If your application needs more than just support for PDF viewing, PrizmDoc Viewer provides production-scale annotation, redaction, and conversion for multiple file types. As an HTML5 viewer, PrizmDoc Viewer easily integrates into applications to create a secure environment for documents and images. Try it today using an online demo or download a free trial to see how PrizmDoc Viewer can transform the way your application handles and views documents. 

The simultaneous development of Pfizer and Moderna’s safe and effective COVID-19 vaccines in less than a year stands as one of the great feats of recent medical science. Now that the vaccines are available, however, the healthcare industry and government authorities must take on the new challenge of distributing doses to the population quickly and effectively. In some respects, this logistical feat will be every bit as daunting as developing the vaccines themselves.

Fortunately, the use of barcoding in healthcare supply chains and patient records will prove incredibly helpful in overcoming some of the key difficulties in vaccine distribution. Medical barcodes are already being used in many essential applications. For organizations that have yet to fully embrace the potential of digital transformation, barcode processing integrations can help them quickly expand their capabilities to meet the growing demands of vaccine delivery.

4 Ways Medical Barcodes Solve Vaccine Delivery Challenges

1. Better Supply Chain Accuracy Means Less Waste

Given the high costs of manufacturing and distributing the vaccines, there is justifiable concern over the potential for waste. Both versions of the vaccine need to be kept at low temperatures for shipping after manufacture (approximately -90 degrees Fahrenheit for Pfizer and about -10 degrees for Moderna). Once they’re moved to a refrigerator for administration, they cannot be refrozen. While the Moderna vaccine can last for up to 30 days refrigerated (provided the vial is not punctured), the Pfizer vaccine must be discarded after a mere six hours. Further complicating matters, each Pfizer thermal shipping container can potentially hold up to 975 multidose vials (4875 individual doses), whereas each box of Moderna vaccine contains 10 vials (100 doses).

Without accurate inventory and shipment tracking, healthcare providers could easily end up with too much supply in one location and not enough elsewhere. In a worst case scenario, unused doses might even go to waste because they can’t be redirected to another site quickly enough. By incorporating medical barcode scanning throughout the supply chain, healthcare organizations can ensure more efficient distribution during the shipping process. They can also verify that delivery sites have the appropriate storage capacity ahead of time to avoid the possibility of doses going to waste due to lack of freezer space.

2. Improved Dosage Records

One of the key challenges with distributing the currently approved vaccines is that they require multiple doses. Although the doses are identical from a chemical composition and dosage standpoint, the problem is that they must be administered after a specified interval. According to the FDA, that interval is approximately 21 days for the Pfizer vaccine and 28 days for the Moderna vaccine. As healthcare providers work to deliver the vaccine effectively, they must keep accurate records to show who has received the first dose and how much supply of each vaccine shipment should be designated for second doses.

The ability to read and print barcodes providers quickly track where patients are in the vaccination process and ensure that second doses will be available at the appropriate time. This is especially important considering that the vaccines are not interchangeable. Once someone has received the first Pfizer dose, for instance, they should not receive the Moderna vaccine for their second dose (except in exceptional circumstances). By generating a specific barcode after the initial dose and including it with a patient’s health records, providers can quickly and easily match people with the correct vaccine and make sure they have available doses on hand.

3. Keeps Essential Medical Equipment On-Hand

Vaccine distribution involves more than just shipping the doses themselves. Many different accessories are required to administer the vaccine, including protective equipment, vials, rubber stoppers, syringes and needles, and alcohol swabs. Healthcare supply chains were already under significant strain throughout the pandemic, so it should not be taken for granted that providers will have everything they need when the vaccine arrives. Furthermore, as the overall pace of vaccinations increases, it will be important to keep an accurate count of available equipment, especially if a provider does a lot of off-site vaccinations.

Barcoding in healthcare is critical to establishing connections between different elements of the supply chain. By using medical barcode integrations, providers can track and coordinate every piece of equipment needed for vaccine delivery in near-real time. Incorporating the same barcodes into patient records also gives a more up-to-date inventory count as doses are administered, ensuring that hospitals and healthcare facilities don’t run out of essential equipment when they need it most.

4. Expands Distribution Beyond Traditional Supply Chain

Distributing the vaccine in major population centers is difficult enough, but extending delivery into underserved rural areas presents a different set of challenges. These areas often lack the supply chain infrastructure to accommodate the rapid and widespread transfer of medical products. Healthcare providers will need technology tools that allow them to set up remote distribution and treatment centers capable of coordinating with local communities in order to extend their reach into these areas.

While barcoding in healthcare may provide the visibility organizations need into vaccine logistics and patient records, certain regions will also require mobile medical barcode integrations that can put more power and control into the hands of field workers. Rugged, reliable barcode integrations capable of reading broken or damaged barcodes using any mobile device will be essential for overcoming the limitations of rural digital infrastructure.

Unlock the Potential of Barcoding in Healthcare with Barcode Xpress

Accusoft’s Barcode Xpress SDK integration helps healthcare applications read, write, and detect more than thirty different barcode types, even if those images are damaged, broken, or incomplete. With the ability to read multiple barcodes at speeds of up to 1,000 pages per minute, Barcode Xpress can help medical providers take control of their supply chains and manage patient records more efficiently. That same functionality can be extended even further thanks to Barcode Xpress Mobile, which can turn any iOS or Android device into a powerful barcode scanner.

Distributing COVID-19 vaccine doses is one of the great logistical undertakings of the 21st century. By expanding the usage of barcoding in healthcare, providers can create greater transparency into their supply chains to reduce waste and deliver the vaccine more efficiently to the patients who need it most. Find out how Accusoft’s Barcode Xpress can help the medical industry upgrade its infrastructure to meet the challenge of restoring a sense of normalcy to people’s lives and overcoming the pandemic. Try a hands-on demo of our barcode SDK today.

The scalable vector graphic (SVG) format continues to enjoy steady adoption across the web. According to data from W3Techs, SVG now accounts for 25 percent of website images worldwide. But it wasn’t always this way. In 1998, it became apparent that vector-based graphics had a future on the web, and the W3C received six different file format submissions from technology companies that year. Some were mere proposals ready for a complete revamp, while others were proprietary products that W3C wasn’t permitted to modify. Instead of forging a format from one of the submissions, however, W3C’s SVG working group decided to start from the ground up — and SVG was born.

While the file format had lofty ambitions, focusing on common use rather than specific syntax, the original iteration was cumbersome and complex. However, SVG has improved year after year after year. With increased support came more streamlined functionality and usable features. Now, SVG is often the first choice for meeting the evolving demands of scalable, responsive, and accessible web content.

What is a Scalable Vector Graphic (SVG) and how does it work?

Today, SVG is the de-facto standard for vector-based browser graphics. But what exactly is this file format, and how does it work?

Based on XML, SVG supports three broad types of objects: 

• Vector graphics including paths and outlines that are both straight and curved
• Bitmap images such as .jpeg, .gif, and .png
• Text

What sets SVG apart from bitmap-based images is the use of lines and curves along the edges of graphical objects. Because bitmap images use a fixed set of pixels, scaling them up creates blurriness where the edges of pixels meet. In the case of vector images, meanwhile, a fixed-shape approach allows the preservation of smooth lines and curves no matter the image size.

SVG also offers the benefit of interoperability. Because it’s a W3C open standard, SVG plays well with both other image format and web markup languages including JavaScript, DOM, CSS, and HTML. This allows the format to easily support responsive design approaches that scale websites and web content based on the user device rather than defining standardized size parameters. Thanks to the curves and lines of SVG, scaling presents no problem for responsive designers looking to ensure consistency across device types.

The Benefits of SVG

While scalability is often cited as the biggest benefit of SVG, this format also offers other advantages, including:

• Responsiveness — Images can be easily scaled up or down and modified as necessary to meet web design and development demands.
• Accessibility — Since SVG is text-based, content can be indexed and searched, allowing both users and developers to quickly find what they’re looking for.
• Performance — Image rendering is quick and doesn’t require substantive resources, allowing sites to load quickly and completely.
• Use in Web Applications — Browser incompatibilities and missing functions often frustrate web design efforts, forcing developers to use multiple tool sets and spend time checking content and images for potential format conflicts. SVG, meanwhile, offers powerful scripting and event support, in turn allowing developers to leverage it as a platform for both graphically rich applications and user interfaces. The result? Better-looking sites that enhance the overall user experience.
• Interoperability — Because SVG is based on W3C standards, the format is entirely interoperable, meaning developers aren’t tied to any specific implementation, vendor, or authoring tool. From building their own framework from the ground up to leveraging third-party SVG applications, web developers can find their format best-fit.

SVG in PrizmDoc Viewer

Accusoft’s PrizmDoc Viewer offers multiple ways for developers to make the most of SVG elements at scale, such as:

• File Transformation — Conversion is critical for effective and efficient web design. If development teams need different file transformation tools for every format, the timeline for web projects expands significantly. PrizmDoc Viewer streamlines this process with support for the conversion of more than 100 file types — including PDFs, Microsoft Office files, HTML, EML, rich text, and images — into browser-compliant SVG outputs. In practice, this permits near-native document and image rendering that’s not only fast, but also accessible anytime, anywhere, and from any device.
• HTML5 Functionality — Using SVG in PrizmDoc Viewer is made easier thanks to native HTML5 design. The use of HTML5-native framework not only improves load times with smaller document sizes but means that PrizmDoc Viewer works in all modern web browsers — while also dramatically enhancing document display quality.
• Pre-Conversion — One of the biggest challenges with viewing large documents in a browser is delay. Pages toward the end of the document may take longer to load and frustrate users looking to quickly find a specific image or piece of information. PrizmDoc Viewer solves this problem with a pre-conversion API that returns the first page as an SVG while the rest of the document is being converted, allowing users to interact with documents as conversion takes place and lowering the chance that files will experience format-based delays.

SVG hasn’t always been the go-to web image format. Despite a promising start based on open, interoperable standards, the lack of early support and specific use cases for vector-based file formats saw SVG sitting on the sidelines for decades. 

The advent of on-demand access requirements and mobile-first development realities has changed the conversation. SVG is now continuously gaining ground as companies see the benefit in this scalable, streamlined, and superior-quality file format. Get the big picture and see SVG in action with our online document viewing demo, or start a free PrizmDoc Viewer trial today!

Offering product integrations can be one of the easiest ways to expand the feature set of a product without adding loads of time and cost on development resources. Docubee currently has external integrations with Salesforce, Sharepoint, and Brother scanners that we offer to our customers. Internally, we have an integration with Slack that allows our development team to be notified of different events that happen within Docubee. As a team of engineers, we are always looking for new ways that we could possibly use Docubee with other products, and luckily, we usually find some time to prototype out these integrations.

Being an Apple enthusiast myself, one of the first things I wanted to try to integrate Docubee with was Apple HomeKit so I could use Siri to launch workflows. I configured my Apple TV to work with the Home app and was all ready to go. Unfortunately, I quickly found out that HomeKit does not natively support customizations like this. Lucky for me, someone had already come up with a solution to this problem using Homebridge and a node module called homebridge-cmdswitch2.

According to their Github, Homebridge is “a lightweight NodeJS server you can run on your home network that emulates the iOS HomeKit API” and homebridge-cmdswitch2 “allows you to run Command Line Interface (CLI) commands via HomeKit”. After that, the setup was pretty simple to get everything working. I had to create a workflow in Docubee that I wanted to start, configure my Home app to work with Homebridge, and write this config file below. Before I knew it, Siri was launching workflows for me.

{
  "bridge": {
      "name": "Homebridge",
      "username": "CC:22:3D:E3:CE:30",
      "pin": "031-45-154"
  },
  
  "description": "Homebridge Docubee Config",

  "accessories": [],

  "platforms": [{
    "platform": "cmdSwitch2",
    "name": "CMD Switch",
    "switches": [{
      "name" : "Docubee Workflow",
      "on_cmd": "curl -d '{\"wfModelId\":\"ec6e7fc4-1c38-4ebf-8a32-a02ba6721ffe\", \"wfData\": {}}' -H \"Content-Type: application/json\" -X POST {LAUNCH_WORKFLOW_ENDPOINT}",
      "state_cmd": "exit 1",
      "off_cmd": "echo off"
    }]
 }]
}

One of the next integrations I wanted to try to play with was Slack. I mentioned that we already use it internally, but I wanted to see if there was a way that we could make a Slack integration that was useful for an end-user. After creating my own Slack app to play with, I wanted to be able to launch a workflow from Slack as well as send a message back to Slack notifying me that a workflow was launched. To do both of these things, I had to create a handler somewhere to take the callback IDs that Slack would send to our API and do something with them. The finished handler looked like this:

'use strict';
const qs = require('qs');
const request = require('request')

function handleInteractiveMessage(req, res) {
  const task = req.task;
  res.status(200);
  res.end();
  task.log.info({ source: 'slack-connector.handInteractiveMessage' }, qs.parse(req.body));
  const payload = JSON.parse(qs.parse(req.body).payload);
  const responseUrl = payload.response_url;
  const callbackId = payload.callback_id;
  task.log.info({ source: 'slack-connector.handleInteractiveMessage', responseUrl }, 'response url');
  task.log.info({ source: 'slack-connector.handleInteractiveMessage', callbackId }, 'callback id');
  if (payload.callback_id === 'docubee_workflow_start') {
    kickOffWorkflow(task);
  } else if (payload.callback_id === 'handle_workflow_actions' && payload.actions[0].value !== 'redirect') {
    confirmCancelWorkflow(task, responseUrl, payload.actions[0].value);
  } else if (payload.callback_id === 'confirm_cancel_workflow' && payload.actions[0].value !== 'No') {
    cancelWorkflow(task, payload.actions[0].value, responseUrl)
  }
}

function confirmCancelWorkflow(task, responseUrl, wfInstanceId) {
  return new Promise((resolve, reject) => {
    task.log.info({ source: 'slack-connector.confirmCancelWorkflow', wfInstanceId }, 'wf instance id');
    request({
      url: responseUrl,
      method: 'POST',
      json: true,
      body: {
        text: 'Are you sure you want to cancel this workflow?',
        attachments: [
          {
            fallback: 'See what\'s going on!',
            author_name: 'Owner: ntorretti',
            title: 'Confirm Cancel',
            text: 'Please confirm you want to cancel this workflow',
            callback_id: 'confirm_cancel_workflow',
            actions: [
              {
                name: 'action',
                type: 'button',
                text: 'Yes',
                style: '',
                value: wfInstanceId
              },
              {
                name: 'action',
                type: 'button',
                style: '',
                text: 'No',
                value: 'No'
              }
            ]
          }
        ]
      }
    }, (err, response) => {
      if (err) {
        task.log.error({ source: 'slack-connector.confirmCancelWorkflow', err }, 'whoops');
        reject(err);
      } else {
        task.log.info({ source: 'slack-connector.confirmCancelWorkflow', response }, 'response');
        resolve({ status: 'Request successfully sent to callback API endpoint.' });
      }
    });
  });
}

function sendCancelConfirmation(task, responseUrl) {
  return new Promise((resolve, reject) => {
    request({
      url: responseUrl,
      method: 'POST',
      json: true,
      body: {
        text: 'We have successfully cancelled your workflow.',
      }
    }, (err, response) => {
      if (err) {
        task.log.error({ source: 'slack-connector.sendCancelConfirmation', err }, 'whoops');
        reject(err);
      } else {
        task.log.info({ source: 'slack-connector.sendCancelConfirmation', response }, 'response');
        resolve({ status: 'Request successfully sent to callback API endpoint.' });
      }
    });
  });
}

function cancelWorkflow(task, wfInstanceId, responseUrl) {
  return new Promise((resolve, reject) => {
    request({
      headers: { 'content-type': 'application/json' },
      url: {CANCEL_WORKFLOW_ENDPOINT},
      method: 'POST'
    }, (err, response) => {
      if (err) {
        task.log.error({ source: 'slack-connector.cancelWorkflow', err }, 'whoops');
        reject(err);
      } else {
        task.log.info({ source: 'slack-connector.cancelWorkflow', response }, 'yay');
        sendCancelConfirmation(task, responseUrl);
        resolve(response);
      }
    });
  });
}

function kickOffWorkflow(task) {
  return new Promise((resolve, reject) => {
    request({
      headers: { 'content-type': 'application/json' },
      url: {LAUNCH_WORKFLOW_ENDPOINT},
      method: 'POST',
      body: JSON.stringify({
        wfModelId: 'd32aa8ba-f153-46b5-8c62-81d14327c924',
        wfInstanceName: 'Untitled',
        wfData: {
          Originator: 'Natalie Torretti',
          Originator_Email: 'ntorretti@accusoft.com',
          email: 'ntorretti@accusoft.com'
        }
      }),
    }, (err, response) => {
      if (err) {
        task.log.error({ source: 'slack-connector.handleInteractiveMessage', err }, 'whoops');
        reject(err);
      } else {
        task.log.info({ source: 'slack-connector.handleInteractiveMessage', response }, 'yay');
        resolve(response);
      }
    });
  });
}

module.exports.initialize = (params, imports, ready) => {
  const framework = imports['prv-common-service-base'];
  const task = framework.taskLogging.createTask();
  const server = imports.server;

  task.begin('Initializing Slack connector component');

  server.post('/interactiveMessage', handleInteractiveMessage);

  task.log.info({ source: 'slack-connector.initialize' }, 'Slack connector component initialized');
  task.end();
  ready();
};

Slack has some great documentation and really is built to handle these kind of integrations. It was not that much work to get everything configured after I had the connector in place. I still needed one more piece of code on the Docubee end to be able to actually send the message to Slack. That send message function ended up looking like this:

const sendSlackMessage = imports => (task, redirectUrl, workflowInstanceId, message) => {
  return new Promise((resolve, reject) => {
    task.log.info({ source: 'utils.sendSlackMessage' }, 'sending slack message');
    request({
      url: 'https://hooks.slack.com/services/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',
      method: 'POST',
      json: true,
      body: {
        text: JSON.stringify(message),
        attachments: [
          {
            fallback: 'See what\'s going on!',
            author_name: 'Owner: ntorretti',
            title: 'Workflow Actions',
            text: 'Here are some actions you can take!',
            callback_id: 'handle_workflow_actions',
            actions: [
              {
                name: 'action',
                type: 'button',
                text: 'View dashboard',
                style: '',
                value: 'redirect',
                url: {LINK_URL}
              },
              {
                name: 'action',
                type: 'button',
                text: 'Go to workflow',
                style: '',
                value: 'redirect',
                url: redirectUrl
              },
              {
                name: 'action',
                type: 'button',
                style: '',
                text: 'Cancel Workflow',
                value: workflowInstanceId
              }
            ]
          }
        ]
      }
    }, (err, response) => {
      if (err) {
        task.log.error({ source: 'utils.sendSlackMessage', err }, 'whoops');
        reject(err);
      } else {
        task.log.info({ source: 'utils.sendSlackMessage', response }, 'response');
        resolve({ status: 'Request successfully sent to callback API endpoint.' });
      }
    });
  });
}

We called this the send SlackMessage function after the “Start Demo Workflow” was started. This sends a message back to Slack that gives the user a couple different actions that they could take on that message. If a user clicked one of the buttons in the message, a request with a specific callback ID was sent to the slack handler and the appropriate action was taken. The first image below shows how I integrated starting a workflow in Slack and the second image shows the message we sent back to Slack after a workflow was started giving the user different actions they can take.

These are just a few ways that Accusoft’s Docubee can be integrated into your daily routines. Whether it’s starting a workflow with Siri or enabling automated Slack processes, Docubee is built to help you and your organization to find the best way to automate processes.

Natalie Torretti, Software Engineer III

Natalie joined Accusoft as a software engineer in 2016. She started on the eDocr team but has spent the last two and a half years on Docubee development team. Natalie has been a large contributor to the React front-end UI of Docubee and made several enhancements to the back-end microservices as well. She obtained her B.S. in Biobehavioral Health with a Psychology minor from Penn State as well as her A.S.T. in Information Technology from South Hills School of Business and Technology. When Natalie is not writing code she enjoys working out, spending time at the pool, and playing with her dogs.

Data privacy continues to be a significant concern for businesses, employees, customers, and stakeholders alike. Privacy breaches can expose problems with document management and digital document security practices. They can also pose significant risks and costs to companies and stakeholders.  The importance of ensuring the secure sharing of confidential documents can’t be stressed enough.

When developing an application with SDKs or APIs or integrating new features into a workflow, developers must be aware of the security risks. Project managers, security engineers, and architects must work in tandem to identify and address all potential security breaches. This holds especially true for commercially-confidential, highly-sensitive, or private documents while in transit.

The Risks of Document Sharing

Document sharing, in general, can present opportunities for malicious actors to attempt to gain access to a competitor’s documents. It could also pave the way for uploading data containing malware accidentally. Protecting the enterprise as a whole should be a priority to prevent loss or compromise of customer-sensitive information. This is vital because even minor damage to a company’s reputation can have a devastating impact. 

When building applications with document sharing capabilities, developers need to think about the inherent risks that come along with allowing users access to upload and edit documents. Fortunately, there are a number of practical steps that developers can take to share sensitive documents securely without putting confidential information or mission-critical data at risk. 

5 Ways to Ensure Confidential Documents Are Shared Securely

1. Strengthen Application Security

Any conversation about document security needs to start with a focus on the application’s cybersecurity architecture. If document management software contains multiple vulnerabilities or doesn’t provide the necessary controls to safeguard data, it will be difficult to share sensitive documents securely. Here are a few best practices developers should have in place to create a secure application ecosystem: 

• Perform threat-modeling any time there is a major design change in the application or ecosystem to identify potential new threats.
• Encrypt customer sensitive documents both in transit and in storage. Ideally, the keys will be held by clients with an emergency access vault backup system, so that even the software developer cannot access any sensitive customer data. This way, even if an application or data centers are breached, customer documents will still be protected.
• Spend more time testing releases for weaknesses and allow security engineers and architects to weigh in on the product feature roadmap. Security patches and improvements should be given the same value as other new product features.
• Conduct periodic audits or external penetration testing to ensure that applications and customer data cannot be compromised.

2. Design Applications with Segregated Access

Secure documents and sensitive information should only be available to the people authorized to view or edit it. Access to one document should not allow someone to access other documents stored in the same application. By segregating access to data and assigning specific user permissions, developers can provide the tools customers need to manage their assets and share sensitive documents securely.

3. Eliminate External Viewing Dependencies

Although many organizations use secure applications to manage their document workflows, they frequently open themselves up to risk by relying on external software for document viewing. Without some way of sharing and viewing documents within the application itself, files will inevitably be shared over email and opened on local devices that may not have the latest security updates in place. Developers can avoid this problem by integrating HTML5 viewing capabilities into their application. This ensures that documents never have to leave a secure environment, even when they’re being shared with people outside an organization.

4. Create Unique Viewing Sessions

One of the challenges with many cloud-based document management systems is that once someone is granted access to a file, they typically retain that access until it is manually changed at a later date. In most instances, those privileges are also associated with the source file itself. This can create a number of security gaps if an organization doesn’t closely monitor access privileges. By implementing an HTML5 viewer that can generate unique viewing sessions for individual users, developers can provide more control over how to share confidential documents. Viewing sessions can be set to expire after use, and since the session is viewing a rendered version of the document instead of the source document itself, system administrators have more control over what aspects of it are shared. They may decide, for instance, to share only certain pages rather than the entire document.

5. Implement Redaction Capabilities

Redaction has long been used to protect private or confidential information in documents. Although organizations still frequently make embarrassing mistakes when it comes to redaction, it remains one of the most effective tools for anyone who needs to share sensitive documents securely. By integrating true redaction capabilities that not only obscure, but also completely remove sensitive information, developers provide applications that have the ability to screen documents for privacy risks before they’re shared with anyone. Performing redactions within the application environment also has the benefit of further limiting external dependencies that could threaten security.

Protect Confidential Documents with Accusoft Integrations

Accusoft’s collection of processing integrations give developers with a variety of document management tools for controlling privacy within their applications. The HTML5 capabilities of PrizmDoc Viewer offer powerful redaction tools and make it easier for administrators to control viewing access. 

To learn more about how Accusoft SDKs and APIs can provide the document management features you need to protect confidential information and privacy, visit our products page today or talk to one of our integration specialists.