CSP error for SMS validation in iframe

  • 18 March 2024
  • 1 reply



I'm trying to integrate the signature process directly into my application.

On the server side, I'm using the PHP SDK, and on the front, I'm using Docusign JS.

I manage to create an envelope, retrieve the URL and initialize my HTML element (following this documentation:

The signature process works correctly.

However, I'd like to add a verification of the signer's identity by sending him an SMS.

So I added the "RecipientIdentityVerification" object in my PHP.

Now I have an error in my console: Content-Security-Policy: The page parameters have prevented the loading of a resource at ("frame-src").

I've tried modifying the content security policy by adding frame-src 'self' * but it doesn't change anything.

However, when I open the URL returned by Docusign in a new tab of my browser, I'm redirected to to receive my code by SMS and sign it.

Do you know where this is coming from?

Thank you for your answers

1 reply


HI Thomas,

Thanks for reaching out to Doucsign Developer Support.

SMS Delivery is not supported for Captive (Embedded) Recipients.

Please let us know if you need anything else or if this case can be closed.

Best regards,
Conar | DocuSign Developer Support