Granting consent is a one time operation per user per integration key. Added: Granting Consent is one time per user per integration key Then you can run your JWT flow (no user required) and you're golden. When the user enters the above url, DocuSign will ask them to log in and then ask them to grant the permissions (scopes) to your app. # encoded_scopes = signature%20impersonation That URL is the first leg of the OAuth Auth Code Grant flow. Then, once per user who will be impersonated, tell them to enter a specific URL into their browser. For convenience, set the redirect URI to an existing site. Here's the trick: Set up the app in DocuSign as both a Auth Code Grant app (set a redirect URI) and as a JWT flow app (create a public/private key pair). But user's don't "use" Service Integrations! (As you discovered via the documentation.)
You then login as the "HR Dept" and grant permission to the app to impersonate the "HR Dept."Ī user grants permission to an app the first time they use it. Eg, you create a user called "HR Dept" in DocuSign. You can also have each person individually grant permission. If you have Organization Admin enabled, your org admin can proactively grant permission for your app to impersonate anyone in your org. (the usual cases) then your app needs permission to do so. To use the JWT flow and impersonate someone or a designated "system user" If you're an ISV (if you'll be selling your software to DocuSign customers) then there are additional issues to be considered at this time. The JWT flow is recommended for Service Integrations if you're writing the app for your own organization's use. TL DR - watch my screencast where I focus on this exact issue. I'm sorry that the documentation for Service Integrations is not clear. I have no problem with this but why advise against using it then advise against using the alternative as well? Am I missing something? So should I not use these grants? If I don't it leaves me back at using Legacy Header authentication. This grant is not suitable for service integrations. However, both the Authorization Code Grant and the Implicit Grant pages state at the very top of the page User consent can start with either the Authorization Code Grant or the Implicit Grant. Then in the granting consent section it states So I decided to go to that Service Integration Authentication page which statesīefore an application can impersonate a user, the application must get consent directly from the user or from their account administrator. DocuSign recommends new service integrations be built with Service Integration Authentication. Legacy Header authentication was formerly recommended for service integrations. This advises against using it for service integrations I began by looking into authentication info and found the Legacy Header page. I am creating a service integration that will need to use my Docusign account.
0 kommentar(er)
