DocuSign API integrator & private key, with multiple users

Question

I am using the DocuSign API to authenticate, create, and send envelopes from within my application. This applications needs to allow multiple users to use their own DocuSign sign account with the application. For each DocuSign User that will use with this application, do I need to have a separate integrator key and private key? Or is there a better way? Requiring each user to setup an API key doesn't scale very well as a business workflow. I'm hoping there is a better way, so that I can setup an integrator key and private key once.

Answer 1

No you do not need to create a separate integrator key for each user! You only need one integrator key (also called clientId) per DocuSign integration. The key helps identify which integration the requests are coming from, though these requests can indeed be coming from different accounts.

Your integration simply needs to initiate the OAuth handshake based on which method you are using (Auth Code Grant, Implicit Grant, JWT Token) and while "under the hood" the request will contain your integrator key the end-user does not see that (or even know about it).

See the Authentication Overview for more info.

Once you make the initial auth request the user will be redirected to a browser where they will login through the standard DocuSign login page using their username and pwd. Upon successful login they will be redirected to the redirectUri that was supplied in the API request and the resulting URL will have a query parameter attached to it which has their auth code.

Again, read the overview above based on which method you are using, but as stated you only need ONE integrator key per integration which is a private ID that you should never share with the end-user.