Reputation: 777
Querying oauth/userinfo gives UserNotFound
This is only happening in production, JWT flow.
My end goal is to get the base_uri, which is required to make any subsequent API calls. I am following this guide, attempting to hit https://account.docusign.com/oauth/userinfo returns this error:
{
"error": "UserNotFound",
"error_description": "The user is not found in DocuSign",
"reference_id": "7b974b3a-ee7c-47a0-a204-0b8f39d71811"
}
(The user I am impersonating is the admin user, if that makes any difference)
Weird thing is that I can follow the exact same steps in Authorization Code Grant, and successfully get userinfo.
I could potentially use the Auth Code flow to get the base_uri first, then use the JWT flow to impersonate the admin. BUT this leads to a very weird issue, when I attempt to get the Access Token, the API returns:
{
"error": "consent_required"
}
This error doesn't go away even if I try to obtain consent again, and only goes away if I revoke the consent and restart the process.
Upvotes: 0
Views: 616
Answers (3)
Reputation: 5029
Using the reference ID you provided, I was able to look up the user in question and have determined the user ID in question is impacted by a known issue: PROV-571. For more information, please see this article: https://support.docusign.com/en/articles/Empty-UserInfo
To get this resolved, please email [email protected] and include the following info:
Is the issue occurring in Demo or Production
UserID & Email address of impacted user
- Known account IDs for user
- Integration Key used
Upvotes: 1
Reputation: 49104
If you are able to get userInfo when the token was generated via the Authorization Code Grant, but not when the token was generated by the JWT Grant, then something is wrong with either:
- The JWT Grant flow: wrong user guid, wrong IdP server (should be account.docusign.com), etc
- The userInfo call: wrong server (should be account.docusign.com) or something related.
Upvotes: 0
Reputation: 14015
The users in production are different than the user in demo/Dev sandbox. when using JWT, the request for the token requires you provide (among other things) the userIs for the user. This user has to also grant consent to your app/integration to make API calls on your behalf. You have to double check two things:
- The userId that you are passing (it's a GUID) to get the JWT token.
- That the same user granted consent (in production!) to your application.
For more information check https://developers.docusign.com/esign-rest-api/guides/authentication/oauth2-jsonwebtoken
Upvotes: 0
Related Questions
- DocuSign - finding a user's User Id
- I'm using Docusign RestApi 2.1 oAuth and getting 401 without any information on requests
- Docusign getUserInfo returns empty accounts list
- Docusign UserInfo endpoint returns 401 Unauthorized when access token is provided
- API returning a USER_LACKS_MEMBERSHIP error
- Getting 'Consent Required' error despite successful permission grant using Oauth URL
- DocuSign - Getting a user ID for a user whose organization admins has pre-authorized the application
- OAuth - DocuSign Log in page says 'The client id provided is not registered with DocuSign.'
- DocuSignAPI REST - Why won't my OAuth request go through?
- DocuSign OAuth Flow