Reputation: 66
Docusign UserInfo endpoint returns 401 Unauthorized when access token is provided
I am integrating my API backend with DocuSign in order to send and retrieve envelopes. I am using the JWT Grant flow. Authentication options
In the DocuSign development environment, I am able to retrieve an access token using the JWT flow and the Docusign C# SKD.
I need to then call the oauth/userinfo endpoint in order to retrieve the base_uri field to use for making calls to Docusign.
When I make a GET request to https://account-d.docusign.com/oauth/userinfo, including the access token in the Authorization header as Bearer <access_token>, I receive a 401 Unauthorized response, and this message in the body:
{
"error": "internal_server_error",
"reference_id": "<some GUID>"
}
I have tried this using curl, Postman and the C# SDK and all give the same result.
Curl syntax:
curl --header "Authorization: Bearer <access token>" https://account-d.docusign.com/oauth/userinfo
user-info endpoint documentation
As far as I can see, I appear to be calling the API according to the documentation and I have set up the account with an RSA key pair which is required for system integrations (created within the Docusign admin portal).
Can anyone think of a reason this could be happening?
Upvotes: 1
Views: 1335
Answers (2)
Reputation: 66
I have now been able to get the base_uri from UserInfo endpoint using the RequestJWTUserToken method in the C# SDK. Using this token allows me to hit the REST API endpoint.
Both methods appear to hit the same oauth/token endpoint and use the same grant type, only RequestJWTUserToken includes the "sub" claim for the userId.
Upvotes: 0
Reputation: 14050
Since you're using the C# SDK as you mentioned, you can call this endpoint using the same SDK if you have a valid token.
https://developers.docusign.com/docs/esign-rest-api/sdk-tools/c-sharp/reference/
public OAuth.UserInfo GetUserInfo(string accessToken);
You can confirm that your token is valid by trying to use it for other API calls. A token from the developer account should be useful to make this call in the developer account only. If you need this for production (typically reason to need the base_uri) then you have to call it with account.docusign.com not account-d.docusign.com.
Upvotes: 1
Related Questions
- DocuSign error: unauthorized_client while trying to generate access token
- I'm using Docusign RestApi 2.1 oAuth and getting 401 without any information on requests
- Docusign: Trying to get userInfo after consent received internal_server_error
- Getting (400) Bad Request in response while try get access token for docusign
- DocuSign - .Net Core - JWT user token error consent_required
- DocuSign Authorization Code Grant access token endpoint returning bad request each time
- Getting 400 bad request message while requesting for access token from DocuSign API
- Authorization Code Grant error: invalid authentication request
- 401 Unauthorized response for access_token in the developer sandbox
- DocuSign REST API - create envelope id but error: Authentication fail