Reputation: 1
Can we use SOBO feature with OAuth 2.0 Authentication Code Grant using REST API? We cant use JWT authentication due to system limitation, so need to explore if we can use SOBO without using legacy and JWT authentication..
Please advise the flow using REST API!!
Regards, VG
Upvotes: 0
Views: 79
Reputation: 49114
If you can't use jwt (why not?) Then you could have the person you want your app to act on behalf of authenticate with DocuSign via your app using the oauth authorization code grant flow. Include the extended scope to enable ongoing refresh token requests.
This will enable your app to act on behalf of the person, ongoing. (As long as you make an API refresh request once a month or more often.)
Upvotes: 0
Reputation: 14015
SOBO (Send on Behalf Of) is a legacy feature that cannot be used with OAuth 2.0. JWT (JSON Web Tokens) grant gives you the ability to impersonate, which is essentially the same thing. IF you cannot use JWT and must use OAuth 2.0 (as DocuSign requires) then you cannot impersonate other users. May be good to understand your requirements and limitations in more details to try to offer alternative solutions.
Upvotes: 1