CODEWITHSUNDEEP
pythondocusignapi
Lous
Lous

Reputation: 45

DocuSign Consent Required error with OAuth application token

I am trying to create a valid OAuth token using the following code:

def get_token():

    DS_JWT = {
        "ds_client_id": "79b1adb9-xxxx-xxxx-xxxx-4450dd98a712",
        "ds_impersonated_user_id": "3300d1d8-xxxx-xxxx-xxxx-552b87311b0f",
        "private_key_file": "private.key",
        "authorization_server": "account-d.docusign.com"
    }

    private_key = get_private_key(DS_JWT["private_key_file"]).encode("ascii").decode("utf-8")
    api_client = ApiClient()
    ds_app = api_client.request_jwt_user_token(
        client_id=DS_JWT["ds_client_id"],
        user_id=DS_JWT["ds_impersonated_user_id"],
        oauth_host_name=DS_JWT["authorization_server"],
        private_key_bytes=private_key,
        expires_in=3600,
        scopes=["signature", "impersonation"]
    )

    return ds_app.access_token

I thought this would work, since other people use it (How to use OAuth Applciation token generated by Docusign Python client [ApiClient.request_jwt_application_token()]?).

But I get the following error:

  File "src/docusign_template_app/obtain_token_4.py", line 38, in <module>
    main()
  File "src/docusign_template_app/obtain_token_4.py", line 33, in main
    token_4 = get_token_4()
  File "src/docusign_template_app/obtain_token_4.py", line 18, in get_token_4
    ds_app = api_client.request_jwt_user_token(
  File "/home/lluis/.pyenv/versions/docusign-template-app_py38/lib/python3.8/site-packages/docusign_esign/client/api_client.py", line 691, in request_jwt_user_token
    response = self.request("POST", "https://" + oauth_host_name + "/oauth/token",
  File "/home/lluis/.pyenv/versions/docusign-template-app_py38/lib/python3.8/site-packages/docusign_esign/client/api_client.py", line 393, in request
    return self.rest_client.POST(url,
  File "/home/lluis/.pyenv/versions/docusign-template-app_py38/lib/python3.8/site-packages/docusign_esign/client/api_response.py", line 246, in POST
    return self.request("POST", url,
  File "/home/lluis/.pyenv/versions/docusign-template-app_py38/lib/python3.8/site-packages/docusign_esign/client/api_response.py", line 208, in request
    raise ApiException(http_resp=r)
docusign_esign.client.api_exception.ApiException: (400)
Reason: Bad Request
Trace-Token: eadcd891-a820-414c-a86e-3a51f318361c
Timestamp: Tue, 30 Aug 2022 09:17:05 GMT
HTTP response headers: HTTPHeaderDict({'cache-control': 'no-cache, no-store, must-revalidate', 'pragma': 'no-cache', 'content-type': 'application/json; charset=utf-8', 'expires': '-1', 'x-docusign-tracetoken': 'eadcd891-a820-414c-a8
6e-3a51f318361c', 'x-frame-options': 'SAMEORIGIN', 'x-xss-protection': '1; mode=block; report=/client-errors/xss', 'x-docusign-node': 'DA1DFE179', 'strict-transport-security': 'max-age=31536000; includeSubDomains; preload', 'referrer-policy': 'no-referrer,strict-origin-when-cross-origin', 'x-content-type-options': 'nosniff', 'date': 'Tue, 30 Aug 2022 09:17:05 GMT', 'content-length': '28'})
HTTP response body: b'{"error":"consent_required"}'```

Upvotes: 1

Views: 667

Answers (1)

Larry K
Larry K

Reputation: 49104

Note: Because you're including the user id, you're actually obtaining a user access token, not an application access token.

Good news

Your software is correct. The error message you received is consent required. This error indicates that:

  1. Your request is correctly made
  2. But the user has not yet granted consent for your application to impersonate them.

To fix the problem, see the options documented in my Granting Consent blog post.

Ask a new question on StackOverflow if you have any related questions.

Upvotes: 1

Related Questions