Reputation: 698
How to obtain the docusign user guid to set on the JWT sub attribute?
It seems that I am missing a piece in the JWT Consent Flow.
- I craft the following consent url and link it to a button that will open a popup for the current user to login and accept the consent: https://account-d.docusign.com/oauth/auth?response_type=code&scope=signature%20impersonation&client_id=#{my_integration_key}&redirect_uri=#{redirect_url}"
- Once redirected, the documentation specifies that I should simply ignore the code param in the redirect url.
- I must create a JWT token in order to obtain an access token : At this point I must specify the 'sub' with the user ID of the user who just granted consent. How I am suppose to get it in this flow? I don't understand why I should ignore the code param in the oauth redirect, I should use it to find the DocuSign user guid.
Am I missing something ?
Upvotes: 0
Views: 168
Answers (2)
Reputation: 1125
You can add two steps to the JWT authorization flow to query the user ID.
The redirect to the /oauth/auth (step 1) request will contain a code query parameter. This is a JWT that can be used in an /oauth/token request (grant type authorization_code) documented here:
https://developers.docusign.com/platform/auth/authcode/confidential-authcode-get-token/#RequestCode
The response to the /oauth/token request will contain an access token that can be used to make a /oauth/userinfo request. The sub prop in the response is the user ID.
https://developers.docusign.com/platform/auth/reference/user-info/
Once you have sub, you have everything you need to create a JWT and request a new access token.
Upvotes: 0
Reputation: 14050
The userId GUID can be obtained in many ways, but that depends on the flow of your app.
You could go to check it in the Settings (admin) portion of the web app, either in the "Apps and Keys" page, where you get the logged in user ID, or in the "User" where you can find any and all users in the account.
However, if you want to do that programmatically, you are in a catch22, as to make an API call to obtain this information you need to first be authenticated. Typically, this can be done by hardcoding a primary user (system user) that was set manually and that user then make API call to obtain all other users and their GUID (userID) respectively.
Upvotes: 1
Related Questions
- DocuSign JWT Grant how to get GUID userId of the user to impersonate?
- How do you get the DocuSign Account ID using the API?
- DocuSign - finding a user's User Id
- How can I retrieve the UserID from the DocuSign API
- Docusign - Unable to get User GUIID using Users::list API
- DocuSign - Signature part from JWT configuration
- Implemented JWT - The user ID of the user to be impersonated
- Usage of user_id (user uuid) in Docusign
- How to get impersonated UserGuid Id in docusign
- DocuSign - Obtain UserID using admin consent response code?