1. Configuring the DocuSign Connector
  2. Creating an Application by Using DocuSign Connector
  3. Prerequisites for Creating an Application By Using the Connector

2.2 Prerequisites for Creating an Application By Using the Connector

Learn about the tasks that you must complete before you create the application.

2.2.1 Downloading the Connector Installation Package

You can obtain the installation package for your connector on the Oracle Technology Network (OTN) website.

To download the connector installation package:
  1. Navigate to the OTN website at http://www.oracle.com/technetwork/middleware/id-mgmt/downloads/connectors-101674.html.
  2. Click OTN License Agreement and read the license agreement.
  3. Select the Accept License Agreement option.
    You must accept the license agreement before you can download the installation package.
  4. Download and save the installation package to any directory on the computer hosting Oracle Identity Governance.
  5. Extract the contents of the installation package to any directory on the computer hosting Oracle Identity Governance. This creates a directory named CONNECTOR_NAME-RELEASE_NUMBER.
  6. Copy the CONNECTOR_NAME-RELEASE_NUMBER directory to the OIG_HOME/server/ConnectorDefaultDirectory directory.

2.2.2 Creating a Target System User Account for DocuSign Connector

The user must have created a developer account to build an internal environment in DocuSign as it is required for the app to install and interact with the DocuSign API’s and requests.

Make sure to create the account as an administrator to have full privilege and control over the users and visibility for viewing the user’s entitlements.

2.2.3 Configuring the Target System

This is a high-level summary of the tasks to be performed on the target system before you create the application.

Preinstallation for the DocuSign connector involves performing a series of tasks on the target system.

Preinstallation involves the following tasks:

  1. Log in to DocuSign with your account.
  2. Create a basic app setup in the DocuSign target system for Auth2.0 authentication with an Authorization Code Grant.
    1. Under Integrations Section, open Apps and Keys in your developer account Settings page, select ADD APP AND INTEGRATION KEY and create the application with an appropriate name. For example, DemoTest1..
  3. Use or copy the Integration Key value, which is automatically generated once you create the application. For example, 7c2b8d7e-xxxx-xxxx-xxxx-cda8a50dd73f.
  4. Under Authentication:
    1. Under the User Application section, select the Authorization Code Grant.
    2. To get the Secret Key, select ADD SECRET KEY.
    3. Save/copy the value of the secret key to a secure place. You will need it later.
  5. In the Additional Settings section, select Add URI and enter the new redirect URI (this can be a localhost address). For example, http://example.com/callback.
    After performing these steps, you will get an Integration Key (Client Id) and the Secret Key (Client Secret). For more information about configuring target system, see https://api.DocuSign.com/authentication/basics.

2.2.4 OAuth Flow to Generate the User-Level Tokens

To generate the user-level access and refresh tokens, there are three steps you must complete manually and these values should be provided in customAuthHeaders in DocuSign Connector basic configuration for authentication.

The following steps must be completed by users who are opting in for Authorization Code Grant:

You must enter the oauth API by pass for these URL in the internet browser or use Postman to generate the tokens.

  1. Requesting the Authorization Code

    Note:

    The token URI for the developer environment is https://account-d.docusign.com/oauth/token.
    1. Enter the following URL in a browser as provided in the example.

      Example:

      https://accountd.docusign.com/oauth/auth?response_type=code&scope=signature&client_id={iKey}&redirect_uri={callback}

      Replace {iKey} with your integration key and {callback} with your redirect URI. The URL above includes the signature scope required for the eSignature REST API.

      This URL opens the DocuSign authentication screen.

    2. After you enter your DocuSign developer account email address and password and give consent for the requested scopes. The browser will redirect to your redirect URI with a long string returned for the code parameter embedded in the URL.

      Examples

      Request:

      https://account-d.docusign.com/oauth/auth?response_type=code&scope=signature&client_id=7c2b8d7e-xxxx-xxxx-xxxx-cda8a50dd73f&&redirect_uri=http://example.com/callback/

      Response:

      http://example.com/callback/?code=eyJ0eXAi.....81QFsje43QVZ_gw
  2. Generating Refresh and Access Tokens Using the Code Generated in Step 1.
    1. To request an access token, send a POST request containing your authorization code to the DocuSign authentication service.
    2. Paste the values of integration and secret key as Username and Password respectively under Authorization in the access token request with the type Basic Auth in Postman.
    3. In addition, the access token request contains a set of body parameters namely grant_type and code.
      1. Update the key as code with value <code>.

        Note:

        <code> is nothing but the authorization code that you received from the callback in step 1. For example, code=eyJ0eXAi.....QFsje43QVZ_gw.
      2. Likewise, update one more body parameter with the key as grant_type and value as authorization_code.
    4. Execute the Authorize Code Grant Access Token request to generate an access token and a refresh token.
      1. In the response, you will get elements, namely, access_token, token_type, refresh_token, and expires_in.
      2. Copy/save the values of access_token and refresh_token.

        For more information about how to get an access token with Auth Code Grant, see https://developers.docusign.com/platform/auth/authcode/authcode-get-token/.

      Examples

      Request:

      curl --header "Authorization: Basic NWMyYjhkN.....FhODg2MQ=="
--data "grant_type=authorization_code&code=eyJ0eXAi.....QFsje43QVZ_gw"
--request POST https://account-d.docusign.com/oauth/token

      Response:

      { 
    "access_token":"eyJ0eXAi......mX9f7k1g",
    "token_type":"Bearer", 
    "refresh_token":"eyJ0eXAi......mruC5c3A", 
    "expires_in":28800
    }

    Table 2-1 Elements

    Elements Description
    access_token The value of the access token. Use this token in the Authorization header of all DocuSign API calls.
    token_type The type of token. For access tokens, the value of this is Bearer.
    refresh_token A token that is used to obtain a new access token without requiring user consent. The lifetime of a refresh token is typically around 30 days.
    expires_in The number of seconds before the access token expires.
    grant_type The type of grant being used to exchange an authorization code for an access token using authorization_code.
  3. Providing Values for DocuSign Connector Basic Configuration.

    After you have obtained the access_token and refresh_token values, you must provide these values in customAuthHeaders under DocuSign Connector basic configuration. For information about configuration, see Configuring the DocuSign Connector. For example, access_token="eyJ0eXAi......mX9f7k1g"","refresh_token=eyJ0eXAi......mruC5c3A "

    Table 2-2 Elements

    Elements Description
    refresh_token The full refresh token value that is received from authentication.