DocuSign OAuth 2.0 Implementation
finPOWER Connect version 3.04.04 introduces OAuth 2.0 authentication for DocuSign.
This blog details the changes to DocuSign authentication implemented in finPOWER Connect.
Starting in October 2021, DocuSign began the end-of-life process for all API authentication flows except the recommended OAuth 2.0 flows.
To configure finPOWER Connect to use the OAuth 2.0 authentication flow, you will need to set up a new Integration Key in DocuSign, and add the details to the DocuSign Cost Centre within finPOWER Connect.
DocuSign configuration steps
In DocuSign, you will need to add a new Integration Key and complete its configuration.
Set up an Integration Key
This defines the integration and links to its configuration.
- In the control panel under Settings, open the Apps and Keys page.
- Under My Apps / Integration Keys, select the Add App / Integration Key and give it a unique name.
Add a RSA Keypair to the application
- Open the Apps and Keys page.
- Under My Apps / Integration Keys, choose the integration key to use, then select Actions, then Edit.
- In the Service Integration section, select Add RSA Keypair (see Screenshot C).
- Save both the Public and Private keys in a secure location, including the
----BEGIN RSA PRIVATE KEY----
and----END RSA PRIVATE KEY-----
lines as part of the text.
Set up a redirect URI
- Open the Apps and Keys page.
- Under My Apps / Integration Keys, choose the integration key to use, then select Actions, then Edit.
- In the Additional Settings section, select Add URI (see Screenshot C).
- Enter in the new URI as https://localhostfinPOWER/Temporary_Listen_Addresses/.
finPOWER Connect configuration steps
Once the DocuSign Integration has been configured, the Cost Centre in finPOWER Connect will need to be configured using the Integration details.
- In Cost Centres select the DocuSign page, and check the Use Service? option.
- On the Options page select the Enable Electronic Signature? option.
- Select the Credentials or Test Credentials page.
- Enter the API User Credentials.
- API Account Id: The API Account Id specified by DocuSign, this is in GUID format like xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx.
- User Id: The User Id specified in the DocuSign integration, this is in GUID format (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx).
- Enter the API Authentication Details.
- Integration Key: The integration key, in GUID format (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx), of the integration you want to use.
- Private Key: The RSA Private Key that you created in the integration, including the
----BEGIN RSA PRIVATE KEY----
and----END RSA PRIVATE KEY-----
lines as part of the text. - Save the changes.
- Consent Verification.
- Click the Consent button.
- The Authenticate screen will appear, enter your user name (in email format) and password, click the Login button.
- You may be prompted to enter in an authentication code that will be sent to the email (user name) that you have supplied.
- Once this step has been completed you will get a message to say that the service has been successfully initialised.
- Verify the configuration.
- Click the Verify button.
- If successful a summary page detailing the API Account will be displayed.
Configuration Example
The following example shows the steps for setting up DocuSign OAuth 2.0 authentication in finPOWER Connect.
Setting up the new Integration Key.
Note the User Id and App Account Id that will be needed in finPOWER Connect.
Setting up the new Integration Key
Note the Integration Key that will be needed in finPOWER Connect.
Note the buttons to generate the RSA Keypair and Redirect URI.
The finPOWER Connect DocuSign Cost Centre
The API Account Id, User Id, and Integration Key from DocuSign in GUID format (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx), together with the RSA Private Key.
Generate the Consent Code - A: Enter email address
Clicking on the Consent button for the Consent Code will allow you to grant access to the application.
Begin by entering in the email address of the DocuSign account.
Generate the Consent Code - C: Send verification code
You will now be prompted to verify the details by sending a verification code to the email address provided.
Generate the Consent Code - D: Enter verification code
Once the verification code email has arrived, enter the code and click Verify.
Generate the Consent Code - F: Completed
If successful, the Consent Code will be generated and saved to the Cost Centre.
Verify configuration
On the Cost Centre, click the Verify button to verify that DocuSign has been configured correctly.