Close popover

Table of Contents

Configuring OAuth 2.0 authentication to authorize your DocuSign integration

Version:

To securely send and receive documents between your Pega Platform application and DocuSign, configure an OAuth 2.0 authentication profile with the JWT bearer token grant type.

To create an OAuth 2.0 authentication profile in Pega Platform, ensure that you obtain the following information from your DocuSign application:
  • Client ID
  • Access token endpoint
  • JWT profile
  • RSA key pair
  • In your DocuSign application, ensure that you add a redirect URI by using the following syntax: https://<host:port>/prweb/PRRestService/DocuSignService/v1/redirect

For more information, see your DocuSign developer documentation.

The following task describes how to create a PKCS12 file by using OpenSSL. You can use a different method or tool, such as Java KeyStore, to generate your own type of keystore file.

  1. Convert your private key to a .pfx file that you use to configure a keystore rule in Pega Platform.

    1. Save the private key in a file with a .key extension, for example, MyDocuSignKey.key.

    2. Open a terminal window and enter the following command. Replace the file names in the command with your actual file names:

      openssl req -out MyCSR.csr -key <MyPrivateKey.key> -new

      openssl x509 -signkey <MyPrivateKey.key> -in MyCSR.csr -req -days 365 -out MyCustomCRT.crt

      openssl pkcs12 -export -out MyCertificate.pfx -inkey <MyPrivateKey.key> -in MyCustomCRT.crt

    3. After you run the command, the system prompts you to enter a password. This password is required to create a keystore in Pega Platform.

  2. Create a keystore by using the .pfx file that you create in step 1. Ensure that you configure the following values:

    1. In the Keystore location field, select Upload file.

    2. In the Keystore type field, enter PKCS12.

    3. In the Keystore password field, enter the password that you used when you ran the command to convert the private key to a .pfx file.

    For more information, see Creating a keystore for application data encryption and Configuring a keystore by uploading a file.

  3. Generate a JWT token profile. For more information, see Creating a generation JSON Web Token profile.

    For more information on the values to enter in the Claims section of the Token Profile rule form, see your DocuSign developer documentation.

  4. Create an OAuth 2.0 authentication profile, and configure the following values:

    1. In the Grant type list, select JWT bearer.

    2. In the Client identifier field, enter the DocuSign integration key.

    3. In the Access token endpoint field, enter the endpoint of the JWT access token that you obtained from the DocuSign authentication service.

      For more information, see your DocuSign developer documentation.

    4. In the JWT assertion section, select Use JWT generation profile.

    5. In the JWT generation template field, enter the JWT token profile you created in step 3.

    For more information, see Configuring an OAuth 2.0 authentication profile.

Have a question? Get answers now.

Visit the Collaboration Center to ask questions, engage in discussions, share ideas, and help others.