Configuring OAuth 2.0 authentication to authorize your DocuSign integration
Version:
To securely send and receive documents between your Pega Platform application and DocuSign, configure an OAuth 2.0 authentication profile with the JWT bearer token grant type.
- Client ID
- Access token endpoint
- JWT profile
- RSA key pair
- In your DocuSign application, ensure that you add a redirect URI by using the following syntax: https://<host:port>/prweb/PRRestService/DocuSignService/v1/redirect
For more information, see your DocuSign developer documentation.
The following task describes how to create a PKCS12
file by using OpenSSL. You can use a different method or tool, such as Java KeyStore, to generate your own type of keystore file.
-
Convert your private key to a
.pfx
file that you use to configure a keystore rule in Pega Platform.-
Save the private key in a file with a
.key
extension, for example,MyDocuSignKey.key
. -
Open a terminal window and enter the following command. Replace the file names in the command with your actual file names:
openssl req -out MyCSR.csr -key <MyPrivateKey.key> -new
openssl x509 -signkey <MyPrivateKey.key> -in MyCSR.csr -req -days 365 -out MyCustomCRT.crt
openssl pkcs12 -export -out MyCertificate.pfx -inkey <MyPrivateKey.key> -in MyCustomCRT.crt
-
After you run the command, the system prompts you to enter a password. This password is required to create a keystore in Pega Platform.
-
-
Create a keystore by using the
.pfx
file that you create in step 1. Ensure that you configure the following values:-
In the Keystore location field, select Upload file.
-
In the Keystore type field, enter PKCS12.
-
In the Keystore password field, enter the password that you used when you ran the command to convert the private key to a
.pfx
file.
For more information, see Creating a keystore for application data encryption and Configuring a keystore by uploading a file.
-
-
Generate a JWT token profile. For more information, see Creating a generation JSON Web Token profile.
For more information on the values to enter in the Claims section of the Token Profile rule form, see your DocuSign developer documentation.
-
Create an OAuth 2.0 authentication profile, and configure the following values:
-
In the Grant type list, select JWT bearer.
-
In the Client identifier field, enter the DocuSign integration key.
-
In the Access token endpoint field, enter the endpoint of the JWT access token that you obtained from the DocuSign authentication service.
For more information, see your DocuSign developer documentation.
-
In the JWT assertion section, select Use JWT generation profile.
-
In the JWT generation template field, enter the JWT token profile you created in step 3.
For more information, see Configuring an OAuth 2.0 authentication profile.
-