3

We are implementing embedded document creation for our SaaS product. Some of our clients will be using their own accounts and credentials. Others may not have a DocuSign account and so will be able to set one up through us. How does a client authorize us to use their account credentials?

For example, say we want to create an authorization token to store on behalf of one our clients (i.e. post to ~/v2/oauth2/token). Would we pass our account's integrator key, with the client's username and password in the headers?

uuunk
  • 93
  • 1
  • 1
  • 7

1 Answers1

4

You should think of the Integrator Key as an application specific key - it helps identify your integration so DocuSign knows which integration is creating which envelopes as well as how many envelopes (especially since there are per account per hour API call limits in place).

You only need one Integrator Key for any and all users using your integration, and yes you would authenticate your API calls by placing the IK along with a given user's username and password in the authorization header. As long as that user is passing valid credentials (ie valid username + pwd combo) then they can make the request under any Integrator Key).

Ergin
  • 9,254
  • 1
  • 19
  • 28