Getting "consent_required" error while generating JWT access token even after consent is provided

Question

I am working with DocuSign Sandbox to test the JWT authentication. I have setup everything that is mentioned in the DocuSign JWT document. I provided the user consent as well. But when I am trying to get the access token using postman I am still getting "Consent_required" error. Tried user consent URL multiple times but since I have already granted the permission the consent page doesn't show up. I am not understanding where exactly the issue is. Why even after giving "signature impersonation" consent I am still getting error. This is for individual consent.

JWT need to double check: 1. How IK is set up, make sure you generated an RSA key 2. You have the userID (GUID) of the user you are trying to impersonate, from the same DocuSign account set correctly 3. You are using the correct token that you obtained using the IK when you make the API call — Inbar Gazit, Jul 21 '19 at 21:43

Larry K · Answer 1 · 2022-01-11T15:02:45.383

2

Update

See my article on granting consent.

Original

Items to check:

You can check to see if you have granted any consent by looking at the user's profile page.

The profile page tells you that at least one consent scope was granted. But JWT Grant needs two scopes: signature and impersonation If you're receiving consent_required then one or both of the consents is missing.

Best recommendation: re-do the consent process.

When asking for consent, check that both scopes are requested. The consent agreement window from DocuSign must look like the following:
Check that the right person has granted consent: when you use the JWT Grant flow, you must specify the guid of a DocuSign user. It is that user who must grant consent.
Check that you spelled impersonation correctly. (This mistake cost me an hour or more once.)
Check that you're consistently using demo.docusign.net and account-d.docusign.com (developer sandbox urls) or the production systems.
See this comment too.

edited Jan 11 '22 at 15:02

answered Jul 22 '19 at 05:47

Larry K

47,808
15
87
140

How to get the GUIID of the User once they have given consent? – zion May 07 '21 at 06:54
1

Please ask as a new question. StackOverflow is not a forum system. Thank you. – Larry K May 07 '21 at 14:07
How do you get this consent dialogue? – Karim Varela Jan 11 '22 at 02:05
@KarimVarela See this [article](https://www.docusign.com/blog/developers/oauth-jwt-granting-consent) – Larry K Jan 11 '22 at 15:03

score 0 · Answer 2 · answered Jun 30 '23 at 09:08

0

You can just call the following url in the browser and click accept. Do not forget to replace YOUR_INTEGRATION_KEY with your real integration key. You also need to add the redirect_url to your applicatoin (Apps and Keys -> Select you app -> edit -> add redirect url -> add "http://localhost/"

https://account-d.docusign.com/oauth/auth?response_type=code&scope=signature%20impersonation&client_id=YOUR_INTEGRATION_KEY&redirect_uri=http://localhost/

For more details read step 1 here.

answered Jun 30 '23 at 09:08

Ibo

39
1
4

Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Jul 06 '23 at 05:52

Getting "consent_required" error while generating JWT access token even after consent is provided

2 Answers2

Update

Original