3

I haven't been able to authenticate with DocuSign's API using nodejs. These are the steps I have followed;

  1. I got the DocuSign code example running with JWT grant for node.
  2. I generated an Integration Key in the Sandbox environment
  3. I stored my private RSA Key and it's properly formed (it doesn't have trailing spaces).

But I keep getting this error (I also tried generating new integration keys but I get the same result)

 API problem: Status code 400, message body:
 {
    "error": "invalid_grant",
    "error_description": "no_valid_keys_or_signatures"
 }

1 Answers1

0

Note these:

  "dsJWTClientId": "YOURIK",
  "privateKeyLocation":  "config/private.key",
  "impersonatedUserGuid": "YOUR USERID",

in the appsettings.json file Also, ensure that you granted consent. Consent has to be given at least once to the user.

Inbar Gazit
  • 12,566
  • 1
  • 16
  • 23
  • I'm setting the **client id, private key location and user id**. I'm sure the **client id** and **user id** are correct because I can login using the **Authorization Code Grant**. I also granted **Administrative consent** using the **DocuSign Admin** portal and accessing the **Connected Apps** section. @inbar-gazit – Rosa Mendiola Oct 01 '20 at 15:26
  • Rosa, there's a separate one for JWT, called "dsJWTClientId", did you set this one? – Inbar Gazit Oct 01 '20 at 16:26
  • yes, this is what I have `"dsClientSecret": "546a5fc7-2f49-4988-83a7-XXXXXXXX", "dsJWTClientId": "d67ef858-aa1d-45ca-8e5f-XXXXXXXXX", "privateKeyLocation": "config/private.key", "impersonatedUserGuid": "2d331a25-9f83-482d-97bd-XXXXXXXX",` – Rosa Mendiola Oct 01 '20 at 19:06
  • did you also give "impersonation" scope when you granted consent? which URL did you use for that? – Inbar Gazit Oct 01 '20 at 22:02
  • I'm using this URL https://admindemo.docusign.com/organization/203bcd16-a053-4748-848f-12bcc81f3138/connected-applications and I added these permissions `signature impersonation` – Rosa Mendiola Oct 05 '20 at 13:28
  • ok, at this point I have two options for you: you can contact our customer support and open a case and work with them. Option two - you can try to use our quickstart to create a customized ZIP download for you. It would use Auth Code Grant, but I can show you easily how to change to use JWT. You would not need to do any configuration as it does it all for you. – Inbar Gazit Oct 05 '20 at 15:39
  • I think we can try option two first! – Rosa Mendiola Oct 05 '20 at 19:06
  • sure, please go ahead and go to https://developers.docusign.com/docs/esign-rest-api/quickstart and follow the process and let me know if you're able to first run it ouf-of-the-box (Auth Code Grant) – Inbar Gazit Oct 05 '20 at 20:15
  • thanks! I was able to get it running, I only set `quickstart: "false"` in the `appSettings.json` file and was able to login using JWT. Was that OK or did I need to do something else? – Rosa Mendiola Oct 06 '20 at 15:52
  • yes, I'm good! I just wanted to be sure I was doing everything correctly – Rosa Mendiola Oct 06 '20 at 23:48