While DocuSign assigns integration keys to the applications created within your developer account, it’s important to note that these keys are associated with the account itself rather than individual users. This account, whether it’s a developer account or a production account following app promotion, is referred to as a management account. Only users with administrative permissions, typically those with a DSAdmin permissions profile, are authorised to manage the integration keys assigned to this account.
Many developers operate developer accounts where they are the sole user, thus automatically assuming the administrative role. However, they may not be aware of this distinction. To confirm administrative permissions, users can log in to their account and check for a Settings menu at the top. If present, it indicates administrative privileges. The Settings menu provides access to the Apps & Keys page, allowing users to manage integration keys for their applications.
It’s crucial to understand that being an admin in one DocuSign account doesn’t necessarily grant access to manage the configuration of a specific integration key if that key is associated with a different management account.
An important factor contributing to integration keys being associated with different management accounts is the evolution of DocuSign API authentication. Prior to 2021, the majority of DocuSign customers relied on legacy authentication, where the integration key, user’s email address (username), and user’s password sufficed for API call authentication. However, in September 2021, DocuSign commenced the retirement of legacy authentication, initiating the migration of customers to the more secure OAuth 2.0 protocol.
Under OAuth 2.0, developers are required to configure their integration keys with a secret key or private key, depending on their chosen authentication flow. To accomplish this, they must have access to the management account of the integration key.
The issue arises when, over time, customers transition from one account to another as part of updating their authentication methods. In some scenarios, the original management account associated with their integration key(s) may have been closed. Alternatively, the original management account may have had only one user with administrative privileges who subsequently left the company. Consequently, many customers find themselves without admin access or any access at all to the management account of their integration key(s). If customers haven’t needed to modify the integration key’s settings, they may have been unwittingly using it for an extended period without realising they’ve lost access to its management account.
The good news is that there are solutions available to address this issue:
The first option involves transferring the integration key between production management accounts. However, there’s a requirement: The customer must provide written confirmation from both the original (current) management account and the destination management account, signed by user admins.
But what if the only admin user has left? In such cases, DocuSign permits organisation admins to act as the admin for the original management account. It’s important to note that the organisation must have a claimed domain, and the user who initially requested the Go-Live review must belong to the same domain.
The alternative option: When there’s no admin user present and no organisation in place, the only recourse is to generate a new integration key within your developer account. Subsequently, this key can undergo the Go-Live process and be promoted to a new production account.
The most effective approach to mitigating such issues depends on the scale of your organisation and the management of DocuSign accounts within your organisation. It’s prudent to contemplate the following recommendations for each DocuSign account utilised for both app development and production purposes:
Safeguard all integration key credentials, including secret and private keys, in a secure repository. This practice ensures continued usability of credentials even in scenarios where access to the management account is lost.
Establish an admin user on each account devoid of individual association, and securely manage its credentials to ensure access control.
Maintain a minimum of two admin users on each account to safeguard against potential departures from the organisation, ensuring continuity in administrative capabilities.
Employ a consolidated production account as well, exclusively designated for administrative purposes. Admin users within this account oversee the Go-Live process for every application your organisation promotes.
Utilise a unified developer account shared among your development team, assigning a distinct user for each developer.
Copyright FourierIT. 2020