JWT Auth Flow

[rpf3]

I'm trying to work through setting up JWT authentication and your documentation here says that the function sendJWTTokenRequest can be used to automate JWT auth. However, it does not seem like this function is made available as one of the exports of the ApiClient module.

The DocuSign documentation and tutorial I linked above describes how to authenticate if you are signing your own JWT and the presenting it to the DocuSign API. My understanding is that this should be possible by then uploading the RSA public key used to sign the token into my DocuSign integration application. The only JWT token requests I can see exported from the ApiClient both require me to provide my private key to the function and then will generate the JWT internally to the SDK.

Am I missing something in this apparent conflict between the DocuSign documentation and the actual source code?

In addition, I don't see all of the exports in the source code listed on the documentation here. Is this out of date?

[pablomdstest]

Hello rpf3,

Thank you for contacting DocuSign Customer Support regarding JWT integration.
Reviewing this topic from one of our supervisors, we can see that actually this method sendJWTTokenRequest is not there anymore, we have go through the different pages, SDK, node and examples and references as  below:

https://developers.docusign.com/docs/esign-rest-api/sdk-tools/?elqCampaignId=27146&utm_source=google&utm_campaign=developer_api_primary&utm_medium=cpc&utm_content=sitelink&sitelink=API_SDKs&gclid=Cj0KCQjw1ZeUBhDyARIsAOzAqQILGumavem50k0cMsTKMnQmsltuzRQYA5NOzZfUk7ZZRoqAhk8sO0gaAkoKEALw_wcB

If you go to SDK, node, there is the Reference and that method is not listed there, is should be, because it's auto generated,
but it isn't. So we have found this approach checking the Github examples as in this link:

 https://github.com/docusign/docusign-esign-node-client

And in this other link that one of my colegues gave me, stays in line 94 how to actually call the method
to ge the token, we will need to use requestJWTUserToken instead of sendJWTTokenRequest:

dsApi.requestJWTUserToken(dsConfig.dsClientId

https://github.com/docusign/code-examples-node/blob/master/lib/DSJwtAuth.js#L94

Here you will find the methods the updated methods:

https://docusign.github.io/docusign-esign-node-client/

I know it could be a little bit hard to keep changing code from time to time, it happens to me a lot and more
if it's javascript base, that keep updating always because of speed and security.

I am sending the Email, comment and will try to update the github feed, as is our procedure.

Let's check on this, and if you have any other question let me know.

Best regards,

Pablo | DocuSign Customer Support

[rpf3]

Thanks for the response @pablomdstest, the example code you sent uses the function requestJWTUserToken which requires a parameter of the private key which will be used to sign the JWT created by your SDK. What I am trying to accomplish is to generate my own signed JWT outside of your SDK and then call your API to get a token. The reason for this is that securing a private key is a layer of complexity and security that I planned to offload to a different service which will then sign my JWT for me.

Would it not be possible to simply expose sendJWTTokenRequest on the ApiClient object? I'd be happy to open a PR if that's something you'd be interested in implementing.

[acooper4960]

hello @rpf3 I have created a ticket for our team to take a look at exposing this function.

[rpf3]

@acooper4960 thanks for the update. Would this be across your SDKs or just for the node package? I have a different service looking into the C# package and it does not seem to be possible with that either. If not I can raise a separate issue on that repository.