Summary
In this article we will describe how to set up the DocuSign Spoke.
Instructions
Pre-Requisite:
- You should have DocuSign Account
- ServiceNow Instance with DocuSign Spoke Installed
Part 1:
Create an app in your DocuSign Account
- Login to your DocuSign Account
- Navigate to the Admin section & Click on API and Keys
- Click on ADD APP / INTEGRATION KEY button to create an Integration app
- Get hold of Integration Key & Secret Key
- Click on Add RSA Keypair & copy the Public, Private & Keypair ID into safer location
- Enter the value for Redirect URLs (e. g - https://yourinstancename.service-now.com/oauth_redirect.do)
Note: Make sure You select User Application as “Authorization Code Grant”
Part 2:
Generate the JKS File
- Copy the Private key that was generated from your DocuSign Integration app and make a new file privatekey.key with this private key.
- Create CA signed certificate using private key, please run the below command for this
openssl req -new -x509 -key privatekey.key -out cacert.pem -days 1095
3. Create PKCS 12 file using your private key and CA signed certificate, please run the below command for this (Set the Password, whenever it asks)
openssl pkcs12 -export -in cacert.pem -inkey privatekey.key -certfile cacert.pem -out testkeystore.p12
4. Now, Create the JKS file by running the below command
keytool -importkeystore -srckeystore testkeystore.p12 -srcstoretype pkcs12 -destkeystore ranDocusign.jks -deststoretype JKS
Part 3:
Create the oAuth Profile & JWT Provider in your ServiceNow Instance
- Login to your ServiceNow instance
- Navigate to the System Definition -> Certificates & Click on New to create a New Certificate
- Select the Type to Java Key Store & Enter the password which created while Generating JKS file & Attach the JKS file
- Click on Validate Stores/Certificates link
- Navigate to the System oAuth -> JWT Keys & create a new JWS Key
- Select the Previously created Cert for Signing Keystore & Enter the Signing Key
- Navigate to the JWT Providers -> Create new JWT Provider
- Select the Previously created JWT Key for Signing Configuration enter the appropriate values for Standard Claims & Create a new entry in Custom Claims & provide the value for scope. Click HERE for more info.
- Navigate to the System oAuth ->Application registries & create a new oAuth Profile
- Enter the ClientID & Client Secret which you have got from DocuSign Integrator app
- Provide the Auth URL as follows https://account-d.docusign.com/oauth/auth
- Provide the Token URL as follows https://account-d.docusign.com/oauth/token
- Select the Default Grant Type as JWT Bearer
- Now, Save the record
- Create the oAuth Entity Scope (Add your necessary scopes here)
Part 4:
Obtaining Consent as Individual
- Navigate to the System oAuth ->Application registries -> DocuSign oAuth & Create a new oAuth entity profile with Grant Type as Authorization Code under the oAuth entity profile related list
- Add the necessary scopes for this oAuth Profile as well.
- Navigate to the Connection & Credentials -> Credentials & Create new Credentials of type oAuth 2.0
- Select the oAuth Entity Profile created with Grant type as Authorization Code
- Now, Click on Get OAuth Token Link & enter your DocuSign Username & Password to provide the consent
- Now, Again Create a new credentials of type oAuth 2.0 & select the entity profile of type JWT Bearer
- Click on Get OAuth Link & You can see that oAuth Flow is completed successfully message.
Part 5:
Obtaining Consent as Organization Admin
- In case of Obtaining Organization Admin Consent for an application owned by your organization, please see the below link
Part 6: