In this article we will describe how to set up the DocuSign Spoke.



  1. You should have DocuSign Account
  2. ServiceNow Instance with DocuSign Spoke Installed 

Part 1:

Create an app in your DocuSign Account

  1. Login to your DocuSign Account
  2. Navigate to the Admin section & Click on API and Keys
  3. Click on ADD APP / INTEGRATION KEY button to create an Integration app
  4. Get hold of Integration Key & Secret Key
  5. Click on Add RSA Keypair & copy the Public, Private & Keypair ID into safer location
  6. Enter the value for Redirect URLs (e. g - 

Note: Make sure You select User Application as “Authorization Code Grant”

Part 2:

Generate the JKS File

  1. Copy the Private key that was generated from your DocuSign Integration app and make a new file privatekey.key with this private key.
  2. Create CA signed certificate using private key, please run the below command for this
 openssl req -new -x509 -key privatekey.key -out cacert.pem -days 1095 

          3. Create PKCS 12 file using your private key and CA signed certificate, please run the below command for this (Set the Password, whenever it asks) 

openssl pkcs12 -export -in cacert.pem -inkey privatekey.key -certfile cacert.pem -out testkeystore.p12 

          4. Now, Create the JKS file by running the below command 

keytool -importkeystore -srckeystore testkeystore.p12 -srcstoretype pkcs12 -destkeystore ranDocusign.jks -deststoretype JKS 

Part 3:

Create the oAuth Profile & JWT Provider in your ServiceNow Instance 

  1. Login to your ServiceNow instance
  2. Navigate to the System Definition -> Certificates & Click on New to create a New Certificate
  3. Select the Type to Java Key Store & Enter the password which created while Generating JKS file & Attach the JKS file
  4. Click on Validate Stores/Certificates link 
  5. Navigate to the System oAuth -> JWT Keys & create a new JWS Key
  6. Select the Previously created Cert for Signing Keystore & Enter the Signing Key
  7. Navigate to the JWT Providers -> Create new JWT Provider
  8. Select the Previously created JWT Key for Signing Configuration enter the appropriate values for Standard Claims & Create a new entry in Custom Claims & provide the value for scope. Click HERE for more info.
  9. Navigate to the System oAuth ->Application registries & create a new oAuth Profile
  10. Enter the ClientID & Client Secret which you have got from DocuSign Integrator app
  11. Provide the Auth URL as follows
  12. Provide the Token URL as follows
  13. Select the Default Grant Type as JWT Bearer
  14. Now, Save the record 
  15. Create the oAuth Entity Scope (Add your necessary scopes here) 

Part 4:

Obtaining Consent as Individual 

  1. Navigate to the System oAuth ->Application registries -> DocuSign oAuth & Create a new oAuth entity profile with Grant Type as Authorization Code under the oAuth entity profile related list
  2. Add the necessary scopes for this oAuth Profile as well.
  3. Navigate to the Connection & Credentials -> Credentials & Create new Credentials of type oAuth 2.0
  4. Select the oAuth Entity Profile created with Grant type as Authorization Code
  5. Now, Click on Get OAuth Token Link & enter your DocuSign Username & Password to provide the consent
  6. Now, Again Create a new credentials of type oAuth 2.0 & select the entity profile of type JWT Bearer
  7. Click on Get OAuth Link & You can see that oAuth Flow is completed successfully message. 

Part 5:

Obtaining Consent as Organization Admin 

  1. In case of Obtaining Organization Admin Consent for an application owned by your organization, please see the below link

Part 6:

  1. Create Credential records for the DocuSign Spoke as mentioned in the documentation HERE
  2. Create Connection records for the DocuSign Spoke as mentioned in the documentation HERE
  3. Configure DocuSign Webhook as mentioned in the documentation HERE

Article Information

Last Updated:2020-08-03 06:08:02