Issue
we are planning to sign up as DocuSign partner as we are building an integration (connector) to Docusign from our DMS software.
In this case, we go-live using the ISV partner account and manage the production integration key for our customers. So let's say we have 3 customers, this means we will have 3 unique production integration key based on our "SAAS pure multi-instance applications" architecture. This is true, right?
Our scenario is something like this: We have a customer with Business Pro plan with 5 users within the account. Our goal is that we can connect our DMS instance to this particular Business Pro account. Then, when the users send out documents for signing from our DMS, they can connect their individual account (i.e. one of the 5 user sub-accounts under this Business Pro account) so that the Docusign envelope sends via their individual account.
In our system, what we have done is that we captured these few parameters during setup: API Account ID, Integration Key, Secret Key. Can I confirm that via the partnership:
- API Account ID = [Taken from the ISV partner production account] (?? or should it be from the customer's Business Pro admin account)
- Integration Key = [Taken from the ISV partner production account]
- Secret Key = [Taken from the ISV partner production account]
Then for each user, the first time they try sending a document to sign, we will prompt them to connect/login to their own individual account. From there, our system can compute the access/refresh token for each of them. For subsequent signing requests, we will just used the stored access token stored on our system.
Based on our testing in development environment, if the DocuSign user is not under the account where API Account ID belong to, then he/she will get the message "The specified User is not a member of the specified Account". In this scenario, does it mean the API Account ID must be that of the customer's admin account?
Solution
A single IK (Integration Key) can be used for many customers using many different accounts as long as we're in the same environment (production vs. the developer env).
When you go-live you'll use a management production account, that account is just to store your IK and control/manage it.
Any user with any production account then use your IK to make API calls, if they give initial consent to your app.
Your integration code needs to know the accountId associated with the specific account that logged in to make API calls in order to complete these calls. Finding out the accountId is part of the OAuth process. The other part is finding the baseURI to make API calls to. That URI may be different for different customers.
Lastly, to make things even more complex, a user can be a member of two or more accounts. In that case, when they log in, you can get all these accounts and present a question to the user - which account would you like to use for this integration.
Answered By - Inbar Gazit Answer Checked By - Candace Johnson (PHPFixing Volunteer)
0 Comments:
Post a Comment
Note: Only a member of this blog may post a comment.