DocuSign Integrator key post go live issues

0
votes

we have implemented and successfully tested integration with demo account. After which we promoted the key to production. We are using authorization code grant and running into "invalid_grant" issue when attempting to get the access token.

I wanted to check if anyone else had these issues?

All of our environments: Dev, staging and production can successfully get the access token from demo environment but run into invalid_grant response with the production account.

I am trying to understand if there are steps I am missing after promotion. Here are steps taken after promotion: 1. Redirect URIs added. 2. Did not have to generate a new secret key, there was already a new secret key associated with integrator key in the production account. Using that secret key to generate authorization header. Any pointers would be highly appreciated. Thanks!

1
docusignapi
are you an administrator of your production account? can you log in there and check how your integration key is set? there is an option there for implicit grant vs. Auth Code Grant. Make sure it's the latter. Also, make sure you are using account.docusign.com and not account-d.docusign.com Finally, the clientSecret is the one from production, not the same one. You need to confirm you are using the correct clientSecret. Maybe just create a new one if you can. - Inbar Gazit
thanks for your response.. yes i validated and it is auth code grant.. secondly i am using the clientSecret that already existed in the promoted integrator key in production, i did not have to create a new one.. thirdly i am using account.docusign.com... some additional info - in the prod environment i see that a RSA keypair has also been added which is not something we configured in demo environment.. not sure if that has any impact? - theamateurcoder
RSA keyppairs are only if you use JWT - Inbar Gazit
not sure what you mean by " the clientSecret that already existed in the promoted". How did it got created? by you? I still worry you are using the demo clientSecret. Can you just try to create a new one and check? you need to make sure the clientSecret in your code is the same as in production, not demo. - Inbar Gazit
I mean when I look at the integrator key in production account, there already exists a secret key that I did not create. I am using that secret key and it is different compared to the secret key I see in demo. I will ignore the one that already exists in production and just create a new one. - theamateurcoder

1 Answers

0
votes

You need to create a new clientSecret in production yourself and make sure to update its value in your code. Secrets are different in the different environments, and DocuSign does not provision them for you. You can only view them at the time you provision them and if you try later - they do not show anymore.