Develop Reference

Post Go Live issue with Docusign using node.js

Here is my issue:
We integrated docusign in our application, server side with nodejs using this tutorial https://github.com/docusign/docusign-node-client ("OAuth JSON Web Token (JWT) Grant" section)
We have done the "Go Live Process": our application is registered in our production account
We have replaced the test config to the production config.
When we try to create an envelope, we get the following error:
PARTNER_AUTHENTICATION_FAILED: The specified Integrator Key was not found or is disabled. Invalid account specified for user
What am I doing wrong ?
async function docusignInit() {
var options;
var env = [40077,50077].indexOf(config.main.port) != -1 ? 'test' :'prod';
if (env == "test") {
options = {
basePath: restApi.BasePath.DEMO,
oAuthBasePath: oAuth.BasePath.DEMO
}
} else {
options = {
oAuthBasePath: "account.docusign.com",
// We called https://account.docusign.com/oauth/userinfo to found the uri
basePath:"https://eu.docusign.net/restapi/"
}
}
// in production, We must do
// var apiClient = new docusign.ApiClient(options.basePath);
// Otherwise, we get "Error: getaddrinfo ENOTFOUND undefined undefined:443"
var apiClient = new docusign.ApiClient(options.basePath);
var privateKeyFile = fs.readFileSync(`./server/docusign/keys/${env}/private.PEM`);
var res = await apiClient.requestJWTUserToken(config.docusign.integratorKey, config.docusign.userName, [oAuth.Scope.IMPERSONATION, oAuth.Scope.SIGNATURE], privateKeyFile, 3600)
var token = res.body.access_token;
apiClient.addDefaultHeader('Authorization', 'Bearer ' + token);
docusign.Configuration.default.setDefaultApiClient(apiClient);
await sendDocusign({
userId: 1,
firstName: 'foor',
lastName: 'bar',
email:'foo#bar;'
})
}
async function sendDocusign(role) {
var envDef = new docusign.EnvelopeDefinition();
envDef.emailSubject = 'Please signe this';
envDef.templateId = config.docusign.templateId;
var role = new docusign.TemplateRole();
role.roleName = "roleName";
role.clientUserId = role.userId;
role.name = role.firstName + " " + role.lastName;
role.email = role.email;
envDef.allowReassign = false;
envDef.templateRoles = [role];
envDef.status = 'sent';
var envelopesApi = new docusign.EnvelopesApi();
return await envelopesApi.createEnvelope(config.docusign.userAccountId, {
'envelopeDefinition': envDef
})
}

As you are able to generate AccesToken properly in PROD with PROD RSA KeyPair, so please check the endpoint which you using to make API calls to create an envelope. In demo it is always demo.docusign.net but in PROD it will be a different value depending on where you PROD account exists in the DocuSign data center. For instance if your PROD account is in NA1, then hostname will be will be www.docusign.net; if it is NA2 then hostname will be na2.docusign.net etc.
So it is recommended to make a /userinfo API call with the Access token to know the baseURI to make calls related to envelope. To get the base URI, call the /oauth/userinfo endpoint, supplying your application’s access token as a header.
For the developer sandbox environment, the URI is
https://account-d.docusign.com/oauth/userinfo
For the production environment, the URI is
https://account.docusign.com/oauth/userinfo
Documentation related to /userinfo API call is available here. Once you know you BaseURI then append this baseURI with envelopes related endpoint like below:
{base_uri} + "/restapi/v2.1/accounts/" + {account_id}

considering your error seems that you're missing the integratorKey or you're writing it in the wrontg way. According to that LINK is possible that you miss the brackets inside the intregrator key?
The integrator key must be placed in front of the user ID that is in
the Username node of the UsernameToken. The integrator key must be
wrapped with brackets, “[ and ]”.
An example of the api in the above documentation:
<soap:Header>
<wsa:Action>http://www.docusign.net/API/3.0/GetRecipientEsignList</wsa:Action>
<wsa:MessageID>uuid:3f9d7626-c088-43b4-b579-2bd5e8026b17</wsa:MessageID>
<wsa:ReplyTo>
<wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous</wsa:Address>
</wsa:ReplyTo>
<wsa:To>http://demo.docusign.net/api/3.0/api.asmx</wsa:To>
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp wsu:Id="Timestamp-8838aa24-9759-4f85-8bf2-26539e14f750">
<wsu:Created>2006-04-14T14:29:23Z</wsu:Created>
<wsu:Expires>2006-04-14T14:34:23Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-7c7b695e-cef7-463b-b05a-9e133ea43c41">
<wsse:Username>[Integrator Key Here]2988541c-4ec7-4245-b520-f2d324062ca3</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
<wsse:Nonce>SjlScsL5q3cC1CDWrcMx3A==</wsse:Nonce>
<wsu:Created>2006-04-14T14:29:23Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>

Create Envelope Issue

Envelope creation was working well on the sandbox environment.
After I made the integrator key live, and used it with live account, I am getting following error:
{"Error calling CreateEnvelope: "}
I am currently use Rest Api of Docusign.
I am able to successfully create an envelope from postman.
But I am unable from my application
Sample Code:
ApiClient apiClient = Configuration.Default.ApiClient;
string authHeader = "{\"Username\":\"" + username+ "\",
\"Password\":\"" + password+ "\",
\"IntegratorKey\":\"" + IntegratorKey + "\"}";
Configuration.Default.AddDefaultHeader("X-DocuSign-Authentication", authHeader);
AuthenticationApi authApi = new AuthenticationApi();
LoginInformation loginInfo = authApi.Login();
EnvelopeDefinition def = new EnvelopeDefinition();
def.Status = "sent";
def.EmailBlurb = "Body";
def.EmailSubject = "Subject";
def.TemplateId = “TemplateId”;
def.TemplateRoles = new List<TemplateRole>()
{
new TemplateRole {
Email = "test#test.com",
Name = "test test",
RoleName = "all"
}
};
EnvelopesApi envelopesApi = new EnvelopesApi(loginInfo.LoginAccounts[0].BaseUrl);
envelopesApi.CreateEnvelope(loginInfo.LoginAccounts[0].AccountId,def);

If your app was really truly working via the demo environment, then there are only a couple of issues involved in moving to production.
Your integration key needs to be promoted to the production platforms.
You need a user name (email) and password from a production account.
You need to choose the right production platform for your API calls.
Choosing the right production platform
See the docs. You need to determine which production platform the user's account is on. This can be done dynamically or statically.
The name of the platform determines the URL used for API calls.

How to retrieve production environment endpoint

I've certified my integrator key last week and it was confirmed to go "live" last friday.
Reading this documentation, I now need to determine which production site I am linked to. The problem is that when I follow the instructions, I can't see which site I am linked to :
*The {SERVER} value is determined by where your DocuSign Production account resides.
The easiest way to determine this is to login to your Production DocuSign account and
examine the prefix of the URL. For example, if the URL is:
https://na2.docusign.net/Member/Home.aspx, then replace {SERVER} with “na2” to find
your Production endpoints.
Any help would be appreciated
is there a way to retrieve the Production URL from an envelope ?
envelopeApi.GetEnvelope() ?

Use the Login_Information API to retrieve your BaseUrl.
Here is the code using the C# SDK
string _username = "<Add your User Name>";
string _password = "<Add your Password>";
string _integratorKey = "<Add your Integrator Key>";
string DOCUSIGN_URI = "https://www.docusign.net/restapi";
string _authHeader;
public string Init()
{
_authHeader = "{\"Username\":\"" + username + "\", \"Password\":\"" + password + "\", \"IntegratorKey\":\"" + integratorKey + "\"}";
// initialize client for desired environment (for production change to www)
ApiClient apiClient = new ApiClient(DOCUSIGN_URI);
Configuration.Default.ApiClient = apiClient;
Configuration.Default.AddDefaultHeader("X-DocuSign-Authentication", _authHeader);
// we will retrieve this from the login API call
string accountId = null;
/////////////////////////////////////////////////////////////////
// STEP 1: LOGIN API
/////////////////////////////////////////////////////////////////
// login call is available in the authentication api
AuthenticationApi authApi = new AuthenticationApi();
LoginInformation loginInfo = authApi.Login();
// parse the first account ID that is returned (user might belong to multiple accounts)
accountId = loginInfo.LoginAccounts[0].AccountId;
string baseUrl = loginInfo.LoginAccounts[0].BaseUrl;
// Update ApiClient with the new base url from login call
apiClient = new ApiClient(baseUrl);
return accountId;
}

Unable to test docusign in SOAPUI

I ma trying to test docusign REST API using soapui. But it throwing an error
{
"errorCode": "PARTNER_AUTHENTICATION_FAILED",
"message": "The specified Integrator Key was not found or is disabled. An Integrator key was not specified."
}
I have an demo account and integration key setup. Please help.
Thanks
Bharat

Looks like you are specifying the wrong integrator Key.
If you are using the legacy authentication Header, make sure you are passing it as follows.
<DocuSignCredentials>
<Username>developer#example.com</Username>
<Password>S3cre+p455w0Rd</Password>
<IntegratorKey>your integrator key</IntegratorKey>
</DocuSignCredentials>'
If you are using oAuth. Look at this documentation.

Using Json via Rest API at https://demo.docusign.net/restapi/v2 , always remember to include below code for all your requests to DocuSign.
string authHeader = "{\"Username\":\"" + _username + "\", \"Password\":\"" + _password + "\", \"IntegratorKey\":\"" + _integratorKey + "\"}";
WebRequest req = WebRequest.Create(url);
req.Headers.Add("X-DocuSign-Authentication", authHeader);

Docusign Signing Groups

I created an account in the Docusign Sandbox to evaluate the product. My main goal is to create a signing group but before that I would like to get the list of signing groups with RestSharp.
[EDIT]
docusign.configureApiClient("https://demo.docusign.net/restapi");
var login = docusign.LoginDocusign(USERNAME, PASSWORD);
var client = new RestClient(login.BaseUrl);
var request = new RestRequest("signing_groups", Method.GET);
string authHeader = "{\"Username\":\"" + USERNAME + "\", \"Password\":\"" + PASSWORD + "\", \"IntegratorKey\":\"" + INTEGRATOR_KEY + "\"}";
request.AddHeader("X-DocuSign-Authentication", authHeader);
IRestResponse response = client.Execute(request);
var content = response.Content;
Debug.WriteLine(content);
However the content returns
error code : "ACCOUNT_LACKS_PERMISSIONS"
message: "This Account lacks sufficient permissions."
I thought demo accounts have almost the same permissions as a premium account. Is there a setting somewhere to enable this?
I am certain that the authentication is correct when I request for list of groups, the content returns all of my groups.
var request = new RestRequest("groups", Method.GET);

I'm not familiar with RestSharp, but my suspicion is that there's a problem with the request.
To diagnose: first start with making a call to DocuSign and use the Request Log facility to see what is being sent.
If the incoming request can't be matched to your account, or fails some initial filters, then the request will not reach your account. In that case, use requestb.in (free) to see what you're sending.
Also, I don't see where you are requesting the accountId and base URL from DocuSign. (Using https://demo.docusign.net/restapi/v2/login_information)
That's the first step for an API integration since you can't predict which platform the user's account is running on.