Skip to main content
arrow-left Back to Docusign.com

I am looking to use DocuSign Connect to update the status of processes in Salesforce and, upon completion, save the signed PDF file in Salesforce.

While I've been able to update the status using the object mapping feature between DocuSign and Salesforce, I found it difficult to save the PDF file post-signature using this method.

To address this, I created a custom REST API in Salesforce and made it public via Salesforce Sites, allowing for public access to the API.

Initially, I considered OAuth 2.0 as a way to validate the source of the requests, which brings me to my main question: although DocuSign Connect supports the Client Credentials Grant flow of OAuth 2.0, Salesforce does not. As a result, I abandoned OAuth 2.0 for validation.

Instead, I implemented HMAC signature validation using the Connect Key, and Salesforce is now able to receive the requests.

Is my understanding correct that OAuth 2.0 validation cannot be used with DocuSign Connect when the recipient is Salesforce?

Reference: https://developers.docusign.com/platform/webhooks/connect/validation-and-security/oauth-connect/

 

@akip Typically we would suggest using the DocuSign Apps Launcher package. This is a package created by DocuSign and is used to send and sign envelopes from Salesforce. It also has built in status updates and data writeback to Salesforce. 

I did a general search and it from what I am able to find Salesforce doesn’t natively support OAuth 2.0 for the webhook mechanism itself but it might be possible.
One similar post seems to be here: https://salesforce.stackexchange.com/questions/332342/possible-to-authenticate-an-incoming-webhook-for-use-with-post-rest-service
I’m not seeing any specific examples but it seems like the question might be a better fit for Salesforce support to see if they have examples of using Oauth 2.0 with any other webhook service providers. 

Reply


Code of Conduct

Docusign Community

Code of Conduct