Enable DocuSign Access for Third-Party Partners via Azure B2B (Entra) Guest Accounts
Hi Team,
We’re trying to enable DocuSign access for our third-party partners through the Azure B2B (Entra ID) guest account model. Our goal is to avoid creating local DocuSign accounts for partners due to governance and lifecycle management challenges.
Here’s our current setup and what we’ve tried so far:
Identity provider: Microsoft Entra (Azure AD)
DocuSign integration: Already enabled and working for internal employees and contractors (claimed domain)
Partner access model: Partners have Entra B2B guest accounts in our tenant
Feature enabled: “Allow account users with unclaimed domain email addresses log in using SSO” (Third Party Login)
Issue: When testing in our lower environment, the login process stops at the ACS URL (Assertion Consumer Service endpoint). It doesn’t proceed further or complete the SSO handshake.
We’ve reviewed the SAML configuration, but there’s no clear documentation on configuring DocuSign for B2B guest user access via Entra.
Has anyone successfully configured DocuSign to work with Azure B2B guest accounts? If so, could you please share any configuration steps, best practices, or documentation references?
Page 1 / 1
Hello @aju10141
Thank you for reaching out, and welcome to the Docusign Community! We appreciate your question and assure you that we are fully committed to providing you with the best service possible.
Domains must be claimed in our SSO setups, and we support this. If it is a custom configuration, I believe ProServ should support it.
If you found the response to be a useful solution to your question, please “like” and mark it as the best answer by clicking “Select as Best” to make it easier for other users to find. Thank you!
Sincerely,
Ma. Cassandra | Docusign Community Moderator If this helped, feel free to Like👍and click "Best Answer"
Hi @Ma.Cubio,
Thanks for your response!!
Seems there is an option to enable SSO for unclaimed domain email addresses as well (see below). I am exactly looking for the same.
Think about a scenario, My company would like to sign a contract with a Partner company (lets say xyz.com). I have invited xyz employee as a guest (with bob@xyz.com email) in my company (lets say abc.com) for MS teams access for file sharing. Now he require access to DocuSign as well and i don’t want to create his another account and password in DocuSign. Rather, i would like him to use his existing guest account (with bob@xyz.com email) and SSO for other applications access as well. My requirement is all authentications request should reach to abc.com tenant and without claiming each Partner domain in DocuSign, all guest users should be able to access my DocuSign instance.
DocuSign IDP:
Let me know your thoughts.
Hello @aju10141
Thank you for getting back to me. According to this article, to be eligible to log in with Third-Party Login, the user must be a member of an account within your organization and must be added to your identity provider (IdP). Once added, these users can log in to Docusign using your organization’s IdP. The important things to keep in mind:
The user must be added to the corporate account directly (it cannot be provisioned through the IdP). The user cannot be JIT-provisioned or created via SCIM (as both rely on claimed domains).
That option only works for IdP-initiated logins (where the user starts within the IdP). They do NOT work with SP-initiated logins (where the user begins on our login page). If a user starts on our login page, SSO will only be an option if their email address is on a claimed domain.
Please note that we can only provide general guidance and have resources available for setting up SSO and Identity Providers. If you need technical assistance or have more questions, the complexity of your issue may require Technical 3 Support or Proserv. If you have an enhanced plan with Docusign, we suggest opening a support case.
If you found the response a useful solution to your question, please “like” and mark it as the best answer by clicking “Select as Best” to make it easier for other users to find. Thank you!
Sincerely,
Ma. Cassandra | Docusign Community Moderator If this helped, feel free to Like👍and click "Best Answer"
Hello @aju10141
How are you? I'm just checking in to see if you still need help. If yes, please reply here with more context, or confirm if the issue has been resolved.
If you run into any problems, we're happy to help with those here. Wishing you a smooth rest of your day!
If you found the response to be a useful solution to your question, please “like” and mark it as the best answer by clicking “Select as Best” to make it easier for other users to find. Thank you!
Sincerely,
Ma. Cassandra | Docusign Community Moderator
If this helped, feel free to Like👍and click "Best Answer"
You can login or register as either a Docusign customer or developer. If you don’t already have a Docusign customer or developer account, you can create one for free when registering.
You can login or register as either a Docusign customer or developer. If you don’t already have a Docusign customer or developer account, you can create one for free when registering.
Back to Docusign.com
