Skip to main content
arrow-left Back to Docusign.com
Question

Docusign JWT OAuth Consent: Is it Permanent or Does it Expire?

  • June 19, 2025
  • 2 replies
  • 76 views
S
Newcomer
Forum|alt.badge.img

Hello,

I’d like to integrate JWT authentication to access the DocuSign API from my server.

I understand that, on first use, I need to accept a consent request by visiting a URL like:
https://account-d.docusign.com/oauth/auth?response_type=code&scope=signature impersonation&client_id=CLIENT_ID&redirect_uri=https://www.docusign.com

My question is:
Once I’ve granted this consent, is it valid indefinitely as long as I don’t change the client_id? Or do I need to repeat this consent step periodically (e.g., when the token expires or per session)?

Thanks for your help!

2 replies

JohnSantos
Guru
Forum|alt.badge.img+19
  • JohnSantosGuru
  • Guru
  • June 19, 2025

@StelDev 

Once user consent is granted via the consent URL for JWT authentication, it does not need to be repeated. However, user consent is independent of token expiration. The JWT token you generate is valid for a short time (typically 1 hour).  You will need to refresh your token.  You can safely generate a new token anytime; you don’t need to wait for the old one to expire.

Welcome to the DocuSign Community! Your feedback is highly valued. If you find my response helpful, please give it a "Like" and consider marking it as the "Best Answer" to assist others with similar issues.
D
Docusign Employee
Forum|alt.badge.img

@StelDev the consent is in force until the user revokes it.

By the way, obtaining consent as documented is merely running the first portion of the Authorization Code Grant flow. More information is in the blog post below.

https://www.docusign.com/blog/developers/demystifying-docusign-authentication

Code of ConductAccessibility statement

Docusign Community

Code of Conduct