JWT Authentication Failing After Integration Key Promotion - issuer_not_found Error

Question

Description:I'm unable to authenticate using JWT Grant with my promoted integration key in production. I receive an issuer_not_found error despite having the integration key properly configured.Configuration:Integration key was created in developer account and promoted to production using DocuSign's go-live process	Generated new RSA key pair in production	User Application setting: Yes	Authentication Method: Authorization Code Grant	Redirect URI: http://localhost:8080/callbackError:When attempting JWT authentication, I receive:{"error":"invalid_grant","error_description":"issuer_not_found"}Steps Attempted:Tried granting individual consent via multiple authorization URLs (both account.docusign.com and account-d.docusign.com)	All consent URLs fail with "The client id provided is not registered with Docusign"	Verified all User ID, Account ID, and Integration Key values match between production account and application configuration		Confirmed RSA key pair is properly configured			Attempted granting consent via authorization URL provided by Docusign support (Token endpoint: account-eu.docusign.com/oauth/token). Account-eu.docusign.com does not resolve in DNS either in USA or EU (attempted on 4 different devices, in 4 different global locations)	UPDATE: I've tested authorization from both US location (original) and EU location (IP 9.160.161.135). Both locations return the same error: 'The client id provided is not registered with Docusign.' This confirms the issue is NOT geo-routing.

Troy.Winterbottom · Answer

Hi.It looks like you are using incorrect URL’s for the account server, there is onlydemo: https://account-d.docusign.comproduction: https://account.docusign.comIf you cannot generate the consent URL, then either the client id you are using is incorrect, or the account server url is incorrect.It is documented here with examples:https://developers.docusign.com/platform/auth/consent/obtaining-individual-consent/First determine if this is working:An integration key identifies your integration and links to its configuration values.1. Open the Apps and Keys Page.2. Under My Apps / Integration Keys, select your App / Integration Key.Use the following consent URLs, just replace REPLACE_WITH_INTEGRATIONKEY with your integration keyDemohttps://account-d.docusign.com/oauth/auth?response_type=code&scope=signature%20impersonation&client_id=REPLACE_WITH_INTEGRATIONKEY&redirect_uri=http://localhost:8080/callbackProductionhttps://account.docusign.com/oauth/auth?response_type=code&scope=signature%20impersonation&client_id=REPLACE_WITH_INTEGRATIONKEY&redirect_uri=http://localhost:8080/callbackIf you get the following errors:The client id provided is not registered with Docusign.This means your integration key specified is wrong.

Sign up

You can login or register as either a Docusign customer or developer. If you don’t already have a Docusign customer or developer account, you can create one for free when registering.

Docusign Community

You can login or register as either a Docusign customer or developer. If you don’t already have a Docusign customer or developer account, you can create one for free when registering.

Scanning file for viruses.

This file cannot be downloaded