Skip to main content
arrow-left Back to Docusign.com
Sticky

November Developer Ask Me Anything (AMA): Authentication and Access Tokens

  • October 28, 2025
  • 3 replies
  • 903 views
Cassandra.Grey
Docusign Employee
Forum|alt.badge.img+3

Hey developers! Have questions about which OAuth grant to use? Trying to get an access token to test our APIs?

This month’s AMA is all about OAuth 2.0 authentication at Docusign.

The thread is open now through November 25—comment with  your question and I’ll get right back to you (I’m a Senior Programmer Writer at Docusign).

To make this more fun, when you add a question, you’ll be automatically entered to win a$100 non-branded gift of your choice from Loop & Tie 🎁

Topic for this AMA: Authentication and access tokens

OAuth authentication is the foundation for any Docusign API app: without implementing OAuth, your app cannot make calls to Docusign API. But OAuth is complicated, with many different types to choose from, different requirements for each, and multiple separate steps. 

Choosing the wrong kind of OAuth for your app can compromise security, create a frustrating experience, and cause you to waste a lot of time troubleshooting. 

If you have questions about OAuth at Docusign, have been struggling with getting an access token, or are wondering which grant to use, this AMA is for you.

Ask me about:

  • Which type of OAuth to use for your app
  • Concepts of OAuth at Docusign
  • How to get access tokens
  • How to get and use refresh tokens
  • Access token lifecycle and best practices

👉 Add your question in a comment below.

🎁 How we’ll pick the winner

On November 25, we’ll review all AMA questions and choose one winner based on the relevance, quality, and clarity of their question, as well as any thoughtful follow-up replies to it.

We’re looking for questions or comments that add real value to the discussion—maybe you framed a challenge other developers can relate to or shared an example others can learn from.

What you might win

A $100 non-branded gift of your choice from a Loop & Tie prize collection—think wine samplers, plant sets, charcuterie boards, and more. The winner will receive a link to the collection of items that can be shipped to your door.  

Terms & conditions

Contest open to Docusign Community members aged 18+ unless prohibited by law. Individuals who are employed by, or affiliated with, United States federal, state or local government agencies or organizations, and residents of China, Taiwan, Iran, North Korea, Russia, Ukraine and Belarus are not eligible to receive prizes (but are welcome to share their story and inspire others). To enter, follow the instructions above. One entry per person. No cash alternative for prize. Prize is non-transferable. Winner will be notified by email within five (5) days of contest end.

Inbar.Gazit
paige.rossi
leah.breen

3 replies

Cassandra.Grey
Docusign Employee
Forum|alt.badge.img+3
  • Cassandra.GreyDocusign Employee
  • Author
  • Docusign Employee
  • November 7, 2025

Hi Docusign developers! I’m looking forward to taking your questions and chatting with you all about authentication this month! Here are a few resources on the topic to help spark your ideas:

Inbar.Gazit
JohnSantos
J
Active Voice
Forum|alt.badge.img+1
  • JustSanchActive Voice
  • Active Voice
  • November 18, 2025

I'm completely new to programming and this is literally my first ever web development project. I decided to build something that integrates with DocuSign, but I'm realizing I may have bitten off more than I can chew with OAuth! 

My situation: I'm trying to build my first web application where users can send documents through DocuSign. I've been following some basic tutorials to get started, but when I got to the authentication part, I hit a wall. I have no idea what OAuth even means beyond "it's how apps connect to other apps."

My very beginner questions:

  1. I keep seeing terms like "Authorization Code Grant" and "JWT Grant" - as someone who's never done this before, which one should I even attempt to learn first?
  2. Do you have any resources specifically for complete beginners? Most of the documentation assumes I know things that I definitely don't know yet.
  3. Am I crazy for trying to integrate with DocuSign as my first project, or is this actually doable for a total newbie?
leah.breen
Cassandra.Grey
J
Cassandra.Grey
Docusign Employee
Forum|alt.badge.img+3
  • Cassandra.GreyDocusign Employee
  • Author
  • Docusign Employee
  • November 18, 2025

 

I'm completely new to programming and this is literally my first ever web development project. I decided to build something that integrates with DocuSign, but I'm realizing I may have bitten off more than I can chew with OAuth! 

My situation: I'm trying to build my first web application where users can send documents through DocuSign. I've been following some basic tutorials to get started, but when I got to the authentication part, I hit a wall. I have no idea what OAuth even means beyond "it's how apps connect to other apps."

My very beginner questions:

  1. I keep seeing terms like "Authorization Code Grant" and "JWT Grant" - as someone who's never done this before, which one should I even attempt to learn first?
  2. Do you have any resources specifically for complete beginners? Most of the documentation assumes I know things that I definitely don't know yet.
  3. Am I crazy for trying to integrate with DocuSign as my first project, or is this actually doable for a total newbie?

Hi JustSanch, thanks for reaching out! Building something to implement OAuth is pretty ambitious for a beginner, but it’s entirely possible. I’d definitely recommend checking out our Quickstart, if you haven’t already. It’s an example project that demonstrates basic implementations of many Docusign flows, including OAuth, in a programming language of your choice, that comes pre-configured for your account settings. It should be a good model of how Authorization Code Grant and JWT can be implemented, and you can take and use pieces of it for your own app if you want.

  1. For your first app, Confidential Authorization Code Grant is a good place to start for learning the basics of how OAuth works. It’s simpler than JWT and I’d consider it more general-use. Ultimately, the choice of which type of OAuth to use is driven by how your users will interact with your app. 
  2. If you’re looking for basics on how to create an account, configure your first app, and get definitions of some of the basic terms for working with Docusign, I’d check out Build a Docusign Integration and Configure your app. After that I’d recommend generating a Quickstart implementation and looking at the code for getting to see some programmatic examples of how to authenticate and make API calls.
  3. This one is hard to answer because I think it depends on what you want your Docusign integration to do. Implementing something simple should be entirely possible, but there are a lot of things the platform can do and some implementations can get pretty complex.

 

leah.breen
Code of ConductAccessibility statement

Docusign Community

Code of Conduct