Skip to main content
arrow-left Back to Docusign.com
Question

Reuse Existing App and Integration Keys in Production for API Calls

  • March 26, 2025
  • 1 reply
  • 40 views
K
Newcomer
Forum|alt.badge.img

Hi everyone,

Just want to ask this question that’s been bugging me.

We currently have an existing package for Salesforce DocuSign Apps Launcher - DocuSign Negotiate and a DocuSign Plan (which I’m not sure of) cause it was purchased 4 years ago. When I tested the Docu Gen Api , it was working on our demo sandbox. But am not sure if that’s going to work in our current live production. 

So, my idea is -- can we use the existing apps and integration key that’s in our production right now for our custom api integration build or do we still have to go through the api go-live process where we have to push the integration keys from Developer to Production account? Appreciate all your inputs!

1 reply

Alexandre.Augusto
Docusign Employee
Forum|alt.badge.img+14

Hello, ​@kathcares 

 

What are the best practices for ISV applications regarding the creation and management of integration keys?

 

It is best practice for the creator (or owner) of an integration to create and manage any integration keys required to communicate with the Docusign system. For our Independent Software Vendors (ISVs), we recommend this practice for two reasons:

  1. The Go Live process was designed for developers, and end users who are required to Go Live in order to use software that they have purchased through an ISV often have no background in software development. Docusign Support has received significant feedback from users related to the challenges of taking an integration key live.
  2. When an ISV requires their customers to use their own integration key, it is often unclear whom to contact when an issue with an integration is surfaced, on the part of both the customer who is using the application and the Docusign Support team, who may need to refer the user to the application developer.
  3. ISV Partners, participating in the ISV Referral Program, should email their Partner Representative or submit a partner program support form to schedule an app review prior to the Go-Live process.

 

ISV SaaS applications that can secure their integration key and related secrets or RSA keys should use only one integration key for the application. This includes multi-tenant and multi-instance architectures.

Even if an instance of the application is dedicated to a single ISV customer, that instance should use the one integration key obtained by the ISV, so long as the integration key and its settings can be hidden from the ISV customer. For instanced applications, Docusign prefers that the ISV’s customer not have access to the integration key; it should be managed and controlled by the ISV.

If the ISV creates an instance of the application for a customer, and the customer has complete control over the instance and its settings, then the customer needs to create an integration key.

 

You can read the entire article about Docusign Develope FAQ - Go Live and Integration Keys.

 

I hope that helps, if so, I’d appreciate your Like.

 

Best,

Alexandre

Your feedback is very appreciated! You can give a Like and mark this answer as the "Best Answer" for your issue. DocuSign University http://dsucustomers.docusign.com
K
1 person likes this
  • K
    kathcares

Reply


Most helpful members this week

Code of Conduct

Docusign Community

Code of Conduct