To securely send and receive documents between your Pega Platform application and DocuSign, configure an OAuth 2.0 authentication profile with the JWT bearer token grant type.
- Client ID
- Access token endpoint
- JWT profile
- RSA key pair
- In your DocuSign application, ensure that you add a redirect URI by using the following syntax: https://<host:port>/prweb/PRRestService/DocuSignService/v1/redirect
For more information, see your DocuSign developer documentation.
The following task describes how to create a
PKCS12 file by using OpenSSL. You can use a different method or
tool, such as Java KeyStore, to generate your own type of keystore file.
Convert your private key to a
.pfxfile that you use to configure a keystore rule in Pega Platform.
Save the private key in a file with a
.keyextension, for example,
Open a terminal window and enter the following command. Replace the file names in the command with your actual file names:
openssl req -out MyCSR.csr -key <MyPrivateKey.key> -new
openssl x509 -signkey <MyPrivateKey.key> -in MyCSR.csr -req -days 365 -out MyCustomCRT.crt
openssl pkcs12 -export -out MyCertificate.pfx -inkey <MyPrivateKey.key> -in MyCustomCRT.crt
After you run the command, the system prompts you to enter a password. This password is required to create a keystore in Pega Platform.
Create a keystore by using the
.pfxfile that you create in step 1. Ensure that you configure the following values:
For more information, see Creating a keystore for application data encryption and Configuring a keystore by uploading a file.
In the Keystore location field, select Upload file.
In the Keystore type field, enter PKCS12.
In the Keystore password field, enter the password that you used when you ran the command to convert the private key to a
Generate a JWT token profile. For more information, see Creating a generation JSON Web Token profile.For more information on the values to enter in the Claims section of the Token Profile rule form, see your DocuSign developer documentation.
Create an OAuth 2.0 authentication profile, and configure the following values:
For more information, see Configuring an OAuth 2.0 authentication profile.
In the Grant type list, select JWT bearer.
In the Client identifier field, enter the DocuSign integration key.
In the Access token endpoint field, enter the endpoint of the JWT access token that you obtained from the DocuSign authentication service.For more information, see your DocuSign developer documentation.
In the JWT assertion section, select Use JWT generation profile.
In the JWT generation template field, enter the JWT token profile you created in step 3.