Configuring DocuSign App Password for an Advisor Account
Overview
This guide explains how to securely connect your DocuSign credentials with Docupace using an App Password. Once integrated, your name appears in the notification emails sent to signees through DocuSign.
Feature: Docupace can configure your site to use your email in the Reply-To field of DocuSign notifications. Submit a support request to enable this feature.
Previously, applications such as Docupace connected to your DocuSign account using either your username and password or the credentials of a designated admin account. This latter method is known as "Send on Behalf of" (SOBO). However, DocuSign is phasing out both SOBO and the use of common passwords between the DocuSign portal and third-party applications. Moving forward, you will need to use App Passwords - separate, secure credentials created specifically for connecting third-party apps like Docupace.
For DocuSign to function properly, you must include the values for DocuSign User, DocuSign Password, and DocuSign Account in the User Access (300) domain. If credentials in the User Access record are missing or incomplete, the system falls back to alternate domains: the Entity (223) domain or the eSign Credentials (284) domain.
When Docupace sends a Work Item to eSign, it determines which credentials to use based on the following priority:
eSign Credentials (Domain 284):
If the Work Item's Vendor (Client Subfolder) has an entry in this domain, those credentials will be used.
User Access (Domain 300):
If there is no entry in Domain 284, the system checks for a matching user record in Domain 300:
If DocuSign User ID, Account ID, and Password are present, the system uses these credentials directly.
If only the DocuSign User ID is present, the system performs a Send on Behalf Of (SOBO) request using the admin account configured in the Entity (223) domain and the DocuSign User ID.
Entity (Domain 223):
If valid credentials are not found in Domains 284 or 300, the system defaults to the admin account credentials configured in Domain 223.
Steps 2 and 3 of this process can be summarized according to this table:
DocuSign User field in the User Access record | DocuSign Password field in the User Access record | What the system will use |
|---|---|---|
|
| Use User Access credentials |
|
| Use Entity (223) credentials |
|
| Use Entity credentials and send on behalf of the specified user |
|
| Error – eSign transaction will fail |
Audience: Advisors or Site Administrators
Feature: DocuSign is one of the eSign integrations available in Docupace. Emails to clients will originate from DocuSign, but can include Advisor’s name in the notification email and in the Reply To field.
Generating Your DocuSign App Password
To continue using your DocuSign-Docupace integration, you must generate an App Password from your DocuSign profile.
First, you must log into DocuSign and generate an App Password:
How to Add an App Password to Docupace
Once you've generated your DocuSign App Password, you must add it to the correct domain in Docupace, based on your site's DocuSign configuration.
Scenario 1: Each User Has Their Own DocuSign Account
If each user has a unique DocuSign account, they need to generate their App Password and add it to their User Profile.
Scenario 2: Your Site Uses a Single Enterprise DocuSign Account
An admin must configure the credentials at the site level if your organization uses a shared DocuSign account (including vendor-provided ones like Schwab or Fidelity).