Dosusign Spoke and setting the Access code
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-09-2025 07:10 AM
We've configured the spoke action "Add Recipient to Envelop" to contain an access code. In Docusign, an access code can be set on a document to verify the identity of the person before they are allowed to view or sign the document. The action "Add Recipient to Envelop" does add the recipient to the envelope and allows you to specify an access code but the access code is not set on the document even though the API call was successfully made to DocuSign.
I created a support case with Docusign and asked why the access code is not set. They told me that the API call used to set the "access code" field on the spoke really sets a something else called a "one time passcode", which is part of a different set of features under Universal Signature. Here's a snippet of the request body that is sent to DocuSign from this spoke action:
[{"signatureProviderName":"UniversalSignaturePen_OpenTrust_Hash_TSP","signatureProviderOptions":{"oneTimePassword":"8888"}}
DocuSign then said that setting the access code for the recipient is done through a similar endpoint but using the "accessCode" parameter in the REST message when sending the recipient details. I created a custom action in Flow Designer to test the idea put forward by DocuSign support and sure enough, the end point and example request body provided by DocuSign support does set the access code as we expected. DocuSign support said that the Universal Signature is a different option that mostly used in the EU for added security.
I brought this information back to ServiceNow support and made the claim that 1. The universal Signature options used in the out of box spoke action did not set any sort of authentication that we could see and 2. The term access code is being used in the spoke to set a one time password and it wasn't clear that setting "access code" doesn't actually set the "access code". They seemed to believe that the Universal Signature options do work on their spoke action (I couldn't verify that in our setup for production or development) and they said I could submit an enhancement request to clear up the "access code" terminology.
Here's the question. Is anyone using the Dosusign Spoke action "Add Recipient to Envelop" with the access code option and does it provide any level of added security? that would be helpful because it's possible we're not licensed for that in Docusign. I don't know the details of licensing for Docusign but it never worked for me unless I used the custom action I created with the information from DocuSign support.
