Integrate with Docusign at Organization level

  • リリースバージョン: Australia
  • 更新日 2026年03月12日
  • 所要時間:20分

    • Integrating your Software Asset Management application with the Docusign service at the organization level enables you to track your software subscriptions and envelope consumption data.

    注:
    Integration with Docusign at the organization level is done using the Data feed API, so the user's last activities aren’t tracked as part of this integration.

    For more information about the Docusign service, see the DocuSign Developer site.

    重要:
    Minimize security risks and protect information by granting access only to the necessary user or API permissions.
    表 : 1. Minimal user permissions
    Process Required user role in the Docusign application Authentication scopes
    Download subscriptions admin No scopes
    Download consumption admin No scopes

    This process is applicable for Zurich patch 4, Software Asset Management - SaaS License Management (sn_sam_saas_int) 16.0.8, and Software Asset Management (sn_itam_samp) 2.1.0 version onwards.

    Register a Docusign application

    Register a Docusign application through the Docusign admin portal.

    始める前に

    Docusign Role required: admin

    手順

    1. Log in to your Docusign demo (non-production) account.
      You can use any subaccount for logging in that is later promoted to the corresponding production account.
    2. Go to the Admin tab.
      • If you already have an API integration key from a previous integration ready for use in production, skip to step 14.
      • If you don't have your API integration key saved, you must generate a new one.
    3. On the side navigation pane, select Account Profile and copy the Organization ID to secure it for later use.
    4. Navigate to INTEGRATIONS > Apps and Keys.
    5. In the Apps and Integration Keys section, select Add App and Integration Key.
    6. On the Add Integration Key form, enter a unique name for your application in the App Name field and select CREATE APP.
      重要:
      You must request the Docusign support team for enabling the Data feed API on the integration key that you’re generating. If you’re using an Enterprise Pro plan, the Data feed API is free for you with organization management. If you’re using a low-tier plan, you can opt for organization management as an add-on. For further information, contact the Docusign support team.
    7. Copy the value of the Integration Key and secure it for later use.
    8. On the profile page of your application, select Third-party integration key in the Integration Type field.
    9. Select Save.
    10. Locate the application that you have created in the App Name list.
    11. Select Actions > Select Go-Live account.
      A window pops up prompting you to enter the credentials for your Docusign production account.
    12. Enter the Docusign production account credentials to which you want to promote your integration key.
      The Go Live Status field changes to Pending approval.
    13. After the integration is approved, the Go Live Status changes to View in production.
    14. Log in to your Docusign production account and verify that the same integration key is present in the production account.

    Generate RSA keypair for Docusign integration

    Generate RSA keys to integrate the Docusign application with your ServiceNow instance.

    始める前に

    Docusign requirements:
    • Docusign account
    • Docusign app configured to integrate with ServiceNow
    • Role required: Docusign administrator

    このタスクについて

    The integration of Docusign at the organization level enables access to all subaccounts using a single integration key generated in any one subaccount.

    手順

    1. Log in to your Docusign production content account.
    2. Go to the Admin tab.
    3. Navigate to INTEGRATIONS > Apps and Keys.
    4. Next to your application, select Actions > Edit.
    5. Select Generate RSA and save the Key Pair ID, Public Key, and Private Key for later use.

    Generate a Java Key Store certificate

    Generate a Java Key Store (JKS) certificate for the JSON Web Token (JWT) authentication of your Docusign integration profile.

    始める前に

    Role required: admin

    手順

    1. Open a text editor for code, such as Sublime Text, and create a file.
    2. Paste the Private key that you had generated from your Docusign integrator app.

      For more information, see Generate RSA keypair for Docusign integration.

      注:
      Make sure to include both the beginning and ending of the private key.
    3. Save the file with the .key extension.
      For example, privatekey.key.
    4. Open the command line interface (CLI) and navigate to the directory where you saved the file with the .key extension.
    5. Create a CA signed certificate using your private key by executing the command: 
      openssl req -new -x509 -key <file-name>.key -out <certificate-name>.pem -days 1095
      You're prompted to provide details such as country name and province name.
    6. Enter the required details.
    7. Create a PKCS 12 file using your private key and CA signed certificate by executing the command: 
      openssl pkcs12 -export -in <certificate-name>.pem -inkey <file-name>.key -certfile <certificate-name>.pem -out <PKCS-12-file-name>.p12
      You're prompted to provide a password for the file.
    8. Enter the export password or the source keystore password.
    9. Create the JKS file by executing this command: 
      keytool -importkeystore -srckeystore <PKCS-12-file-name>.p12 -srcstoretype pkcs12 -destkeystore <JKS-certificate-filename>.jks -deststoretype JKS
      You're prompted to provide a password for the JKS file.
    10. Provide the same password for the destination and source keystore passwords.

    Create a Docusign integration profile at Organization level

    Create an integration profile to track software subscriptions and optimize licensing for the Docusign service.

    始める前に

    To create a Docusign integration profile, request the Software Asset Management - SaaS License Management plugin (sn_sam_saas_int) from the ServiceNow Store.

    ServiceNow Role required: sam_integrator

    このタスクについて

    An organization level integration profile uses the Docusign Data feed API that retrieves detailed subscription and consumption data across an entire organization. It aggregates data from all subaccounts under an organization, offering a centralized view of envelope activity and usage.

    If you’re using Software Asset Workspace, the option to create the Docusign integration profile in Core UI is inactive.

    手順

    1. Navigate to the integration profile.
      InterfaceAction
      Core UI
      1. Navigate to All > Software Asset > SaaS License > Direct Integration Profiles.
      2. Select New.
      3. Select DocuSign Integration Profile.
      Software Asset Workspace
      1. Navigate to License operations > User Subscriptions > Direct integration profiles.
      2. Select New.
      3. Select DocuSign from the drop-down list.
      4. Select Continue.
    2. On the form, fill in the fields.
      表 : 2. Integration Profile form
      Field Description
      Display name Name of the integration profile. For example, DocuSign Integration
      Integration type The default value is set to Organization Level.
      Contract start date The date on which the contract agreement became effective.

      This date is not same as the date when your Docusign account was created.
      Profile type Type of integration profile. This value is automatically set to DocuSign Subscription.
      Organization Id The organization ID to which this account belongs.

      You can find this value in your Docusign account on the Admin tab. Navigate to Account Profile and copy the Organization ID.

      Docusign account profile highlighting the Organization ID
      Renewal period (months) The frequency at which envelope consumption gets renewed.

      For example, if you enter a renewal period of three months, then the consumption data is renewed every three months. The renewal period governs the consumption cycle and is separate from the overall contract term.
    3. Review the required user roles or API permissions specified in the Process configuration field for each process to minimize security risks and optimize SaaS licenses.
      注:
      For more information about the required roles and scopes, see the Minimal user permissions table.

      The Download subscriptions check box is selected by default and you can't clear it.

      The Download Consumption check box is selected by default.

    4. Select Submit.
      A draft integration profile is created.

      The Connection & Credential field appears and is automatically set to sn_sam_saas_int.Docusign_OAuth_with_JWT.

    5. Open the connection & credential aliases record by selecting the preview icon (Preview icon.) next to the Connection & Credential field and then selecting Open Record in the record preview.
    6. On the Connection & Credential Aliases form, select the Create New Connection & Credential related link.
    7. In the Create Connection and Credential dialog box, fill in the fields.
      表 : 3. Create Connection and Credential dialog box
      Field Description
      Connection Information
      Connection Name Name of the connection.
      Connection URL This field is automatically set to https://api.docusign.net.
      Credential Information
      Integration Key The API integration key that you had generated in the Register a Docusign application procedure.
      Key Pair ID The key pair ID of the private key that you had generated in the Generate RSA keypair for Docusign integration procedure.
      Audience URI Enter account.docusign.com as the URI.
      Keystore Password Password associated with the uploaded JKS file that you had created in the Generate a Java Key Store certificate procedure.
    8. Locate the JKS file on your device by selecting Keystore.

      For more information on creating the JKS file, see Generate a Java Key Store certificate.

    9. Select Create and Get OAuth Token.
    10. On the integration profile form, select Validate Connection to verify the connection and credential details of this integration.
      Validating the connection verifies the Download Subscriptions APIs.

    次のタスク

    After the integration connects, your ServiceNow instance automatically creates software models and software subscriptions that are refreshed daily.

    After creating an integration profile, view information about the profile in the Software Asset Workspace by navigating to License operations > User subscription > Direct integration profiles. You can select an integration profile to view the following related lists. If the following related lists aren't visible for an integration profile in the default view, you can select the custom integration view from the Details tab:
    • Software Models
    • Scheduled Jobs
    • Scheduled Job Results
    • Unrecognized Subscription Identifiers
    • Software Subscriptions
    • Subscription Identifier Exclusion Rule
    • Subscription User Exclusion Rule

    After creating an integration profile, you can define subscription exclusion rules to keep certain subscriptions from license cost calculations. For more information, see Subscription exclusions for SaaS and SSO applications.

    If you want to set up multiple integration profiles with unique connections, create child aliases to manage different configurations and settings for each integration profile. For more information, see Create a child alias to set up multiple integration profiles.

    Create software entitlements for the automatically generated software models to track used software against owned software.
    Reconciliation also runs on your subscriptions as a scheduled job or on-demand. You can view your reconciliation results in the License Workbench (Software Asset Management classic application) or the License usage view (Software Asset Workspace). Use these results to determine your license compliance position and to remediate any non-compliance.