Skip to main content

DocuSign

Introduction#

Multi-factor authentication (MFA) is an extra layer of security used when logging into websites or apps to authenticate users through more than one required security and validation procedure that only they know or have access to. Security Assertion Markup Language (SAML) is a protocol for authenticating to web applications. SAML allows federated apps and organizations to communicate and trust one another’s users.

Acceptto™, as a SAML provider, improves the user login experience for Docusign users with its smart convenient MFA.

Pre-Requisites#

  1. An Acceptto account with a configured Identity Provider and LDAP Agent (See this page for instructions).

  2. A Docusign user account with administrative access to the developer dashboard.

  3. A user with administrative privileges for the Acceptto Cloud dashboard.

Configure DocuSign as a Service Provider#

  1. Download the SAML metadata and certificate for your organization from Acceptto.

    Metadata Download at https://sso.acceptto.com/<myorganization>/saml/download/metadata or view at https://sso.acceptto.com/<myorganization>/saml/metadata

    Certificate Download at https://sso.acceptto.com/<myorganization>/saml/download/cert

  2. Login to your Docusign developer portal as an administrator.

  3. Navigate to the Settings tab.

    Docusign settings

  4. You will need to switch to an admin account. Navigate to SWITCH TO and select DOCUSIGN ADMIN.

    Docusign switch admin

  5. Click on Domains.

    Docusign domains

  6. Select CLAIM DOMAIN. Enter your domain name (e.g. test.com) and click on Claim.

    Docusign claim domain

  7. After adding your domain, click on Get the Validation Token.

    Docusign get validation token

  8. Copy the token, go to your domain’ DNS server, and add a TXT record with the received token. This will validate your domain name in DocuSign.

    Docusign token

  9. Return to the DocuSign dashboard. In the Domains section, click on Action and select Validate.

    Docusign validate

  10. Go back and select Identity Providers under the Access Management section.

    Docusign Idp

  11. Enter the below information in the blank fields:

    • Name: Type an optional name like Acceptto
    • Identity Provider Issuer: The issuer found in the Acceptto metadata (e.g. https://sso.acceptto.com/<myorganization>/saml)
    • Identity Provider Login URL: The login URL found in the Acceptto metadata (e.g. https://sso.acceptto.com/<myorganization>/saml/auth)
    • Identity Provider Logout URL: The Logout URL found in the metadata (e.g. https://sso.acceptto.com/<myorganization>/saml/logout)
    • Identity Provider Metadata URL: The Metadata URL found in the Acceptto metadata (e.g. https://sso.acceptto.com/<myorganization>/saml/download/metadata)
    • Check the Enable-Third Party Login box.

    Idp settings

  1. Set Send AuthN and Send Logout to Post. Then, add the below attributes as you can see in the picture below.

    FieldAttribute Name
    emailaddressemailaddress
    surenamesurename
    givennamegivenname

    Docusign custom attributes

  2. Save the configuration and select Add New Certificate on the Identity Provider page. Import the Acceptto Certificate which has been downloaded in the first step.

    Docusign certificates

  3. On the Identity Provider page, click on Action and select Endpoints. You can find all the URLs you need for configuring the Acceptto Application. Keep this data for the next section.

    Docusign sign in

    Docusign Endpoints

Acceptto SAML Configuration as Identity Provider (IdP)#

  1. Login to the Acceptto Dashboard with an administrative account and go to Applications.

  2. Create a new application by selecting the Create New Application.

    Acceptto new app

  3. In the New Application form, enter the following values under the General tab.

    • Name - The application name displayed in the admin panel and application portal and used for push notifications and audit logs (e.g. DocuSign).
    • Type - Select "SAML Service Provider" from the options.
    • Out of Band Methods - Select the allowed methods for approving MFA requests
    • Message for MFA Requests - Enter the user-facing message for Push, SMS, and email MFA requests (optional)

    New app settings

  4. Under the SAML Service Provider Configuration tab, enter the following values:

    • Issuer or Entity ID – Copy SP Issuer URL from DocuSign Endpoints
    • Sign in URL - Copy SP Login URL from DocuSign Endpoints
    • Metadata URL- Copy SP Metadata URL from DocuSign Endpoints
    • NameID Format - Email Address
    • Name Identifier - Email
    • ACS URL - Copy SP ACS URL from DocuSign Endpoints

    SAML settings

  5. Navigate to Add New Attribute Assertion and populate the fields like the table below:

    Friendly NameNameValueName Format
    Emailemailaddressmailbasic
    Last Namesurenamesnbasic
    First NamegivennamegivenNamebasic

    SAML settings

  6. Click Save.

Test Your Setup#

  1. Go to your DocuSign login portal and enter your username.

    Docusign sign in

  2. Click on CONTINUE and then on USE COMPANY LOGIN.

    Docusign password

  3. You will be redirected to the Acceptto SSO page.

    Acceptto SSO

  4. After successful authentication, you’ll see Acceptto’s MFA options. Select your desired method.

    Acceptto MFA

  5. After approving the authentication attempt, you will be redirected to your DocuSign landing page.

    Docusign dashboard

Support#

If you require assistance, please email us at support@acceptto.com

Sales#

Want to learn more about our MFA solutions? Contact our Professional Services for a Demo today.

Disclaimer#

All product names, trademarks, and registered trademarks are the property of their respective owners.

All company, product, and service names used in this document are for identification purposes only. The use of these names, trademarks, and brands do not constitute an endorsement by the Acceptto Corporation.