DocusignApi JWT 访问令牌,用于调用管理员 api
[英]DocusignApi JWT access token for calling admin api
问题描述
I am trying to get the JWT access token with all scopes to call org admin api.
我正在尝试获取具有所有范围的 JWT 访问令牌来调用组织管理员 api。
The below code returns the consent URL: which doesn't look like a valid URL as it is pointing https://account.docusign.com instead https://account-d.docusing.com . The below code returns the consent URL: which doesn't look like a valid URL as it is pointing https: //account.docusign.com instead https://account-d.docusing.com .
https://account.docusign.com/oauth/auth?response_type=code&scope=signature%20impersonation%20organization_read%20group_read%20permission_read%20user_read%20user_write%20domain_read%20identity_provider_read&client_id=[[redacted]]&redirect_uri=https://www.example.com https://account.docusign.com/oauth/auth?response_type=code&scope=signature%20impersonation%20organization_read%20group_read%20permission_read%20user_read%20user_write%20domain_read%20identity_provider_read&react_id=&[编辑示例.uri] .com
Code Below下面的代码
string ik = ConfigurationManager.AppSettings["IntegrationKey"];
string userId = ConfigurationManager.AppSettings["userId"];
string authServer = ConfigurationManager.AppSettings["AuthServer"];
string rsaKey = ConfigurationManager.AppSettings["RSAKey"];
string[] orgscopes = { "organization_read", "group_read", "permission_read", "user_read", "user_write", "domain_read", "identity_provider_read" };
List<string> scopes = new List<string>();
scopes.Add("signature");
scopes.Add("impersonation");
scopes.AddRange(orgscopes);
string redirectURI = "https://www.example.com";
Uri authUri = apiClient.GetAuthorizationUri(ik, scopes, redirectURI, "code"); // Doesn't do org consent uri
Console.WriteLine("============= Consent URI =================");
Console.WriteLine(authUri.ToString());
Console.WriteLine("===========================================");
OAuth.OAuthToken tokenInfo =null;
try
{
tokenInfo= apiClient.RequestJWTUserToken(ik, userId, authServer, Encoding.UTF8.GetBytes(rsaKey), 8, scopes);
Console.WriteLine("==============================");
Console.WriteLine("Authorization: Bearer " + tokenInfo.access_token);
System.Diagnostics.Trace.WriteLine("Diagnostic Trace - Authorization: Bearer " + tokenInfo.access_token);
}
Keys in app.config: app.config 中的键:
<add key="IntegrationKey" value="[[redacted]]" />
<add key="UserId" value="[[redacted]]" />
<add key="AuthServer" value="account-d.docusign.com" />
<add key="AuthorizationEndpoint" value="https://account-d.docusign.com/oauth/auth" />
<add key="TokenEndpoint" value="https://account-d.docusign.com/oauth/token" />
<add key="UserInformationEndpoint" value="https://account-d.docusign.com/oauth/userinfo" />
Below is the api i want to call using the access token:下面是我想使用访问令牌调用的 api:
POST /v2/organizations/{organizationId}/users/profiles POST /v2/organizations/{organizationId}/users/profiles
on calling the above api - i got unauthorized error: string reponsebody = string.Empty;在调用上述 api - 我得到未经授权的错误:string reponsebody = string.Empty; string Url = " https://api-d.docusign.net/managment/v2/organisation/3420001f-xxxxxxxxxxx/users/profiles ";字符串 Url = " https://api-d.docusign.net/managment/v2/organisation/3420001f-xxxxxxxxxxx/users/profiles "; using (var client = new HttpClient()) { client.DefaultRequestHeaders.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application / json"));使用 (var client = new HttpClient()) { client.DefaultRequestHeaders.Accept.Add(new System.Net.Http.Headers.MediaTypeWithQualityHeaderValue("application / json")); client.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", accessToken); client.DefaultRequestHeaders.Authorization = new System.Net.Http.Headers.AuthenticationHeaderValue("Bearer", accessToken); HttpResponseMessage rep = client.PostAsync(new System.Uri(Url), PostContent).Result; HttpResponseMessage rep = client.PostAsync(new System.Uri(Url), PostContent).Result; reponsebody = rep.Content.ReadAsStringAsync().Result; reponsebody = rep.Content.ReadAsStringAsync().Result; } }
1 个解决方案
解决方案1
1 已采纳 2020-05-12 21:47:29
First, I must strongly discourage you from posting your Client ID and User ID in public.首先,我必须强烈劝阻您不要公开发布您的客户 ID 和用户 ID。
If the GetAuthorizationUri is returning a Prod consent URI, then your ApiClient object isn't referring to the Demo environment when it's being instantiated.如果GetAuthorizationUri返回 Prod 同意 URI,则您的 ApiClient object 在实例化时并未引用 Demo 环境。 One way to do this would be to use一种方法是使用
ApiClient apiClient = new ApiClient("https://demo.docusign.net/restapi");
or you can simply add the -d to the generated url.或者您可以简单地将 -d 添加到生成的 url 中。
If you are getting "Invalid Response Type", then your integration key isn't configured to allow the code response_type so token must be used instead.如果您收到“无效的响应类型”,那么您的集成密钥未配置为允许code response_type,因此必须使用token 。 To fix this, either change the response_type parameter from code to token in the URL, or update the line要解决此问题,请将 URL 中的 response_type 参数从code更改为token ,或更新该行
Uri authUri = apiClient.GetAuthorizationUri(ik, scopes, redirectURI, "token"); to request a token as the response type.请求令牌作为响应类型。 Alternatively, toggling your integration key's setting to use 'Auth Code Grant' instead of 'Implicit Grant' will allow the use of the code response_type.或者,将集成密钥的设置切换为使用“Auth Code Grant”而不是“Implicit Grant”将允许使用code response_type。
If you get an error about the Redirect URI not being registered in DocuSign, you'll need to compare the redirect URI in your code to the redirect URI registered against your integration key.如果您收到有关未在 DocuSign 中注册重定向 URI 的错误,您需要将代码中的重定向 URI 与针对您的集成密钥注册的重定向 URI 进行比较。 The values must match exactly, including the http/https prefix and trailing slashes.这些值必须完全匹配,包括 http/https 前缀和尾部斜杠。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.