Skip to main content
Blog
Home/

App Passwords: More secure SOAP authentication using your existing code

Author Cameron Loewen
Cameron LoewenSenior API Technical Writer
Summary3 min read

Keep your SOAP integrations in compliance with upcoming Docusign go-live and API call requirements without having to update any of your code!

    • Additional resources

    Table of contents

    As followers of the Docusign Developer Blog might already know, our old legacy username/password authentication flow is being deprecated and will be unavailable for use after September 2022. For REST apps, this means switching to use an OAuth2 grant. For SOAP apps, this means switching to our new authentication flow: App Password. 

    In App Password authentication, your users create App Passwords, linked to their profiles, that they can use in place of their account password when going through auth to obtain access tokens. Any attempt to use an App Password to do something other than get an access token for an integration or make SOBO calls (such as attempting to log into their Docusign account via the website UI) will fail. This ensures that, even if an App Password is somehow compromised, the user’s account and data are still secure.

    We know that a lot of developers use legacy authentication, and not all of them can easily spare the time and resources to refactor the authentication code for their apps. Fortunately, you should be able to use the same legacy authentication code that’s already in your app to perform App Password auth! Both authentication flows use exactly the same steps and syntax; just pass in the user’s App Password rather than their account password and you should still get an access token.

    This means that you can switch to use a more secure way of authenticating users and stay in compliance with upcoming Docusign go-live and API call requirements without having to update any of your code! 

    You can read more about the advantages of App Passwords, see how to generate them, and find best practices on the Dev Center.

    Additional resources

    Author Cameron Loewen
    Cameron LoewenSenior API Technical Writer
    More posts from this author

    Related posts

    • Trending Topics: Latest from our forums (November 2024)
      Developer Trending Topics
      Author Paige Rossi
      Paige Rossi
    • Leveraging Docusign AI and Salesforce for Improved Contract Management

      Leveraging Docusign AI and Salesforce for Improved Contract Management

      Author Subbarao Pydikondala
      Subbarao Pydikondala
    Trending Topics: Latest from our forums (November 2024)
    Author Paige Rossi
    Paige Rossi
    Leveraging Docusign AI and Salesforce for Improved Contract Management

    Leveraging Docusign AI and Salesforce for Improved Contract Management

    Author Subbarao Pydikondala
    Subbarao Pydikondala

    Discover what's new with Docusign IAM or start with eSignature for free

    Explore Docusign IAMTry eSignature for Free
    Person smiling while presenting