DocuSign API Basic User Password Authentication Retirement
DocuSign is in the process of retiring basic user password authentication API methods (see OAuth 2.0 requirements and migration on the Developer Center for more details) that authenticates each API call by passing the user’s email and password in each API authentication header. We are targeting both SOAP and REST integrations to ensure that all methods of accessing DocuSign are kept up to industry and DocuSign security standards.
DocuSign will deprecate basic user password authentication (used in the X-DocuSign-Authentication header) for all first-party integrations (eSignature for Salesforce, Dynamics, Print Driver, and others) and some third-party partner integrations. For the first phase of this process, we will be targeting the following integrations:
- For SOAP integrations, we will be targeting all Partner Integrations as a part of Phase 1.
- For REST integrations, we will be addressing ONLY NA1 Partner Integrations as a part of Phase 1.
- For first-party Integrations (DocuSign for Salesforce, Print Driver, etc.): We will be working internally to address the first-party (DocuSign-built) integrations migration path. No action is needed from customers at the moment. We will reach out separately to customers with our first-party integrations migration plan.
Note: We will send emails to Partners who are impacted soon. If you are not sure if you are part of Phase 1, please keep track of your inbox or check in with your Partner advisors.
Non-partner integrations will be addressed in a later phase.
Beginning October 20, 2022 and up to March 2023, partners included in the first phase of deprecation will be permitted to file a request for an exception to receive additional time to ensure the transition is completed, or to work with DocuSign Support resources to complete their transition to secure authentication protocols. Once an exception is approved, the integration can stay on basic user password authentication until September 2023. After March 2023, all integrations from the first phase that do not have exception approvals will not be able to use basic user authentication to authenticate against DocuSign. To learn more about the process of migrating to a more secure auth method and/or to file for an exception, see below.
If your integration has been identified as using a method of basic user password authentication which will no longer be supported after March 2023, see OAuth 2.0 requirements and migration on the DocuSign Developer Center for instructions and resources to guide your migration. If you are unsure how to update your integration, or do not have the resources to do so, we recommend opening a case with DocuSign Developer Support following the instructions given here.
If you are one of our DocuSign Partners, you can reach out to your partner advisor or our Partner Program if you need assistance to finish the migration or file an exception request. You can also follow the steps below to file for an exception request.
Filing for a support case
Follow the steps below to create a case with our Developer Support team.
- Log in to DocuSign Support.
- Select Get Support from the header.
- Select Open a Support Case, then New Case, and select the account containing the integration key affected.
- Choose the case subject by selecting Integration, API, Development, then DocuSign APIs. Select Add Case Details.
- Fill in the case details appropriate to your request: either request an exception to basic authentication deprecation, or request DocuSign Support assist you with your migration. Note: This same form can also be used for any integration support requests you may have.
Future deprecation phases
Details on additional phases for this deprecation will be announced as we monitor progress on the first phase.