Trending Topics: Latest from our forums (September 2021)

Here are some of the latest popular questions that the Docusign developers community asked on Stack Overflow in the month of September 2021. You too can ask questions by using the tag docusignapi in Stack Overflow.

Thread: Generate JSON Web Token (RS256) to access Docusign using Google Apps Script

Summary: The developer is trying to obtain access tokens using JWT and is running the following code:

function createJWT(){
  const header = {
    alg: 'RS256',
    typ: 'JWT',

  const now =;
  const expires = new Date(now);
  expires.setHours(expires.getHours() + 1);
  const payload = {
    exp: Math.round(expires.getTime() / 1000),
    iat: Math.round(now / 1000),
    iss: "integrator key",
    sub: "user id",
    aud: "url",
    scope: "scopes"

  var toSign = Utilities.base64EncodeWebSafe(JSON.stringify(header)) + '.' + Utilities.base64EncodeWebSafe(JSON.stringify(payload));
  toSign = toSign.replace(/=+$/, '');

  var privateKey = "-----BEGIN RSA PRIVATE KEY-----<private key here>-----END RSA PRIVATE KEY-----";

  const signatureBytes = Utilities.computeRsaSha256Signature(
  const signature = Utilities.base64EncodeWebSafe(signatureBytes);

  return toSign + '.' + signature;

They get the Exception: Invalid argument: key returned by Utilities.computeRsaSha256Signature().

Answer: There are two separate issues here that need to be addressed:

First, the line Utilities.base64EncodeWebSafe() should be replaced with Utilities.base64Encode() and the toSign.replace(...) be removed. 

Second, the RSA private key is a text file whose first line is BEGIN PRIVATE KEY, not BEGIN RSA PRIVATE KEY. This is a different type of RSA private key and cannot be used with this library.

Alternatively, the developer can use the Docusign eSignature Node SDK, which includes built-in JWT methods that can be used to obtain access tokens.

Thread: Documents in Composite Template error in tabs

Summary: This developer is using composite templates and is not seeing all the tabs that they expected to see in the envelope, which was built out of two templates.

Answer: There are two potential issues here. The ServerTemplate elements in the request must include matching roleName properties that are identical to the ones defined in the templates for the recipients. These recipients have tabs that are not showing. The tabs that were manually added to the composite template are not showing because they did not include any positioning information. Tabs must be positioned either by fixed positioning (using the pageNumber, xPosition, and yPosition properties) or by using anchor strings.

Thread: Docusign : login without user consent

Summary: The developer is interested in sending an envelope with requests for signature for two signers. They require one signer to sign only after the other has finished.

Answer: To do that, you set up two recipients in your envelope with signing elements for each. The important thing is to set the routingOrder such that your first signer is “1” and the second signer is “2”. This guarantees that the second signer will not get the email notification to request their signature until the first signer finishes signing the envelope.

Additional resources

Inbar Gazit
Inbar Gazit
Sr. Manager, Developer Content