Docusign - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk.
This documentation provides a step-by-step guide to setting up Single Sign-On (SSO) for Docusign using MPAS. SSO simplifies user authentication by allowing access to multiple applications with a single set of credentials. This integration enhances security and improves user experience across your organization
To set up Multi-Pass with Docusign, ensure you meet the following requirements:
- Docusign admin rights
- MPAS Admin rights
- Make sure that all users intended to use SSO in Docusign are registered in your IdP and have the necessary permissions to access Docusign.
Important: Custom elements in URLs (like realm names) are case sensitive. Make sure to match the exact casing from your environment.
Docusign - SSO configuration
Step 1 - DocuSign Configuration (Service Provider)
- Go to your DocuSign Admin page.
- In the left panel, under Access Management, click on Identity Providers
- Click on Add Identity Provider.
- Enter a name (e.g.,
Multi-Pass) and click Next.
| Field | Value |
|---|---|
| Identity Provider Issuer | https://ca.auth.kzero.com/realms/<TENANT_NAME> |
| Identity Provider Login URL | https://ca.auth.kzero.com/realms/<TENANT_NAME>/protocol/saml |
| Identity Provider Metadata URL | https://ca.auth.kzero.com/realms/<TENANT_NAME>/protocol/saml/descriptor |
- Click Next and Add Identity Provider.
- Enable Single Logout and use: https://ca.auth.kzero.com/realms/<TENANT_NAME>/protocol/saml
SSO Settings:
| Setting | Value |
|---|---|
| Send AuthN Request by | POST |
| Send Logout Request by | GET |
DocuSign Endpoints to collect:
| Field | Example Format |
|---|---|
| Service Provider Entity ID | https://<SUBDOMAIN>.docusign.com/organizations/<ORG_ID>/saml2 |
| Assertion Consumer Service URL | https://<SUBDOMAIN>.docusign.com/organizations/<ORG_ID>/saml2/login/<IDPID> |
Step 2 - Multi-Pass Configuration (Identity Provider)
- Open Multi-Pass Dashboard
- Select your tenant > Integrations > Applications > SAML.
- Click on Add Integration and complete the form:
| Field | Value |
|---|---|
| Client ID | https://<SUBDOMAIN>.docusign.com/organizations/<ORG_ID>/saml2 |
| Name | docusign |
| Description | SSO Integration |
| Assertion Consumer Service URL | https://<SUBDOMAIN>.docusign.com/organizations/<ORG_ID>/saml2/login/<IDPID> |
| NameID Policy Format |
- Then go to Advanced Console > Clients, search and configure the `docusign` client as previously instructed.
| Setting | Value |
|---|---|
| Name ID Format | |
| Force Name ID Format | ON |
| Force POST Binding | ON |
| Include AuthnStatement | ON |
| Sign Documents | OFF |
| Sign Assertions | ON |
Attribute Mapping
- Navigate to Client Scopes > Select docusign
- click on configure a new mapper
- From the list select "User Attribute"
- Add the following mappers
emailaddress
| Field | Value |
|---|---|
| Mapper Type | User Attribute |
| Name | emailaddress |
| User Attribute | |
| Friendly Name | emailaddress |
| SAML Attribute Name | emailaddress |
givenname
| Field | Value |
|---|---|
| Mapper Type | User Attribute |
| Name | givenname |
| User Attribute | firstName |
| Friendly Name | givenname |
| SAML Attribute Name | givenname |
surname
| Field | Value |
|---|---|
| Mapper Type | User Attribute |
| Name | surname |
| User Attribute | lastName |
| Friendly Name | surname |
| SAML Attribute Name | surname |
Related Articles
SAML SSO Integration Guide
This guide provides an overview of how to configure SAML Single Sign-On (SSO) between Multi-Pass and a third-party Service Provider (SP). Multi-Pass acts as the Identity Provider (IdP) in this federation model. Multi-Pass is working on SCIM support ...Notion - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a ...Heap - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a ...ZoomInfo - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a ...Kaseya One - SSO configuration
Please note that this application has not been formally tested by Kelvin Zero Inc. It is provided solely as a reference guide. If you encounter any issues, kindly submit a ticket directly through the support desk. This documentation provides a ...