This section describes how to integrate DocuSign with RSA Cloud Authentication Service using IDR SSO.

Configure RSA Cloud Authentication Service

Perform these steps to configure RSA Cloud Authentication Service using IDR SSO.

Procedure

1. Sign in to RSA Cloud Administration Console and browse to Applications > Application Catalog.
2. Search for DocuSign and click Add.
   
3. Enter a name for the application in the Name field on the Basic Information page.
4. Choose Identity Router in the Basic Information section and click Next Step.
   
5. Navigate to the Initiate SAML Workflow section.
   In the Connection URL field, verify the default setting.
6. Choose IDP-initiated.
   
7. Scroll down to the SAML Identity Provider (Issuer) section.
   
   1. Identity Provider URL is automatically generated.
   2. Identity Provider Entity ID is automatically generated.
   3. Click Generate Cert Bundle and set a name for your company certificate.
   4. Click Generate and Download.
   5. Click Choose File and upload the private key from the generated certificate bundle.
   6. Click Choose File and upload the certificate from the generated certificate bundle.
      The public certificate in the bundle is used for the DocuSign configuration.
    
8. Scroll down to the Service Provider section and enter the following details:
   1. ACS URL: Enter the Service Provider Assertion Consumer Service URL from the DocuSign SAML endpoints page (step 11 in the next section).
   2. Service Provider Entity ID: Enter the Service Provider Issuer URL from the DocuSign SAML endpoints page (step 11 in the next section).
      
9. Scroll down to the User Identity section and select the following:
   1. Identifier Type – Email Address
   2. Identity Source – Select your user identity source
   3. Property – mail
10. In the Attribute Extension section, include the attributes: email address, given name, and surname. This is required for authentication from DocuSign side.
    
11. Click Next Step.
12. On the User Access page, select the access policy that the identity router will use to determine which users can access the application.
    
13. Click Next Step.
14. On the Portal Display page, configure the portal display and other settings.
15. Click Save and Finish.
16. Click Publish Changes.

Configure DocuSign

Perform these steps to configure DocuSign.

Procedure  

1. Log on to DocuSign Admin console.
2. Under Access Management, choose Domains.
   Ensure that an organization has been created first.
3. Choose ADD DOMAIN.
   
4. Enter the Domain Name and click CLAIM.
   
5. To verify your domain, update your DNS entry with one of the two methods shown in the Verify Domain section; either CNAME record or TXT record. Coordinate with your network administrator to make this change. For more information on claiming and verifying the domain, refer to: https://support.docusign.com/s/document-item?language=en_US&rsc_301&bundleId=rrf1583359212854&topicId=gso1583359141256.html&_LANG=enus.
   After the Domain is verified, it should appear as Active.
   
6. In the left pane, under Access Management, click Identity Providers and click ADD IDENTITY PROVIDER.
   
7. Choose a name for the identity provider.
   
8. Configure the Identity Provider settings with the URLs obtained from Cloud Authentication Service (CAS).
   1. Enter Identity Provider Entity ID from CAS into the Identity Provider Issuer field.
   2. Enter the Identity Provider URL into the Identity Provider Login URL field.
   3. Click the POST option under Send AuthN request by.
      
      
9. In the Identity Providers section, click Add Certificate in the ACTIONS drop-down list.
   
10. Browse to the certificate, click Add, and then click Save.
11. After adding the certificate, click Endpoints in the ACTIONS drop-down list.
    

Configuration is complete.

Return to main page.