DocuSign eSignature Integration
Overview
Streamline sales processes using integration with DocuSign eSignature. This native integration, with eSignature vendor DocuSign, eliminates the pass-through step, facilitates the interaction between both applications, and always provides the most up-to-date output from the Oracle CPQ interface.
DocuSign eSignature Integration features include:
- Sends CPQ-generated documents to DocuSign for execution by specified signers
- Allows signers to sign and save documents
- Allows sales users to initiate or cancel the eSignature process
- Tracks status of eSignatures that are in process
- Manages the eSignatures of multiple documents by distinct signers, all from the same Oracle CPQ quote
DocuSign Connect Message Formats
DocuSign sends a message to Oracle CPQ to notify when a workflow event is triggered, such as when an eSignature envelope is signed or declined by a recipient. DocuSign Connect is the webhook service Oracle CPQ uses to receive these event messages. DocuSign Connect event messages can be formatted as JSON or XML. This is configured from the DocuSign configuration page. Refer to Configure DocuSign Properties.
Oracle CPQ 24D and later supports JSON DocuSign Connect messages, including both JSON SIM and Aggregate modes. When a DocuSign Connect message is sent, it is parsed based on the content type header, JSON or XML, and validated using DocuSign HMAC security protocol. The Oracle CPQ DocuSign integration requires a DocuSign-generated secure Connect Key in order to authenticate JSON event messages.
When setting up the Oracle CPQ DocuSign Integration, the message format field requirements are as follows:
-
Connect Key field is required for JSON-based message format
-
Connect Certificate field is required for XML-based message format
-
Connect Key and Connect Certificate fields are required if implementing both JSON and XML-based message format
OAuth 2.0 Support for DocuSign Integration
The DocuSign eSignature integration allows the CPQ application to prepare documents, assign signers, and create envelopes in DocuSign. When a sales agent sends a document out for signature the CPQ application makes a web service call to DocuSign. In 24B and later, Oracle CPQ replaces the previous authentication mechanism with a new OAuth-based flow to authenticate the web service call which creates the envelope in DocuSign. To support this new security mechanism, we have updated the DocuSign eSignature Connector in the Integration Center to allow administrators to manage the new connection details, the certificate, and the token key.
Administration
In order for the Receive action to run properly when a document status changes in DocuSign, the following DocuSign should be configured by following the steps below:
-
Login to DocuSign.
-
Navigate to the Integration section within the Settings tab
-
Select Connect from the Integration section. The Connect page displays.
-
Within the Configuration tab, click Add Configuration to create a custom configuration.
-
Select Active Connection from the Status field of the Listener Settings.
-
Enter the name for the configuration in the Name field.
-
Enter the Oracle CPQ hostname you are integrating with in the URL to Publish field, as follows:
https://<cpqhost>/notification/receiver
-
Select the Enable Log and Require Acknowledgement checkboxes.
-
Under Event Settings, one of the following for Data Format:
-
REST v2.1 for JSON message format. Proceed to Step 10.
-
Legacy for XML message format. Skip to Step 11.
-
-
For JSON message format, perform the following to complete the DocuSign configuration:
- Under Event Message Delivery Mode, select one of the following based on your business needs:
Send Individual Message (SIM)
Aggregate Message
- Under Trigger Events,expand the Envelopes & Recipients section and select the following:
Envelope Signed/Completed
Envelope Declined
Envelop Voided
-
Expand the Include Data section of Envelopes & Recipients and select the following:
-
Document PDFs
-
Document Fields
-
-
Select the Include HMAC Signature (Recommended) option under Integration and Security Settings section.
-
Select Manage Keys to go to the Connect Key tab to create a secret key.
-
Within the Connect Key section, click Add Secret Key. This will create a secret key.
-
Copy the secret key value using the copy icon.
-
Paste the secret key value into the Connect Key field in the Oracle CPQ DocuSign Integration Center page.
-
Click Add Configuration to save the JSON message format DocuSign properties.
You can learn more about HMAC Security with DocuSign Connect implementation and best practices from the DocuSign Developer Center. Oracle CPQ recommends rotating secret keys at a reasonable frequency as per your company-defined security policy.
- Under Event Message Delivery Mode, select one of the following based on your business needs:
-
For XML message format, perform the following to complete the DocuSign configuration:
- Under Trigger Events,expand the Envelopes & Recipients section and select the following:
Envelope Signed/Completed
Envelope Declined
Envelop Voided
-
Expand the Include Data section of Envelopes & Recipients and select the following:
-
Document PDFs
-
Document Fields
-
-
Select Use SOAP Interface (SOAP Method: DocuSignConnectUpdate).
-
Enter the SOAP Namespace that will be used in the notification requests to your server. Ensure a full path namespace is specified instead of the default property envelope.
-
Select Include XML Digital Signature in SOAP Header so that SOAP XML messages will be digitally signed.
-
Click Add Configuration to save the XML message format DocuSign properties.
- Under Trigger Events,expand the Envelopes & Recipients section and select the following:
If these settings are not set, administrators may see the following error message in the error log:
Failed to generate response to notification.
org.apache.axiom.soap.SOAPProcessingException: First Element must contain the local name, Envelop, but found DocuSignEnvelopeInformation
Setting up DocuSign integration requires the following tasks:
Step 1: Enabling DocuSign eSignature Integration
OAuth 2.0 Support for DocuSign Integration (Oracle CPQ 24B and later)
To create a DocuSign eSignature integration type, administrators with permissions can complete the following steps:
-
Click Integration Center in the Integration Platform section of the Admin Home page.
-
Click Create Integration.
-
Select eSignature from the Type drop-down.
-
Select DocuSign from the Vendor drop-down. The DocuSign Integration field entries display.
-
Enter the Admin User ID. Refer to Retrieve DocuSign Field Values for retrieving this information.
-
Enter the Account ID. Refer to Retrieve DocuSign Field Values for retrieving this information.
-
Enter https://account.docusign.com for the OAuth URL.
-
Enter the Endpoint URL. This includes the DocuSign Account Base URI with the restapi version information appended (for example, https://prodsite.docusign.net/restapi/v2). Refer to Retrieve DocuSign Field Values for retrieving this information.
This URL must be included in the allow list of approved domains. -
Enter the Connect Key if your DocuSign Connect is configured to send JSON formatted messages to Oracle CPQ. This the key used to authenticate the DocuSign Connect message and is generated from DocuSign and provided to Oracle CPQ. The connect key is validated with DocuSign event notification headers. Refer to Retrieve DocuSign Field Values for retrieving this information.
When the DocuSign eSignature integration is saved,the connect key is stored and the Last Modified date associated with the connect key is automatically populated. -
Upload the Connect Certificate if your DocuSign Connect is configured to send XML formatted messages to Oracle CPQ. To add the connect certificate, click Choose File and navigate to a valid certificate (for example, a.crt file) on your hard drive. This certificate must be the same as the one created in the DocuSign environment.
- It is essential that the certificate in DocuSign and Oracle CPQ match.
- When the DocuSign eSignature integration is saved, the certificate is stored and available for download. Also the Last Modified date associated with the certificate is automatically populated.
-
Click Save to save the integration details along with the connection certificate.
-
Select Generate to generate the Admin Token. If this is the first time you are setting up the OAuth-based integration, DocuSign consent must be verified. A warning displays indicating that consent from DocuSign is required.
-
Click Give Consent to close the Consent warning box. If required, you may need to log in to DocuSign.
-
Click Allow Access to allow Oracle CPQ access. A consent confirmation message displays.
-
Navigate to the Oracle CPQ DocuSign eSignature Integration Center page and click Generate.
The Oracle CPQ DocuSign eSignature Integration Center page displays the Revoke button for the Admin Token instead of a Generate button. This indicates the access was granted and the integration connection is established.
Retrieve DocuSign Field Values
To set up the Oracle CPQ DocuSign eSignature Integration, the administrator must retrieve necessary field data from DocuSign. The following provides an overview of the steps to locate the DocuSign fields and the corresponding DocuSign to Oracle CPQ field names.
1. Log into DocuSign.
2. Navigate to the Integration section within the Settings tab.
3. Click Apps and Keys from within the Integration section. The Apps and Keys page displays.
4. Within the My Account Information section, note the following field values. These values must be entered in the corresponding field for the Oracle CPQ DocuSign eSignature Integration.
DocuSign App and Key Field |
Oracle CPQ DocuSign Integration Field |
---|---|
User ID |
Admin User ID |
API Account ID |
Account ID |
Account Base URI |
Endpoint URL Enter the Account Base URI with the restapi version information appended (for example, https://prodsite.docusign.net/restapi/v2) |
-
Click Connect from the Integration section. The Connect page displays.
-
Within the Connect Key section, click Add Secret Key. This will create a secret key.
-
Copy the secret key value using the copy icon.
-
Paste the secret key value into the Connect Key field in the Oracle CPQ DocuSign Integration Center page.
-
Click Save to save the secret key.
Legacy Support for DocuSign Integration (Oracle CPQ 24A and earlier)
- Click Admin to go to the Admin Home Page.
-
Click Integration Center under Integration Platform.
The Integration Platform Integration Center page opens.
The active, selected integration is indicated by a blue bar, , on the sidebar.
-
Click Create Integration to add a new integration.
You are only able to create an eSignature Integration if there are no existing eSignature endpoints. -
Enter the DocuSign Endpoint URL and Connect Certificate.
The DocuSign Connect Certificate must be uploaded to the Integration Platform page to ensure the integrity of signed documents of Web Services.
- The integration Type field will auto-populate to eSignature.
- Click Save to save and activate the integration.
Step 2: Creating the eSignature Attribute Set, Action Set, and Layout Element
- Click Admin to go to the Admin Home Page.
-
Click Process Definition under Commerce and Documents.
The Processes page opens.
-
For your Commerce Process, ensure Documents is selected in the Navigation column and click List.
The Document List page opens.
-
For the Quote document, ensure Attributes is selected in the Navigation column and click List.
The Attribute List page opens.
-
Click Add.
The Attribute Editor dialog box appears.
-
Enter the Label and Variable Name.
The Variable Name field populates automatically. Variable names can only contain alpha-numeric characters and underscores. The entry can be changed before saving, but after saving the value is read-only.
-
Select eSignature Set from the Attribute Type drop-down.
-
Click Add.
The following items are automatically created:
-
eSignature attributes View automatically-created eSignature Set Attributes
Name Type Description eSignature File Attachment File Attachment Holds the documents to be sent to the eSignature vendor. eSignature Recipients Text Area Holds the emails and names of the intended recipients. eSignature Date Modified Date Contains the date of the most recently performed action on this document. eSignature Envelope ID Text This is a hidden field that is sent along with the document to the eSignature vendor. This field associates the DocuSign document with the Oracle CPQ document. eSignature Status Menu Contains the current status of the document. -
A new eSignature Action Set
To view the eSignature Action Set, navigate to: Admin > Process Definition > Documents > (main document) Actions and then click the eSignature Action Set. View automatically-created eSignature Action Set
Action Name Action Variable Name Action Type Action Description Request Signature _action_esig_send
eSignature Send Sends the document to recipients. Cancel _action_esig_cancel
eSignature Cancel Cancels pending signature requests. Details _action_esig_details
eSignature Details Connects DocuSign and views document details.
This action does not function as a Modify action.Receive _action_esig_receive
eSignature Receive Automatically invoked to receive either a rejection or a signed document from the eSignature vendor.
This action is hidden from the end user.
-
-
Add the eSignature Grid to the Transaction UI. For instructions refer to Commerce Layout Element - eSignature Table.
Hidden Document Attachment Attributes
- If a particular eSignature Document Attachment attribute is hidden:
- The Action associated with that Document Attachment attribute will be hidden.
- The following Attributes from the eSignature Set can remain visible: Text Area, Date, Menu.
- A user has the option to hide certain eSignature Set attributes.
- A user has the option to hide all eSignature Set attributes. This causes the entire document row to be hidden; see below for more information.
- If a particular eSignature document row is hidden:
- The document/file attachment associated with that row will be hidden.
- The Action associated with that row will be hidden.
The following Attributes from the eSignature Set will be hidden: Text Area, Date, Menu.
- When all Attributes are hidden within a column, the entire column will be hidden.
- When all Attributes are hidden within a row, the entire row will be hidden.
- When the row’s File Attachment Attribute is hidden, the row’s buttons will also be hidden.
As with any change to a Commerce layout, you must replicate this change in any corresponding Mobile layouts. For more information, see Mobile Layouts for Commerce.There can only be one eSignature Grid per document. All eSignature Attribute Sets will follow this grid.
- If a particular eSignature Document Attachment attribute is hidden:
Step 3: Obtaining the DocuSign Authentication Token
- Click My Profile to navigate to your My Profile page.
- Click User Integration.
- Click eSignature in the left-hand column.
- Enter your DocuSign Login If you have not yet transitioned to the OAuth-based DocuSign Integration (Oracle CPQ 24B and later), you may be asked to enter your Password.
-
Click Generate Token.
This links your DocuSign account to your Oracle CPQ account. You must have an existing DocuSign account to enable this.
A token can be removed when desired.
Step 4: Adding Signer Tags to a Document
Signer tags must be added to templates, in either Document Designer or Document Engine, to tell DocuSign where electronic signatures must be placed within the output documents.
Signer tags, placed within Text Elements in Document Designer, are created using the syntax \s[#]
where [#]
is the number of the signer, which is determined by the order of the recipients of the document. For example:
\s1
denotes where the first signer (recipient) must sign.\s2
denotes where the second signer (recipient) must sign.\s3
denotes where the third signer (recipient) must sign.- And so on...
Unless hidden, signer tags will be visible to readers in the output document. Signer tags can be hidden by setting the tag’s font size to 2 pt and its text color to No color or to the background color. The screen shots below show how signer tags are hidden in Document Designer.
eSignature signer tags before being hidden 6. Enter the name for the configuration in the Name field
Hidden eSignature signer tags
Add a Signature Tag
- Click Admin to go to the Admin Home Page.
- Click Document Designer (or Documents, for the Document Engine) under Commerce and Documents.
- Open an existing document, or create a new one.
-
Select a location in the document for signature tags.
In Document Designer, you may need to add a Text Element first. -
Create a signature tag by typing
\s1
, where "1" is the number of the signer.When a signature is requested, DocuSign interprets
\s1
as the location where signer #1 must sign.
Requesting Signatures for a Document
Requesting Signatures for a Document - Parallel only (19B or earlier)
-
Navigate to the desired Quote.
- Click Browse to select a document to upload for signature.
-
Click Edit Recipients to select the recipients of the document.
The Select Recipients dialog box appears.
-
Type the Recipient's Name and Email into the fields.
The first Recipient's signature will take the place of the
\s1
signature tag, the second Recipient's signature will take the place of the\s2
signature tags, and so on.If you need to sign the document, add yourself as a Recipient in the appropriate place in order.
- Click the add icon, , to add a recipient or click the remove icon, to remove a recipient.
- Click Done to temporarily store the recipients with the Quote until a Modify action is performed, or click Cancel to cancel all changes made to the recipients list.
-
Click Request Signature to send a document to recipients for signature.
Documents that haven't been sent will have a Request Signature button.
- If the request is successful, the status will change to Pending.
-
The signer will receive an email from DocuSign requesting a signature.
The sender must have a DocuSign account to send an eSignature document to recipients.Track the status of the document
Status Description Not Sent Current document has not been sent to recipient(s)/signer(s).
When a new document is uploaded it is automatically assigned the status Not Sent.
Pending Waiting for a document to be signed. Signed Document has been signed by all parties.
Once a document has been signed, it cannot be canceled.
Rejected Document has been rejected by recipient(s)/signer(s).
The sales user is notified of the document rejection.
-
Click Details, , to open the DocuSign application and view the extended status details.
All documents that have been sent out for signature will have this button. -
If desired, cancel an existing eSignature request by clicking Cancel, . The status will be updated to Canceled.
A signature request must be sent again, if a signature is desired later.
The eSignature File Attachment attributes function like standard File Attachment attributes.- A signed document replaces the saved document in the eSignature File Attachment attribute.
- Access to the recipients Attributes can be controlled by the admin.
Requesting Signatures for a Document - Sequential or Parallel Requests (19C and later)
Beginning in Oracle CPQ 19C, DocuSign integration support has been added to designate if the eSignature request routing for a Transaction needs to be parallel or sequential. If the routing preference is sequential, the sales user can specify a sequence number for recipients to receive the signature request.
For parallel routing, all recipients receive the eSignature request at the same time.
For sequential routing, recipients receive the eSignature request in a specified order. This routing option also allows for a mixing of parallel and sequential routing. You can designate as many recipients as necessary for each sequence routing number. All recipients marked with the same routing number will receive the eSignature request at the same time.
The example below shows a document that requires sequential eSignature routing and entry of this routing in the Select Recipients dialog box.
Sales users can designate DocuSign sequential or parallel eSignature routing when they are ready to request eSignatures for a document, as follows:
-
Navigate to the desired Quote.
- Click Choose File to select a document to upload for signature.
-
Click Edit Recipients to select the recipients of the document. The Select Recipients dialog box displays.
-
Determine the eSignature routing method:
-
If the routing is Parallel, verify the button switch is set to Parallel.
- Type the Recipient's Name and Email into the fields.
- Click the add icon, , to add a recipient or click the remove icon to remove a recipient.
The first Recipient's signature will take the place of the
\s1
signature tag, the second Recipient's signature will take the place of the\s2
signature tags, and so on.If you need to sign the document, add yourself as a Recipient in the appropriate place in order.
- If the routing is Parallel, verify the button switch is set to Sequential.
-
Enter the sequential order number for each recipient under the Order column.
- Type the Recipient's Name and Email into the fields.
- Click the add icon, , to add a recipient or click the remove icon to remove a recipient.
-
- Click Done. The recipient information is saved and the Quote information is displayed.
-
Click Request Signature to send a document to recipients for signature.
Documents that haven't been sent will have a Request Signature button.
- If the request is successful, the status will change to Pending.
-
The signer will receive an email from DocuSign requesting a signature.
The sender must have a DocuSign account to send an eSignature document to recipients. - Click Details, , to open the DocuSign application and view the extended status details.
Status | Description |
---|---|
Not Sent |
Current document has not been sent to recipient(s)/signer(s). When a new document is uploaded it is automatically assigned the status Not Sent. |
Pending | Waiting for a document to be signed. |
Signed |
Document has been signed by all parties. Once a document has been signed, it cannot be canceled. |
Rejected |
Document has been rejected by recipient(s)/signer(s). The sales user is notified of the document rejection. |
-
If desired, cancel an existing eSignature request by clicking Cancel, . The status will be updated to Canceled.
A signature request must be sent again, if a signature is desired later.
- A signed document replaces the saved document in the eSignature File Attachment attribute.
- Access to the recipients Attributes can be controlled by the admin.
Using eSignature on Mobile Devices
Because of Apple iOS file upload restrictions, PDFs can't be uploaded to the eSignature File Attachment attribute while using iOS devices.
However, if a PDF has previously been uploaded to the eSignature File Attachment attribute, or it was saved to the File Attachment attribute upon printing, it can be sent via eSignature on iOS devices.
Use BML to Reset eSignature Attributes
You can reset eSignature attribute values like attachments, recipients, status, etc. through BML implementation. For example, if a Transaction is versioned using Version action, the associated Modify action can implement the BML to reset the eSignature attributes values for the new Version. The following provides sample BML for resetting eSignature attributes.
Modifying eSignature attribute values outside of the standard flow may cause integration issues if the attribute values are not setup properly. Please verify the changes and test the integration to make sure it is functioning as expected.
Notes
Notes:
- eSignature attributes are listed in the order that they were created, and cannot be reordered on the grid.
- Displayed rows can be controlled based on Permissions.
-
Each user must specify their account information when generating their authentication token.
Refer to Step 3: Obtaining the DocuSign Authentication Token.Oracle CPQ associates a user to their default DocuSign account when that user generates an Authentication Token.
The Login provided during Token generation is case-sensitive and must match the format of the DocuSign login exactly.
If the logins don't match the integration will fail after the customer signs. For example, if the user's DocuSign login is "FirstName.LastName@domain", but the login used to generate the token is "firstname.lastname@domain", the integration will fail. -
If your DocuSign certificate expires, the status for a CPQ transaction will not get updated when the associated document is signed and marked as complete in DocuSign. If this occurs, you need to regenerate your DocuSign certificate recreate your eSignature integration, refer to Step 1: Enabling DocuSign eSignature Integration.
-
The user sets their default account in DocuSign.
- The symbols “<” and “>” are used as delimiters for recipients. For example, Name<Name@oracle.com>.
- eSignature functionality allows for unlimited eSignature Attribute sets.
- For more information on DocuSign, visit the DocuSign web site.