npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@memberjunction/esignature-docusign

v5.43.0

Published

DocuSign driver for the MemberJunction eSignature primitive. Registers a BaseSignatureProvider implementation via @RegisterClass(BaseSignatureProvider, 'DocuSign') using the DocuSign REST API and JWT-grant OAuth.

Downloads

1,626

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

craig.adam.bccraig.adam.bcethan-bcethan-bcjordanfanapourjordanfanapourms-bcms-bccaeleb.balanesicaeleb.balanesiianzygmuntianzygmuntanag123anag123hiltongrhiltongrjosue-garcia-bcjosue-garcia-bcrkihm-bcrkihm-bc

Keywords

Readme

← Back to eSignature Overview · Core Primitive

@memberjunction/esignature-docusign

The DocuSign driver for the MemberJunction eSignature subsystem. It implements the BaseSignatureProvider contract against the DocuSign eSignature REST API, using JWT-grant OAuth for server-to-server authentication.

This is the reference provider — it implements the full feature set, including templates, embedded signing, and DocuSign Connect webhooks.

npm install @memberjunction/esignature-docusign

You don't call this package directly. You configure a DocuSign Signature Account and use the SignatureEngine (or the no-code Actions). The engine resolves and drives this provider for you.

At a glance

| | | |---|---| | Driver key | DocuSign | | Registration | @RegisterClass(BaseSignatureProvider, 'DocuSign') | | Authentication | JWT-grant OAuth 2.0 (service-account impersonation) | | API | DocuSign eSignature REST API v2.1 | | Webhooks | DocuSign Connect, HMAC-verified |

Supported operations

| Operation | Supported | |---|:---:| | Create envelope | ✅ | | Get status | ✅ | | Download signed | ✅ | | Void | ✅ | | Apply template | ✅ | | Embedded signing URL | ✅ | | Parse webhook event | ✅ | | Verify webhook signature | ✅ |

How authentication works

DocuSign uses JWT grant — the driver signs a JWT with your RSA private key and exchanges it for a short-lived access token, with no interactive login. Tokens are obtained on demand and refreshed automatically.

sequenceDiagram
    participant Drv as DocuSign Driver
    participant OAuth as DocuSign OAuth Server
    participant API as DocuSign REST API

    Drv->>Drv: Sign JWT with privateKey<br/>(iss=integrationKey, sub=userId, aud=oauthBase)
    Drv->>OAuth: POST /oauth/token (JWT grant)
    OAuth-->>Drv: Access token
    Drv->>API: Authorized request (envelopes, status, …)
    API-->>Drv: Response

Configuration

These values live in the account's Credential (encrypted via the Credential Engine) — never in code or environment variables. Non-secret defaults (oauthBase, restBase) may also be set on the Signature Provider record.

| Key | Required | Default | Description | |---|:---:|---|---| | integrationKey | ✅ | — | DocuSign OAuth app integration key (the JWT iss). | | userId | ✅ | — | DocuSign user ID to impersonate (the JWT sub). | | accountId | ✅ | — | DocuSign account ID that owns the envelopes. | | privateKey | ✅ | — | RSA private key (PEM) used to sign the JWT. | | oauthBase | — | account-d.docusign.com | OAuth host. Use account.docusign.com for production. | | restBase | — | https://demo.docusign.net/restapi | REST API base. Use your production base for live envelopes. | | connectHmacKey | — | — | HMAC secret for verifying DocuSign Connect webhooks. Set this in production. |

The defaults point at the DocuSign demo environment, so you can test immediately. Override oauthBase and restBase for production.

One-time setup

  1. In the DocuSign Admin console, create an integration key with JWT grant and upload an RSA keypair.
  2. Grant the app consent for the impersonated user (one-time admin consent URL).
  3. In MemberJunction:
    • The DocuSign Signature Provider row is already seeded.
    • Create a Credential holding integrationKey, userId, accountId, and privateKey.
    • Create a Signature Account pointing at that credential.
  4. (Production) Configure a Connect webhook in DocuSign pointing at POST {your-server}/esignature/webhook/DocuSign, and store its HMAC secret as connectHmacKey.

Status mapping

DocuSign's native envelope statuses map onto MemberJunction's normalized lifecycle:

| DocuSign status | MJ EnvelopeStatus | |---|---| | created | Draft | | sent | Sent | | delivered | Delivered | | signed | Signed | | completed | Completed | | declined | Declined | | voided | Voided |

Webhooks (DocuSign Connect)

DocuSign Connect pushes envelope events to POST /esignature/webhook/DocuSign. The driver verifies the x-docusign-signature-1 header as an HMAC over the raw request body using your connectHmacKey. If the key is configured and the signature doesn't match, the event is logged and the envelope status is left unchanged — see the webhook flow.

Testing

cd packages/eSignature/Providers/DocuSign && npm run test

Related

| | | |---|---| | eSignature overview | The whole subsystem. | | Core primitive | The contract, engine, and data model this driver plugs into. | | PandaDoc driver · Dropbox Sign driver | Sibling providers. |