Data import
Connection details and authentication
Refresh token
| Parameter | Value |
|---|---|
| Base URL | {Domain}/restapi/v2.1/accounts/{account_id}/ |
| Authentication type | OAuth2 Custom |
| Token endpoint | {Token endpoint} |
| OAuth token type | Bearer |
| Auth request content type | grant_type=refresh_token&refresh_token={refresh_token}&client_id={client_id}&client_secret={client_secret} |
| Authentication server response format | application/x-www-form-urlencoded |
| Access Token Location | access_token |
| Authorization header | Authorization |
| Test connection | Select the box |
| Test query | users |
JWT token
| Parameter | Value |
|---|---|
| Base URL | {Domain}/restapi/v2.1/accounts/{account_id}/ developer environment URI: https://demo.docusign.net/restapi production environment URI: https://www.docusign.net/restapi |
| Authentication type | OAuth2 JWT |
| Token endpoint | developer environment URI: https://account-d.docusign.com/oauth/token production environment URI: https://account.docusign.com/oauth/token |
| OAuth token type | Bearer |
| JWT Encryption algorithm | RSASSA-PKCS1-v1_5 using SHA-256 (RS256) |
| JWT Type | JWT |
| JWT Public key ID* | test (required to ensure correct behavior — must not be empty even if unused) |
| JWT X.509 Certificate Thumbprint* | test (required to ensure correct behavior — must not be empty even if unused) |
| JWT Token Parameter | assertion |
| JWT Issuer | The Integration Key (Client ID) from your DocuSign app |
| JWT Subject | The User GUID with impersonation rights in your DocuSign account |
| JWT Audience | developer environment: account-d.docusign.com production environment: account.docusign.com |
| JWT Expiration time | in seconds – max 3600 |
| JWT Additional claims | scope,signature impersonation |
| JWT Private key (PEM format) | Paste your private RSA key (starts with -----BEGIN RSA PRIVATE KEY-----) |
| Test connection | Select the checkbox |
| Test query | users |
(*) Although the JWT Public key ID and JWT X.509 Certificate thumbprint are not required by DocuSign, Omada sends them by default, and DocuSign does not accept empty values. These fields must contain any non-empty string (for example: test) to avoid connection errors.
Queries and mappings
Users - Accounts
Parameters:
| Tab | Parameter | Value |
|---|---|---|
| General | URL | users |
| Advanced | http verb | GET |
Mappings:
| Destination | Operator | Source |
|---|---|---|
| Business key | Map | userId |
| Unique ID | Map | userId |
| Account Name | Map | |
| Display Name | Map | userName |
| Status | Expression | (userStatus == "ActivationSent" || userStatus == "ActivationRequired" || userStatus == "Active") ? "Active" : "Disabled" |
| Valid from | Map | createdDateTime |
| Distinguished name | Map | userId |
Groups - Resources
Parameters:
| Tab | Parameter | Value |
|---|---|---|
| General | URL | groups |
| Advanced | http verb | GET |
Mappings:
| Destination | Operator | Source |
|---|---|---|
| Business key | Map | groupId |
| Security resource business key | Map | groupId |
| Name | Map | groupName |
| Category | Constant | Permission |
| Type | Constant DocuSign | Group |
| Short name | Map | groupId |
Groups - Assignments
Parameters:
| Tab | Parameter | Value |
|---|---|---|
| General | URL | groups |
| Advanced | http verb | GET |
| Nested Requests | Nested URL | groups/{PARENT_groupId}/users |
Mappings:
| Destination | Operator | Source |
|---|---|---|
| Resource business key | Map | PARENT_groupId |
| Account – business key | Map | userId |
| Status | Expression | (userStatus == "activationsent" |\ userStatus == "activationrequired" || userStatus == "active") ? "Active" : "Disabled" |
Permission Profiles – Resources
Parameters:
| Tab | Parameter | Value |
|---|---|---|
| General | URL | permission_profiles |
| Advanced | http verb | GET |
Mappings:
| Destination | Operator | Source |
|---|---|---|
| Business key | Map | permissionProfileId |
| Security resource business key | Map | permissionProfileId |
| Name | Map | permissionProfileName |
| Category | Constant | Permission |
| Type | Constant | DocuSign Permission Profile |
| Short name | Map | permissionProfileId |
Permission Profiles - Assignments
Parameters:
| Tab | Parameter | Value |
|---|---|---|
| General | URL | users |
| General | Filter | permissionProfileId != "" / |
| Advanced | http verb | GET |
Mappings:
| Destination | Operator | Source |
|---|---|---|
| Resource business key | Map | permissionProfileId |
| Account – business key | Map | userId |
| Status | Expression | (userStatus == "ActivationSent" / |
Account rules
Ownership rule
The account owner is set to the identity where the Email value of the identity matches the Name value of the account.
| Field | Value |
|---|---|
| Type | Identity lookup |
| Join reason | Exact Match |
| Account attribute | Name |
| Identity attribute |
Classification rule
If an identity with the account attribute Identity join reason Equals Exact Match, the account type is set to Email.
| Field | Value |
|---|---|
| Account type | Personal |
| Scope attribute | Identity join reason |
| Scope operator | Equals |
| Scope value | Exact Match |