DocuSign SSO issues on Dev environment.

Andrew Morgan morgan at orst.edu
Wed Nov 30 18:00:16 EST 2016


On Wed, 30 Nov 2016, Cantor, Scott wrote:

> On 11/30/16, 5:33 PM, "users on behalf of Andrew Morgan" 
> <users-bounces at shibboleth.net on behalf of morgan at orst.edu> wrote:
>>
>>    What is wrong about this?  Is that the wrong way for Docusign to 
>> specify a persistent NameID?
>
> No, but I very seriously doubt they require one. Their platform remains 
> 100% email-driven, that much I know for certain. So if they require a 
> mail attribute, they certainly shouldn't require this.

You're not far off.  We started our Docusign integration using one 
sourceAttribute for the computed NameID (our OSU ID number), but we knew 
we didn't want to use that attribute long-term.  When I changed the 
sourceAttribute to an internal IDM-generated attribute, I couldn't login 
to Docusign because the email address conflicted.

However, I'm pretty sure in my testing that I was able to change the email 
address released and have it update in Docusign (for the same NameID 
value), so that's actually kinda nice.

 	Andy


More information about the users mailing list