# Docusign Connect your company's Docusign account to Cakewalk's MCP Gateway. Every agent tool call against Docusign passes through the gateway and is evaluated against your Policies. ## Requirements * Docusign admin who can access **Apps and Keys** in eSignature Admin. ## About Scopes Docusign surfaces required scopes on the OAuth consent screen at connect time, rather than on the app's configuration page. You will approve the scope set in the Docusign consent flow; nothing is preselected on the integration. Scopes limited to read access constrain agent actions; scopes that include envelope creation enable sending. ## Step 1: Create an Integration 1. Open (developer account). For production, use `https://apps.docusign.com/admin/apps-and-keys`. 2. In the **INTEGRATIONS** sidebar, click **Apps and Keys**. 3. Click **Add App and Integration Key**. 4. Add a name for your app, then click **ADD**. You land on the integration's configuration page. The top section shows the **Integration Key**, a GUID that Cakewalk uses as the Client ID. ## Step 2: Pick the Authentication Method Under the authentication method picker, select **Authorization Code Grant**. This is the default and the only flow Cakewalk's gateway supports. ## Step 3: Configure the Redirect URI 1. Scroll to the **Redirect URIs** section. 2. Click **ADD URI**. 3. Enter: ``` https://mcp-gateway.getcakewalk.io/api/v1/Auth/Callback ``` 4. Click **SAVE**. ## Step 4: Generate a Secret Key 1. Scroll to the **Secret Keys** section. 2. Click **+ Add Secret Key**. 3. Copy the secret value immediately. Docusign shows it once. The secret is Cakewalk's Client Secret. ## Step 5: Paste Credentials Into Cakewalk 1. Open . 2. Go to All Connections. 3. Find Docusign. 4. Click Edit credentials. 5. Paste the Integration Key as **Client ID** and the Secret Key as **Client Secret**. 6. Save. ## Step 6: Approve Scopes on Consent When you trigger the OAuth flow from Cakewalk, Docusign presents a consent screen listing the scopes the MCP server requests. Review and approve. If you grant only read scopes, agents cannot send envelopes; pick the scope set that matches the agent actions you want to allow. ## Verifying It Works The Docusign Connection card flips to Active on All Connections. From an agent platform connected to Cakewalk, ask the agent to list your recent Docusign envelopes. If Docusign returns results, the Connection is live. ## Troubleshooting * Invalid redirect URI on consent: confirm the **Redirect URIs** entry matches `https://mcp-gateway.getcakewalk.io/api/v1/Auth/Callback` exactly. Docusign supports multiple URIs on one integration; only the matched one applies. * Lost Secret Key: Docusign displays secrets only at creation. If you missed the copy, generate a new Secret Key and reconnect. * Production vs developer: integration keys do not transfer between developer (`apps-d.docusign.com`) and production (`apps.docusign.com`). For a production Connection, repeat these steps on the production admin URL. ## Learn More * [Docusign MCP server](https://developers.docusign.com/platform/mcp-server/) * [Configure an OAuth app in Docusign](https://developers.docusign.com/platform/auth/authcode/) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://www.cakewalk.security/docs/ai-agent-access/connections-and-integrations/agent-connections/docusign.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.