docusignapi - Docusign error "consent required" when trying to authenticate with jwt

Question

I know it's recommended to use Authorization Coe Grant, but I'm running into authentication issues when I try to implement JWT auth.

try
            {
                _docusignAuthenticationService.AuthenticateFromJwt();
            }
            catch (ApiException apiExp)
            {
                // Consent for impersonation must be obtained to use JWT Grant
                if (apiExp.Message.Contains("consent_required"))
                {
                    return Redirect(BuildConsentURL());
                }
            }

private string BuildConsentURL()
        {
            return "https://account-d.docusign.com/oauth/auth" + "?response_type=code" +
                "&scope=signature%20impersonation" +
                "&client_id=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" +
                "&redirect_uri=" + "http://localhost:63849";
        }

Am I missing a step in configuring my account to use JWT?

Answer 1

JWT requires each user consent once for a given app (based on the IK). This can be done per user, or using admin consent - for the entire org. Larry blog post talks all about it. Your code looks correct. Did you hit the exception? did the browser open and ask your for consent? and if so - did you then try again? using the same account?

Update: the issue has to do with having different scopes for consent vs. when making the JWT token request. The set of scopes must be the same and must always include "impersonation."