Collaboration

DocuSign Admin

Provision DocuSign users, permission profiles, and account memberships across your whole organization.

Dex connects to the DocuSign Admin API (https://api.docusign.net/management/v2) via JWT Grant authentication and runs org-level administration in natural language — provisioning users across linked accounts (POST /organizations/{orgId}/users), assigning permission profiles and groups, updating account memberships, and closing or reactivating seats. Distinct from the DocuSign eSignature integration, which covers envelopes and templates; this app requires eSignature Advanced plan or higher.

Book a Demo

What Dex does with DocuSign Admin

Dex handles both admin workflows and employee self-service — all policy-guardrailed and audit-logged.

For admins (CoAdmin)

List organizations and their linked DocuSign accounts (GET /organizations → linked_accounts[])
Search organization users by email, status (active, pending, closed, disabled), or account, with paginated results (take capped at 100)
Provision new users with a default account, permission profile, and group assignments in a single POST /organizations/{orgId}/users call
Update user profiles (name, job title) via PATCH and inspect any user's per-account permission profiles and groups via /account_settings
Change a user's permission profile on an account — e.g. promote to "Account Administrator" or demote to "DocuSign Sender"
Close (deactivate) a user's membership in an account, reactivate a closed membership with a new permission profile, or permanently purge a user — purges are confirmed before execution
Resolve emails to DocuSign user GUIDs automatically (the Admin API requires GUIDs in URLs, not emails)

For employees (self-service)

Request a DocuSign seat — Dex routes the provisioning through admin approval and creates the user with the right permission profile and groups
Request a permission change (e.g. sender rights) on your DocuSign account, routed through the configured approver
Ask which DocuSign accounts and permission profile you currently have

Just ask Dex

Your team types a request in plain language. Dex investigates, plans, and executes — with the right guardrails.

Admin prompts

>Provision a DocuSign user for maya.chen@acme.com on our main account with the "DocuSign Sender" permission profile and the Sales group
>List every DocuSign user in the org with status "pending" — who hasn't activated yet?
>Show me the permission profiles available on account "Acme Legal" so I can pick one for the new paralegal
>Change john.doe@acme.com's permission profile to "Account Administrator" on the EMEA account
>Close maya.chen@acme.com's membership in the Contractors account — she moved to full-time

Employee prompts

>I need a DocuSign seat to send contracts — can you get me access?
>Request sender permissions on my DocuSign account so I can send NDAs
>Which DocuSign accounts do I have access to, and what's my permission profile?

Policy actions

Every action Dex can take on DocuSign Admin is declared, scoped, and guardrailed. Admins control which apply, who approves them, and whether they're limited to self-service.

Action	What it does	Guardrails
`docusign_list_users`	List and search users across the DocuSign organization (by email, status, account)	—
`docusign_manage_user`	Provision, update, close, reactivate, or purge a DocuSign user — purges are irreversible and always confirmed	approval
`docusign_list_account`	List an account's permission profiles and a user's per-account memberships	—
`docusign_manage_account_membership`	Change a user's permission profile or account memberships	approval

How to configure DocuSign Admin

Onboarding takes minutes. Dex validates your credentials before saving them.

Setup steps

1
In DocuSign Admin, go to Apps and Keys and create (or reuse) an integration — copy the Integration Key. The same credentials work for both the eSignature and Admin apps if you enable both.
2
Generate an RSA keypair for the integration and upload the public key to DocuSign; keep the private key (full PEM, including the -----BEGIN/END PRIVATE KEY----- lines).
3
Note the API User ID (the GUID of the admin user Dex will impersonate) and your Account ID, plus the environment ("production" or "demo").
4
Grant one-time admin consent for the "signature impersonation" scopes — if consent is missing, Dex surfaces the exact consent URL to visit while signed in as a DocuSign admin.
5
In Dex, enable the DocuSign Admin integration and paste the credentials. Dex signs a JWT, exchanges it for an access token, and validates by listing your organizations — a 403 or empty list means your plan tier doesn't include the Admin API.

Credentials required

integration_key: Integration Key from DocuSign Admin → Apps and Keys
user_id: API User ID (GUID) of the admin user Dex impersonates via JWT Grant
account_id: DocuSign Account ID (GUID)
private_key: RSA private key in PEM format matching the public key uploaded to the integration (paste the full key including header and footer lines)
environment: "production" (account.docusign.com) or "demo" (account-d.docusign.com); defaults to production

Requirements

•DocuSign eSignature Advanced plan or higher — the Admin API is not available on lower tiers (403 ORGANIZATION_DOES_NOT_EXIST means the tier isn't purchased)
•An organization must exist with your accounts linked to it — the Admin API operates at the organization level, above individual accounts
•One-time admin consent for the integration's "signature impersonation" scopes, granted by a DocuSign admin
•User and account references in API URLs are GUIDs, not emails — Dex resolves emails to GUIDs via the ?email= filter automatically
•Use the separate DocuSign eSignature integration for envelope, template, and signing operations

Related integrations

See Dex run DocuSign Admin

Book a 30-minute walkthrough with our team and see how autonomous IT works in your environment — or get started for free.

Book a Demo Browse all integrations →