DocuSign - Signature part from JWT configuration

Question

Following this tutorial I'm stuck with figuring out what the part of the signature is supposed to keep.

What is the final struct from the JWT to request access token? What I'm using is this string: Base64UrlEncoded(header).Base64UrlEncoded(body).RSASHA256(Base64UrlEncoded(header).Base64UrlEncoded(body), provided_private_rsa_key)

Is this the supposed way of doing it? What I've noticed is that the tutorial in the signature part shows an example completely different from what they describe.

Thank you in advance!

Answer 1

Per JWT.IO, it looks like the format of the signature should be RSASHA256(base64UrlEncode(header) + "." + base64UrlEncode(payload), secret). If the periods in your code don't correspond to literal .s, then those would need to be added.

I'd recommend taking the assertion you're generating and plugging it in to JWT.IO's Debugger along with your public key to confirm you've generated a valid assertion.