DocuSign
Send envelopes, query agreements, and run Maestro workflows via DocuSign's Intelligent Agreement Management platform
DocuSign integration connects your agents to DocuSign's IAM platform — eSignature envelopes, Maestro workflows, Navigator agreements, and Data Verification — through DocuSign's official MCP server.
Server URL: https://mcp.docusign.com/mcp
Setup
- Register a DocuSign Integration Key (see Bring your own app below)
- Navigate to Resources and click Add Resource
- Select DocuSign from the catalog
- Paste your Client ID (Integration Key UUID) and Client Secret
- Click Add
Each user connects their own DocuSign account via OAuth when they first use a DocuSign tool. Navigate to Connections to manage linked accounts.
Supported credential modes
DocuSign is bring-your-own-app only — every customer registers their own Integration Key. DocuSign does not support OAuth Dynamic Client Registration, and Integration Keys are tied to a customer account, so a shared embedded credential isn't a viable option here. See Credential modes for how this compares to other catalog resources.
Bring your own app
- Sign in at admindemo.docusign.com (developer/demo) or admin.docusign.com (production)
- Open Settings → Apps and Keys → Add App / Integration Key
- Under Authentication, enable the Authorization Code Grant flow and add a Secret Key — copy it (this is your Client Secret)
- Under Redirect URIs, paste the redirect URI shown in the gateway's Add MCP dialog and save
- Under Scopes, enable every scope listed in Required scopes — DocuSign rejects the OAuth request if the integration isn't entitled to a requested scope
- The Integration Key UUID at the top of the page is your Client ID
Available tools
| Tool | Description |
|---|---|
assessTemplatesForDV | Inspect templates and surface fields suitable for Data Verification |
cancelWorkflowInstance | Cancel a running Maestro workflow instance |
cloneDVEnabledTemplates | Clone templates and apply Data Verification field mappings |
createEnvelope | Create an envelope from a template or from documents at a remote URL |
discoverDVApps | Identify Data Verification apps compatible with given field types |
generateAccessToken | Interactive OAuth helper for creating Integration Keys and access tokens |
getAccount | Get account information for an eSign account |
getAgreementDetails | Get details for a specific Navigator agreement |
getAllAgreements | List Navigator agreements with filters and sort |
getBillingPlan | Get billing plan details by ID |
getBrand | Get a single brand by ID |
getBrands | List brands configured on the account |
getEnvelope | Get the status of a single envelope |
getEnvelopes | Search envelopes by date, ID, status, or sender/recipient |
getTabGroups | List tab groups configured via the Connected Fields API |
getTemplates | List templates with date, folder, and search filters |
getUser | Get a single eSign user by ID |
getUserInfo | Get the authenticated user's profile, accounts, and API base URIs |
getUsers | List eSign users on the account |
getWorkflowInstance | Get details for a specific Maestro workflow instance |
getWorkflowInstancesList | List instances of a Maestro workflow |
getWorkflowTriggerRequirements | Get trigger inputs required by a Maestro workflow |
getWorkflowsList | List available Maestro workflows |
installDVApps | Install Data Verification apps from a prior discovery step |
listBillingPlans | List billing plans associated with the distributor |
listRecipients | List recipients of an envelope and identify the current routing position |
pauseNewWorkflowInstances | Pause creation of new instances of a Maestro workflow |
planTemplateDataVerification | Generate a structured plan for enabling Data Verification on templates |
resumeWorkflow | Resume a paused Maestro workflow |
searchDocusignDocs | Search and reason over DocuSign Developer Center documentation |
suggestBestPractices | Analyze a DocuSign integration pattern and suggest upgrades |
triggerWorkflow | Trigger a new instance of a Maestro workflow |
updateEnvelope | Update an envelope: send, void, modify email, manage workflow steps |
Required scopes
signature— eSignature envelopes, templates, brands, recipients, and usersaow_manage— Maestro workflows (trigger, list, pause, resume, cancel)adm_store_unified_repo_read— Navigator agreement queriesagreement_object_model_read— full IAM agreement schema ingetAgreementDetailsmodels_read—searchDocusignDocsandsuggestBestPracticesAI toolsme_profile— authenticated user profile viagetUserInfoextended— keep refresh tokens valid beyond the default 30-day window
If your DocuSign account isn't entitled to all of these (for example, IAM features on a base plan), drop the unsupported scopes from the OAuth request — DocuSign rejects the entire authorization if any requested scope is unavailable. The corresponding tools will fail with a permission error at call time, but the rest of the surface keeps working.
Policy examples
- Allow read-only access: tool patterns
get*,list*,search*,assessTemplatesForDV,discoverDVApps,planTemplateDataVerification - Block envelope sending and modification: deny
createEnvelope,updateEnvelope - Block workflow control but allow inspection: allow
get*, denytriggerWorkflow,cancelWorkflowInstance,pauseNewWorkflowInstances,resumeWorkflow - Restrict admin tooling: deny
installDVApps,cloneDVEnabledTemplates,generateAccessToken