I'm trying to build JWT Grant flow in authentication using Docusign APIs.
I usually get "invalid_grant" or "invalid_request" errors.
The redirect uri is returned with a code parameter and a jwt token.
What I understood, is I need to create a JWT at my server to further utilise that for authentication, and the structure of this JWT does not utilise that code parameter either.
I need to use the User:lists API to get the GUUID of the user who just gave my server consent using the email address.
And then use that GUUID for creating our JWT, which will now work?
But in all this we are not using the JWT returned in the code parameter.
Why it is there it is confusing?
When using the JWT grant auth method, you will be ignoring the code that is returned in your callback URL after user grants the permissions.
I understand that may be confusing but think of that step as "User granting permission to required scopes". If you were using the auth code grant flow, you'd be using the code returned to your callback URL to complete the auth and get the access token.
However, in the case of JWT grant you will ignore that code and you will create a signed payload to get a token as described here: https://developers.docusign.com/platform/auth/jwt/