A compliance mandate doesn't have to mean more staff. Here's how McKula built embedded DocuSign signing directly into a client's existing application.
An existing McKula client received a new requirement from PennDot (Pennsylvania Department of Transportation): all project submissions and payment authorizations had to go through DocuSign. This was non-negotiable — it was a compliance mandate from a government agency they depended on for work.
The problem wasn't the requirement itself. It was the operational reality of fulfilling it manually. Processing documents outside their existing application meant additional staff — and at a time of labor scarcity and tightening margins, that wasn't an acceptable answer.
McKula developed a DocuSign integration that connected directly with the client's existing Angular 14 and .NET 6 application. Users could complete the entire signing workflow without ever leaving the browser environment they already worked in.
The team selected Authorization Code Grant authentication via the DocuSign NuGet package. This method was chosen for three reasons: ease of implementation, security, and the ability to support embedded signing.
The alternative — JWT grant authentication using a service account — would have handled the authentication differently but was less suitable for a user-facing embedded workflow. Authorization Code Grant allows users to authenticate through DocuSign's own login system, grant the application consent, and receive the tokens needed for programmatic envelope creation.
The broader lesson here applies to any mandated third-party tool: if you're required to use a platform, the question isn't whether to use it — it's whether your software talks to it directly, or your staff becomes the connector. Building the integration is almost always the better investment.