# Adobe Sign → DocuSign Migrator — Environment Variables
# Copy this file to .env and fill in your values.
# Never commit .env to version control.

# ─── Adobe Sign ──────────────────────────────────────────────────────────────

# OAuth app credentials from the Adobe Sign developer console
ADOBE_CLIENT_ID=ats-58a336e4-3dd5-466d-bc5d-ba341a012694
ADOBE_CLIENT_SECRET=4c9SRsLNEBn953hzR1wa7wL5VzHnD5k_
# Auto-written by src/adobe_auth.py after the one-time OAuth flow.
# Leave blank; they will be populated on first run.
ADOBE_ACCESS_TOKEN="3AAABLblqZhDON9k_91_RhgUlZbpHx6luaPSmu7_Jj1hrPdmqCQ6ciQDVJVVvLMr__4v161k3kZc6c2fYbxsl5tA1IbmQni9T"
ADOBE_REFRESH_TOKEN="3AAABLblqZhB6qLQOQ2H5oax-Ed3E6Nc0IqFupdB9UlKzAoWQ3Cb2u3lla4d6Vuquf9xHhGMfn68*"
ADOBE_SIGN_BASE_URL=https://api.eu2.adobesign.com/api/rest/v6

# ─── DocuSign ────────────────────────────────────────────────────────────────

# Integration key (client ID) from the DocuSign developer console
DOCUSIGN_CLIENT_ID=your-integration-key

# Client secret — only needed for the one-time Auth Code Grant consent flow
DOCUSIGN_CLIENT_SECRET=your-client-secret

# GUID of the DocuSign user to impersonate via JWT grant
# Found in the DocuSign admin UI under Users → user details
DOCUSIGN_USER_ID=your-docusign-user-guid

# Account ID of the target DocuSign account
# Found in the DocuSign admin UI under Settings → Account Profile
DOCUSIGN_ACCOUNT_ID=your-docusign-account-id

# Path to the RSA private key file used for JWT signing
# Generate a keypair in the DocuSign developer console and save the private key here
DOCUSIGN_PRIVATE_KEY_PATH=/path/to/private.key

# OAuth auth server — use account-d.docusign.com for sandbox, account.docusign.com for production
DOCUSIGN_AUTH_SERVER=account-d.docusign.com

# eSignature REST API base URL
# Sandbox:    https://demo.docusign.net/restapi
# Production: https://na3.docusign.net/restapi  (replace na3 with your shard)
DOCUSIGN_BASE_URL=https://demo.docusign.net/restapi

# Redirect URI registered in your DocuSign app (used only during one-time consent flow)
DOCUSIGN_REDIRECT_URI=http://localhost:8080/callback

# Auto-written by src/docusign_auth.py to cache the JWT access token.
# Leave blank; they will be populated automatically.
DOCUSIGN_ACCESS_TOKEN=
DOCUSIGN_TOKEN_EXPIRY=