Adobe Sign users MCP server

Adobe Sign's user management API lets you programmatically create accounts, manage group membership, set permissions, and control account settings across your organization. An AI agent with access to Adobe Sign users can onboard new team members, assign roles and permissions, manage user groups, deactivate departing employees, and pull user activity reports. This integration is useful for IT administrators automating account provisioning, managers controlling access by department, and compliance teams auditing user activity.

Setting up an MCP server

This article covers the standard steps for creating an MCP server in AI Gateway and connecting it to an AI client. The steps are the same for every integration — application-specific details (API credentials, OAuth endpoints, and scopes) are covered in the individual application pages.

Before you begin

You'll need:

• Access to AI Gateway with permission to create MCP servers
• API credentials for the application you're connecting (see the relevant application page for what to collect)

Create an MCP server

Find the API in the catalog

1. Sign in to AI Gateway and select MCP Servers from the left navigation.
2. Select New MCP Server.
3. Search for the application you want to connect, then select it from the catalog.

Configure the server

1. Enter a Name for your server — something descriptive that identifies both the application and its purpose (for example, "Zendesk Support — Prod").
2. Enter a Description so your team knows what the server is for.
3. Set the Timeout value. 30 seconds works for most APIs; increase to 60 seconds for APIs that return large payloads.
4. Toggle Production mode on if this server will be used in a live workflow.
5. Select Next.

Configure authentication

Enter the authentication details for the application. This varies by service — see the Authentication section of the relevant application page for the specific credentials, OAuth URLs, and scopes to use.

Configure security

1. Set any Rate limits appropriate for your use case and the API's own limits.
2. Enable Logging if you want AI Gateway to record requests and responses for auditing.
3. Select Next.

Deploy

Review the summary, then select Deploy. AI Gateway provisions the server and provides a server URL you'll use when configuring your AI client.

---

Connect to an AI client

Once your server is deployed, you'll need to add it to the AI client your team uses. Select your client for setup instructions:

• Claude Desktop
• Claude Code
• Cursor
• VS Code
• Windsurf

Tips

• You can create multiple MCP servers for the same application — for example, a read-only server for reporting agents and a read-write server for automation workflows.
• If you're unsure which OAuth scopes to request, start with the minimum read-only set and add write scopes only when needed. Most application pages include scope recommendations.
• You can edit a server's name, description, timeout, and security settings after deployment without redeploying.

Authentication

Adobe Sign uses OAuth 2.0 for secure authentication. You'll need an Adobe Sign account with admin privileges. Create an OAuth application in your Adobe Sign account and configure these endpoints:

• Authorization URL: https://secure.{region}.adobesign.com/public/oauth/v2
• Token URL: https://api.{region}.adobesign.com/oauth/v2/token

The scopes you'll need are user_read to view user information, user_write to manage users, user_login for single sign-on, group_read and group_write to manage groups, account_read and account_write for organization-level settings. Optional scopes include webhook_write for event notifications.

Available tools

These tools let you manage the complete user lifecycle and permissions — from creating accounts and assigning roles to managing group membership and controlling feature access.

Tool	Description
Create user	Add a new user account to your Adobe Sign organization
List users	Retrieve all users with filtering and pagination options
Get user details	View full profile information for a specific user
Update user	Modify user name, email, title, or other profile fields
Deactivate user	Remove a user's access without deleting their account
Reactivate user	Restore access for a previously deactivated user
Create group	Set up a new user group for role-based access control
List groups	Retrieve all groups in your organization
Add user to group	Assign a user to a group and inherit group permissions
Remove user from group	Revoke a user's membership in a group
Update group permissions	Change what features and agreements a group can access
Get user activity	Retrieve login history and action logs for audit purposes

Tips

Use groups to manage permissions rather than setting permissions on individual users — groups make it easier to onboard new team members and adjust access when someone changes roles.

Establish a naming convention for groups (for example, "Department-HR" or "Team-Legal") so admins can quickly find and manage them.

Regularly audit active users and deactivate accounts for employees who have left or changed departments to maintain security and reduce license costs.

Assign the minimal necessary permissions to each group — avoid giving everyone admin rights unless they truly need them.

Export user activity logs quarterly to verify compliance with internal policies and to identify users who may need additional training or access adjustments.