Login & Authentication Methods
Last updated
Last updated
© Ascertia Limited 2024
SigningHub offers a range of secure login and authentication methods to ensure a seamless and protected experience for all users. You can conveniently access your SigningHub account using your SigningHub ID or choose from various third-party authentication options that integrate seamlessly with your existing systems. These include popular platforms such as Microsoft Active Directory, Salesforce, Microsoft ADFS, Microsoft Office 365, LinkedIn, and Google.
To enhance security, SigningHub also supports two-factor authentication (2FA) through One-Time Passwords (OTP), ensuring that only authorized users can access sensitive information. For added flexibility, users can utilize SSL client certificates, as well as identity solutions like Freja Mobile, Freja eID, Bank ID, and itsme.
Organizations looking for advanced authentication methods can leverage options like Azure Active Directory, corporate logins, OpenID Connect (OIDC), OAuth2, and Azure SAML for a streamlined login experience. Selecting the authentication method that best fits your needs is crucial for maintaining security and ensuring ease of access to your SigningHub account. With these versatile options, you can choose the most suitable way to log in and manage your digital signing processes effectively.
Select the authentication option you wish to use.
The "Remember Me" functionality will retain the email address used to log in via SigningHub ID, as well as via third-party private authentication methods. However, this retention is applicable as long as the user manually enters the email address into the designated field.
If the ''Only display the logos of the authentication and signing profiles' checkbox is checked in SigingHub Admin and a logo has not been configured for an authentication profile in the connector, the system will pick and display a logo for the authentication profile from the SigningHub directory, on the login screen.
The authentication profiles with sort order 1 to 3, in SigningHub Admin, will be displayed on the login screen and the authentication profiles with the succeeding sort order will be displayed in the "More Login Options" dialog on the login screen.
The authentication profiles for which a sort order has been provided, in SigningHub Admin, will follow the defined sort order and the remaining authentication profiles will follow the default system sort order.
If the sort order has not been specified for any of the authentication profiles, the default system sort order will be followed.
As a part of GDPR compliance, the "Service Agreement" dialogue box will appear after successful user authentication. This dialogue box contains the links to the "Terms of Service" and "Privacy Policy" pages. SigningHub will ensure that you agree to them before letting you use your account.
The "Service Agreement" dialogue box will not appear after successful user authentication if no Service Agreement is marked active.
Following is the list of authentications that are SigningHub supports in its mobile web/native apps version, in addition to SigningHub desktop web. Rest of the authentications are supported in SigningHub desktop web only.
Password-based authentication (i.e. SigningHub)
One-Time Password as secondary authentication
Time-based One-Time Password as two-factor authentication
Microsoft Active Directory
Microsoft Office 365
Microsoft Azure Active Directory
OAuth2
OpenID Connect (OIDC)
In case your login session reaches the limit set by Admin for "Concurrent Sessions Limit>Global Configurations" then a dialogue box will appear with the message "Your account's login limit has been reached". Users also have the option to "Logout and Continue", this will log out a user from all the previous sessions and allow login into a new session.
The availability of Time based One Time Password, and One Time Password as a two-factor authentication method is subject to your subscribed service plan. In case you lose access to your mobile device and recovery codes, or have used all of the recovery codes, you can ask your enterprise admin to reset the two-factor authentication (2FA) against your account.
Once the enterprise administrator enforces a Time-based One-Time Password as a secondary authentication method on to a role, and a user under that role does not have two-factor authentication (2FA) configured at the time of login, they will be sent an email to set up and to provide a Time based One Time Password. If the user has already configured two-factor authentication (2FA) they will be prompted to provide the Time-based One Time Password from the authenticator app configured on their mobile device.
To configure the two-factor authentication (2FA) the user will need to install an authenticator app (Google Authenticator, Microsoft Authenticator, etc.) on their mobile device. The email sent to the user to configure two-factor authentication (2FA) will contain:
QR Code
Manual Key
Recovery Codes
To set up, the user can either scan the "QR Code" or manually input the "Manual Key" in the Authenticator app. Once the registration is successful, the user can provide the automatically generated Time-based One-Time Password from the Authenticator app to SigningHub in order to proceed. The list of recovery codes included in the configuration email can be used in place of a Time-based One-Time Password, once each recovery code is to regain access to your SigningHub account, in case you lose access to your mobile device. It is advised to save the recovery codes in a safe place. The user can, however, regenerate a new list of the recovery codes from the Manage Two Factor Authentication (2FA) option. In case an enterprise user loses access to your mobile device and recovery codes, or has used all of the recovery codes, you can ask your enterprise admin to reset the two-factor authentication (2FA) against your account.
