LogoLogo
  • Welcome
  • GETTING STARTED
    • SigningHub at a Glance
      • Overview
      • Why SigningHub
      • Signature types
      • Signing methods
      • Mobile signatures
        • How SigningHub works
      • Enterprise management
    • Key Terminologies & Concepts
      • System terminologies
      • System users
      • Service plans
      • Individual vs Enterprise subscriptions
      • Document statuses
  • Registration & Login
    • Account Registration
      • Register a free trial account
      • Register an individual account
      • Register an enterprise account
      • Accept an enterprise user invitation
      • Direct registration
    • Login & Authentication Methods
      • Login through SigningHub ID
      • Login through Microsoft Active Directory
        • Auto Provisioning for Microsoft Active Directory
      • Login through Salesforce
      • Login through Microsoft ADFS
      • Login through Microsoft Office 365
      • Login through LinkedIn
      • Login through Google
      • OTP as a two-factor authentication
      • Login through the SSL client
      • Login through Freja eID
      • Login through Azure Active Directory
        • Auto-Provisioning for Azure Active Directory
      • Corporate logins
      • Login through OIDC
      • Login through OAuth2
      • Login through Azure SAML- based SSO
  • Dashboard & Listing
    • Dashboard
      • GeoIP-based user location
      • Multilingual user interface
    • Document Listing
      • Document interactions
      • Manage custom folders
      • Manage the archive folder
      • Manage shared folders
      • Document actions
        • Sign
        • Bulk sign
        • Bulk share
        • View document
        • Package details
        • Send reminder
        • Workflow details
        • Comments
        • Start a new signing process
        • Recall
        • Evidence report
        • Replicate workflow
        • Download
        • Rename
        • Move to folder
        • Print
        • Delete
      • Search a document
  • Sharing & Signing
    • Document Sharing - A Document Owner's View
      • Sign a new document
      • Add a document
        • Document certification settings
        • Document-related utilities
        • Supported documents
      • Apply a template on your document
      • Configure signing order
      • Add a recipient, electronic seal, and placeholder
      • Configure special privileges
        • Configure recipient permissions
        • Configure document access security
        • Configure workflow reminders
        • Configure email language
        • Configure post processing
      • Configure comments
      • Add data fields
        • Add signature fields
        • Add in-person signature fields
        • Add electronic seal fields
        • Add initials fields
        • Add attachment fields
        • Add form components
        • Configure form filling
        • Add QR Code
        • Add unique identifier
        • Add drop-in comments
      • Add comments
      • Add attachments
        • Make attachments compulsory
      • Append documents
      • Save as template
      • Add email message
      • Change a recipient/placeholder after sharing
    • Document Signing - A Recipient's View
      • Open a pending document
      • Add/download attachments
      • Append documents
      • Recipient permissions
      • Fill in your form components
      • Fill in your form fields
      • Add your initials
      • Add your field attachments
      • Add your in-person signature
      • Agree to the legal notice
      • Add comments
      • Add your signature
        • XML signing
        • Word document signing
        • Electronic seal signing
        • eID Easy signing
        • CSC signing
        • Remote Authorisation Signing (RAS)
        • Signing using Policy OID
        • Local-side signing using T1C Server
        • Local-side signing using ADSS Server
        • Signing based on National ID validation
        • Signing via signature pad
        • Signing behavior w.r.t signature appearance
          • Enterprise subscription
          • Individual subscription
        • OTP authentication
      • Bulk sign fields
      • Add drop-in comments
      • Review a document
      • Update a document
      • Host in-person signing
      • Decline a document
      • View verification details
      • Change a recipient/ placeholder
      • Delegate your signing authority in a workflow
      • QR code scanning
      • Signing flow via API
        • Server-side signing
          • Single document signing
            • ADSS signing
            • RAS signing
            • CSC signing
            • eID Easy signing
          • Bulk document signing
            • ADSS signing
            • RAS signing
            • CSC signing
        • Client-side signing
          • Single document signing
            • T1C signing
            • Go>Sign signing
          • Bulk document signing
            • T1C signing
            • Go>Sign signing
  • Configurations
    • Personal Configurations
      • Set up your SigningHub profile
        • Locale
        • Enterprise
      • Active sessions
      • Authorised devices
      • Two-Factor Authentication (2FA)
      • Security
      • Manage your contacts
        • Import contacts via CSV file
      • Manage your groups
      • Manage your library
        • Manage your library documents
        • Manage your library folders
      • Manage your templates
        • Add a document
          • Configure certified signature
        • Add recipient(s), electronic seal(s) and placeholder(s)
        • Configure workflow type
        • Configure document comments
        • Configure special privileges
          • Configure recipient permissions
          • Configure document access security
          • Configure auto reminders
          • Configure email language
          • Configure post processing
        • Add email message
        • Add data fields
          • Add signature fields
          • Add in-person signature fields
          • Add electronic seal fields
          • Add initials fields
          • Add attachment fields
          • Add form components
          • Configure form filling
          • Add QR Code
        • Read-only templates
      • Manage your legal notices
      • Manage your SmartForms
        • Using SmartForm for response collection
        • Using SmartForm for routing
      • Configure signature settings
      • Enable cloud drives
      • Delegate settings
      • Configure your notifications
        • Configure your email content
      • Optimize your account storage
      • Delete your account
    • Enterprise Configurations
      • Set up your enterprise profile
      • View your enterprise logs
      • Manage your enterprise contacts
        • Import contacts via CSV file
      • Manage your enterprise groups
      • Manage your enterprise users
        • Register an enterprise user
        • Register enterprise users via CSV file
        • Edit Enterprise User Details
        • Reset the password of your enterprise user
        • Reset two factor of your enterprise user
        • View activities of your enterprise users
        • Set service quota of your enterprise use
        • Invite an enterprise user
        • Invite enterprise users via CSV file
        • Pre-authorize users
        • Disable an enterprise user
        • Search an enterprise user
        • Manage signing certificates
      • Manage your user roles
        • Basic information
        • User access preferences
        • Enterprise access preferences
        • Document preferences
        • Template and library document preferences
        • Signature preferences
        • Signature appearance preferences
        • Signing server preferences
      • Manage your enterprise documents
        • View all documents of your enterprise
        • View package details of your enterprise documents
        • View workflow details of your enterprise documents
        • Manage recipients of your enterprise documents
        • Send workflow completion report of an enterprise document
        • Terminate workflow of your enterprise documents
        • Delete your enterprise documents
      • Manage your enterprise library
        • Manage your enterprise library documents
        • Manage your enterprise library folders
      • Manage your enterprise templates
      • Manage enterprise legal notices
      • Manage your electronic seals
      • Document reports
      • Signature reports
      • Electronic seal statistics
      • Advanced reports
      • Brand your enterprise account
        • Primary colour
        • Sidebar navigation
        • Error colour
      • Integrate third party applications
        • Manage third party integrations
        • Assign custom roles to external users
      • Manage certificate filters
      • Configure your enterprise notifications
        • Configure your enterprise email content
      • Configure advanced settings
        • Configure enterprise default settings
        • Delete enterprise account
        • Configure document accessibility preferences
  • Service Plan Management
    • Service Plans and Billing
      • View your service plan & usage statistics
      • View your billing invoice
      • Upgrade your service plan
      • Cancel plan
  • Track & Audit Activities
    • Audit Trail Options
      • View the activity logs
      • View the workflow history
      • View the workflow evidence report
      • View system notifications
Powered by GitBook

© Ascertia Limited 2025

On this page
  • Introduction
  • How it works?
  • Configure a SAM Profile in ADSS
  • Configure a RAS Profile in ADSS
  • Configure a Signing Profile in ADSS
  • Configure a Certification Profile in ADSS
  • Configure a Connector in SigningHub Admin
  • Configure a Signing Profile in SigningHub Admin
  • Configure a Certification Profile in SigningHub Admin
  • Configure a Verification Profile in SigningHub Admin
  • Add Signing Profile to a Service Plan in SigningHub Admin
  • Add Verification Profile to a Service Plan in SigningHub Admin
  • Add Signing Server to a User Role in SigningHub Web
  • Allow the Configured Level of Assurance against a User Role in SigningHub Web
  • RAS Signing via SigningHub Web

Was this helpful?

Export as PDF
  1. Sharing & Signing
  2. Document Signing - A Recipient's View
  3. Add your signature

Remote Authorisation Signing (RAS)

Introduction

SigningHub provides Remote Authorised Signing (RAS) feature, to allow you to authorise a remote signature (done on server) using your registered mobile device(s), running any of the SigningHub native apps (i.e. Android or iOS). The device will have its user authentication built-in (touchID or PIN), so in a way you can also get two-factor authentication. The feature is available on those Android devices that support fingerprints verification, while in case of iOS devices, it can work with both touch ID or passcode verification. For RAS Signing configurations are required in the ADSS Server, SigningHub Admin, and SigningHub Web. Remote Authorisation Signing (RAS) supports the "Advanced Electronic Signature (AES)", "Qualified Electronic Signature (QES)", and "High Trust Advanced Signature (AATL)" levels of assurance. The availability of Remote Authorised Signing (RAS) feature is subject to your subscribed service plan and assigned role.

How it works?

  1. Configure a SAM profile, in ADSS.

  2. Configure a RAS profile, in ADSS.

  3. Configure a signing profile, in ADSS.

  4. Configure a certification profile, in ADSS.

  5. Configure a connector, in SigningHub Admin.

  6. Configure a signing profile, in SigningHub Admin.

  7. Configure a certification profile, in SigningHub Admin.

  8. Configure a verification profile, in SigningHub Admin.

  9. Add the signing profile to a service plan, in SigningHub Admin.

  10. Add the verification profile to a service plan, in SigningHub Admin.

  11. Add Signing Server to your user role, in SigningHub Web.

  12. Allow the configured level of assurance against the user role, in SigningHub Web.

  13. Sign the document via SigningHub Web.

Configure a SAM Profile in ADSS

For remote signing a SAM profile is configured in ADSS SAM Service.

To configure a SAM profile for remote signing, follow these steps:

  1. Copy the SAM Profile ID because it would be used in the upcoming steps.

  2. In the "User Signature Key Pair Settings" section, select "SCAL2" option against the "Sole Control Assurance Level". Then click the "Save" button.

Configure a RAS Profile in ADSS

For remote signing a RAS profile is configured in ADSS RAS Service.

To configure a RAS profile for remote signing, follow these steps:

  1. Copy the RAS Profile ID because it would be used in the upcoming steps.

  2. In the "SAM Service Settings" section, enter the SAM Profile ID, copied earlier, and provide the required details.

  3. In the "Credentials Authorisation Settings" section, check the "Implicit" option. Then click the "Save" button.

Configure a Signing Profile in ADSS

For remote signing a signing profile is configured in ADSS Signing Service.

To configure a signing profile for remote signing, follow these steps:

  1. Copy the Signing Profile ID because it would be used in the upcoming steps.

  2. In the "Select Signature Type" section, check "PKCS#1". Then click the "Next" button.

  1. In the "Advanced Settings" tab, check the "Enable remote signing" checkbox, enter the RAS Profile ID, copied earlier, and provide the required details. Then click the "Save" button.

Configure a Certification Profile in ADSS

For remote signing a certification profile is configured in ADSS Certification Service.

To configure a certification profile for remote signing, follow these steps:

  1. Copy the Certification Profile ID because it would be used in the upcoming steps.

  2. In the "RAS Service Settings" section, check the "Enable key pair generation through RAS Service" checkbox, enter the RAS Profile ID, copied earlier, and provide the required details. Then click the "Save" button.

Configure a Connector in SigningHub Admin

Make the following configurations to a connector in SigningHub Admin:

  1. In the "Basic Information" section, choose "ADSS Server" as the "Provider".

  1. In the "Details" section, provide the "RAS Address" and fill in the required fields.

Configure a Signing Profile in SigningHub Admin

Make the following configurations to a signing profile in SigningHub Admin:

  1. In the "Signing Method" section, check the "Enable Remote Authorisation" checkbox.

  2. Enter the Signing Profile ID, copied earlier, in the highlighted field.

Configure a Certification Profile in SigningHub Admin

Make the following configurations to a certification profile in SigningHub Admin:

  1. Select "Qualified Electronic Signature (QES)" as the "Level of Assurance".

  2. Select "Remote Authorisation" as the "Key Protection Option".

  3. Select the configured ADSS connector for certification purposes as the "Certification Authority Server".

  4. Enter the Certification Profile ID, copied earlier, as the "Certification Service Profile ID". Then click "Save".

Remote Authorisation Signing (RAS) supports the "Advanced Electronic Signature (AES)", "Qualified Electronic Signature (QES)", and "High Trust Advanced Signature (AATL)" levels of assurance.

Configure a Verification Profile in SigningHub Admin

Make the following configurations to a verification profile in SigningHub Admin:

  1. Select the configured ADSS connector for verification purposes as the "Signature Verification Server".

  2. Enter the Certification Profile ID, copied earlier, as the "Verification Service Profile ID". Then click "Save".

Add Signing Profile to a Service Plan in SigningHub Admin

Make the following configurations to a service plan in SigningHub Admin:

  1. Select and add the signing profile, configured earlier, in a service plan in SigningHub Admin.

  2. Select the level of assurance which was selected in the certification profile, configured earlier. (For the purposes of this use case, the level of assurance is Qualified Electronic Signature (QES)).

  3. In the "Signing Capacities" field, select the certification profile, configured earlier.

Add Verification Profile to a Service Plan in SigningHub Admin

Make the following configurations to a service plan in SigningHub Admin:

  1. Select and add the verification profile, configured earlier, in a service plan in SigningHub Admin, as shown below:

Add Signing Server to a User Role in SigningHub Web

Make the following configurations to a user role in SigningHub Web:

  1. Against your user role, in the "Signing Server Preferences" tab, add the signing server, configured earlier.

  2. In the "Server" section, select the signing profile, configured earlier, as the "Signing Server".

Allow the Configured Level of Assurance against a User Role in SigningHub Web

Make the following configurations to a user role in SigningHub Web:

  1. Against your user role, in the "Document Settings" tab, add the configured level of assurance. (For the purposes of this use case, the level of assurance is Qualified Electronic Signature (QES)).

RAS Signing via SigningHub Web

To sign the document via SigningHub Web, follow the below-mentioned steps:

  1. Open SigningHub Web and open a document the document you want to sign. The level of assurance of the signature field must be the same as configured earlier. (For the purposes of this use case, the level of assurance is Qualified Electronic Signature (QES)).

  2. Click on the "Signature" field, select the "Signing Capacity", configured earlier, and then click on the "Sign" button. An authentication request will be sent to your registered mobile device for remote authorisation. In case you want to withdraw the remote authorisation request, click on the "Cancel Request" button.

  3. Run SigningHub app (Android or iOS) on your mobile device and log in using the credentials which you have used on SigningHub Web. Click on "Remote Authorisation" to view the authorisation requests.

  4. If your device is not authorised for RAS Signing, follow the below-mentioned configurations for device registration:

    • To select the configured RAS profile against a client, in ADSS Client Manager:

      • In the "RAS Service Settings" section against a client, select the configured RAS profile.

    • Log into the SigningHub app using the credentials against which you want to register the device. Click on "Remote Authorisation" and your device will be registered after biometric or PIN verification

  5. A pop-up will appear on your mobile device to authorise your signature through touchID or PIN. Upon authorisation, the document is signed.

  6. After signing the document, click the three dots menu and select "Signature Verification" to view "Signature Verification" details. The signatures are verified through the ADSS verification service.

  1. Remote Authorised Signing can be authorised through both SigninHub Native Apps as well as Go>Sign Desktop App.

  2. Once the user has made the required configurations in ADSS Server and SigningHub, when the user logs into SigningHub Web, the user will be automatically registered in the SAM Service. The user can view their authorised devices by clicking the "User Devices" button, and their certificates by clicking the "User Keys" button. Once a user is registered in SAM Service, the "Remote Authorisation User ID" will be added in the user's "Personal Information" in Enterprise Settings>Users.

  3. To configure user authentication settings for Go>Sign Mobile App Registration, in ADSS RAS Service:

    • In the "User Authentication Settings for Go>Sign Mobile App Registration" section, select the user authentication method at the time of registration, as required.

  4. To configure push notification settings, in ADSS RAS Service:

    • In the "Push Notification Settings (FCM)" section, configure the settings for push notifications, as required.

PreviousCSC signingNextSigning using Policy OID

Last updated 6 months ago

Was this helpful?