Opening a pending document is subject to the document access security, as configured for you by the respective Document Owner. When you try to open a pending document to process:
Either by clicking the "Sign" button, or
By following the document link from your notification email, you could face any/ all/ none of the following viewing restrictions:
In case a document is access duration protected, SigningHub will allow you to open it, in that particular time period only. The document will be inaccessible to you before and after the configured period. Contact the respective document owner if you receive an error message regarding the document access period.
In case a document is password protected, SigningHub will prompt for the password before opening it. Contact the respective document owner if you don't know the password.
In case a document is OTP protected, SigningHub will prompt for the 4, 6, or 9 digit OTP before opening it. The OTP will be sent on your mobile phone or Email based on your service plan. if your mobile number is incorrect on the OTP dialog, contact the respective document owner to change your mobile number. Once OTP is received, enter it in the text field. In case OTP is not received, you may select the option to resend it. You can also choose another method for OTP by selecting 'Switch Method'.
In case a document is TOTP protected, SigningHub will prompt you to enter the Time-based One-Time Password from the authenticator app configured on your mobile device. In case you have not configured two factor authentication (2FA), upon trying to access a document that requires Time based One Time Password, an email will be sent to your email address to configure two factor authentication (2FA). The document will be accessible only upon providing the correct Time-based One-Time Password.
In case a pending document has not been protected by any access security, you can open it without any restriction.
The OTP length is based on your subscribed service plan. SigningHub currently supports 4, 6, and 9 digits OTP.
The OTP retry and expiry times are based on your subscribed service plan.
The OTP method will be as per the configured OTP method in the document owner's service plan.
"(Email)", in case only "Email OTP" is configured in the service plan
"(SMS)", in case only "SMS OTP" is configured in the service plan
"(SMS and Email)", in case both "Email OTP" and "SMS OTP" are configured in the service plan
The gatekeeper follows the access security permissions that have been configured for the intended recipient and can view documents in the read-only mode.
The availability of a Time-based One-Time Password as a document access authentication method is subject to your subscribed service plan.
If the user does not have two-factor authentication (2FA) configured, they will be sent an email to set up and to provide a Time based One Time Password. If the user has already configured two-factor authentication (2FA) they will be prompted to provide the Time-based One-Time Password from the authenticator app configured on their mobile device.
To configure the two factor authentication (2FA) the user will need to install an authenticator app (Google Authenticator, Microsoft Authenticator, etc.) on their mobile device. The email sent to the user to configure two-factor authentication (2FA) will contain:
QR Code
Manual Key
Recovery Codes
To set up, the user can either scan the "QR Code" or manually input the "Manual Key" in the Authenticator app. Once the registration is successful, the user can provide the automatically generated Time-based One-Time Password from the Authenticator app to SigningHub in order to proceed. The list of recovery codes included in the configuration email can be used in place of a Time-based One-Time Password, once each recovery code is to regain access to your SigningHub account, in case you lose access to your mobile device. It is advised to save the recovery codes in a safe place. The user can, however, regenerate a new list of the recovery codes from the Manage Two Factor Authentication (2FA) option. In case an enterprise user loses access to your mobile device and recovery codes, or has used all of the recovery codes, you can ask your enterprise admin to reset the two-factor authentication (2FA) against your account.