Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
The tab lets you configure basic information as well as authentication settings. Basic information consists of role name, description and whether it'll be default for new users or not. The Login Authentication lets you configure a private authentication method in a role. This method is specifically used for the login authentication of your enterprise users, and will not be available to public users under the "More Login Options" link of login screen. At the time of login, SigningHub will check the IDs of your enterprise users and allow them to only authenticate themselves through the private method configured in their role. However they can also login by using "More Login Options" link, if you allow them to use public authentication methods.
Login with your enterprise admin credentials.
Click "Configuration" in left menu.
Choose "Roles" under People options in Enterprise Administration section.
Select the role to edit and click "Edit Role" in right panel. Role screen will appear for re-configurations.
Click "Basic Information". Configure the basic information as required.
Click "Save changes".
See the description in the "Basic Information" table below.
Login with your enterprise admin credentials.
Click "Configuration" in left menu.
Choose "Roles" under People options in Enterprise Administration section.
See the description in the "Authentication Preferences" table below.
When you update a role in a production environment, the saved changes are available to the related users on their next login.
A private authentication profile is the one that is exclusively used for corporate logins and is not available to the end users (public) on their Login screen and Integration screen of SigningHub Desktop Web.
The Enterprise Access Preferences tab lets you configure the account administration related SigningHub modules in a role. You can select your choice modules from the list to make them available to your enterprise users/ admins (registered with this role) for navigation. SigningHub supports granular access management along with their fine grained authorization, i.e. read, add/ edit, and delete access on different modules/ sub modules of the system.
Login with your enterprise admin credentials.
Click "Configuration" in left menu.
Choose "Roles" under People options in Enterprise Administration section.
Select the role to edit and click "Edit Role" in right panel. Role screen will appear for re-configurations.
Click "Enterprise Access Preferences". Select the user settings check boxes and their respective granular access as required.
Click "Save changes".
See the description in the "Enterprise Access Preferences" table below.
When you update a role in a production environment, the saved changes are available to the related users on their next login.
By default, the "Advanced Enterprise Reports" option will be disabled for all existing user roles.
Click "Basic Information". Configure the authentication settings as required.
Click "Save changes".
Once the enterprise administrator enforces Time based One Time Password as a secondary authentication method on to a role, and a user under that role does not have two factor authentication (2FA) configured at the time of login, they will be sent an email to set up and to provide a Time based One Time Password. If the user has already configured two factor authentication (2FA) they will be prompted to provide the Time based One Time Password from the authenticator app configured on their mobile device.
To configure the two factor authentication (2FA) the user will need to install an authenticator app (Google Authenticator, Microsoft Authenticator, etc.) on their mobile device. The email sent to the user to configure two factor authentication (2FA) will contain:
QR Code
Manual Key
Recovery Codes
To set up, the user can either scan the "QR Code" or manually input the "Manual Key" in the Authenticator app. Once the registration is successful, the user can provide the automatically generated Time based One Time Password from the Authenticator app to SigningHub in order to proceed. The list of recovery codes included in the configuration email can be used in place of a Time based One Time Password, once each recovery code, to regain access to your SigningHub account, in case you lose access to your mobile device. It is advised to save the recovery codes in a safe place. The user can however, regenerate a new list of the recovery codes from the Manage Two Factor Authentication (2FA) option. In case enterprise user loses access to your mobile device and recovery codes, or have used all of the recovery codes, you can ask your enterprise admin to reset the two factor authentication (2FA) against your account.
Role name
Name to be displayed for the role.
Description
Description for the role.
Default
Enable if you want to make it default for new users.
Default Authentication Method
Field to select a private authentication profile for the enterprise users belonging to this role. The drop down will show the list of authentication methods that are allowed in your service plan. When selected, the enterprise user will have to enter their registered ID in the login screen, SigningHub will read their ID and will automatically open the configured (private) authentication method (i.e. SSL authentication, Microsoft Active Directory, Salesforce, Google, etc.) screen for their authentication. Select the "None" option to disable the private authentication for this role. In this case SigningHub will let your enterprise users to use any public authentication from the "More Login Options" link of login screen.
Allow public authentication methods
Tick this check box to allow the enterprise users of this role to either use any public authentication method from the "More Login Options" link of login screen, or use the set private authentication method above to authenticate themselves. In this way they will have the option at the login time, whether to get themselves authenticated via any public authentication method or through the set private authentication method. If you leave this check box unticked against a configured private authentication method, the "More Login Options" link of login screen will be inaccessible to the enterprise users of this role.
Secondary Authentication Method
Field to enforce the enterprise users of this role, to use a secondary authentication method in conjunction with any of the private/ public authentication method. The drop down will show the list of secondary authentication methods that are allowed in your service plan i.e. One Time Password or Time based One Time Password. The enterprise users of this role will have to first provide the correct credentials of private/ public authentication method, and then based on their selected option, provide either:
One Time Password: An OTP will be sent on their mobile devices. The mobile number of an enterprise user on which the OTP is required to send, can be added in their personal profile, see details.
Time based One Time Password: The TOTP from the configured authenticator app on their mobile devices. The two-factor authentication (2FA) can be configured by the user in their personal profile.
Select the "None" option to disable the secondary authentication method for this role.
Electronic Seals
Select this option to allow the use of electronic seals in a role. This will enable the "Electronic Seals" tab under the "Enterprise Settings" option for the enterprise users/ admins belonging to this role, see .
Notifications
Select this option to allow the enterprise emails configuration access in a role. This will enable the "Notifications" tab under the "Enterprise Settings" option for the enterprise users/ admins belonging to this role, see .
Billing
Select this option to allow the enterprise billing configuration access in a role. This will enable the "Billing" option under the profile drop down for the enterprise users/ admins belonging to this role, see .
Application integrations
Select this option to allow the 3rd party integrations access in a role. This will enable the "Integrations" tab under the "Enterprise Settings" option for the enterprise users/ admins belonging to this role, see .
Branding
Select this option to allow the enterprise branding configuration access in a role. This will enable the "Branding" tab under the "Enterprise Settings" option for the enterprise users/ admins belonging to this role, see .
Reports
Select this option to allow the reports viewing access in a role. This will enable the "Reports" tab under the "Enterprise Settings" option for the enterprise users/ admins belonging to this role.
Documents
Select this option to allow the enterprise documents managing access in a role. This will enable the "Documents" tab under the "Enterprise Settings" option for the enterprise users/ admins belonging to this role, see .
Logs
Select this option to allow viewing enterprise related activity logs in a role. This will enable the "Logs" tab under the "Enterprise Settings" option for the enterprise users/ admins belonging to this role, see .
Advanced settings
Select this option to allow the advanced configuration access in a role. This will enable the "Advanced" tab under the "Enterprise Settings" option for the enterprise users/ admins belonging to this role, see .
Advanced reports
Select this option to allow the advanced reports viewing access in a role. This will enable the "Advanced Reports" tab under the "Enterprise Settings" option for the enterprise users/ admins belonging to this role.
Stamps
Select this option to allow enterprise stamp managing access in a role. This will enable the "Stamps" tab under the "Enterprise Settings" option for the enterprise users/ admins belonging to this role.
Enterprise profile management
Select this option to allow the enterprise profile configuration access in a role. This will enable the "Profile" tab under the "Enterprise Settings" option for the enterprise users/ admins belonging to this role. Also the users with this access can be marked as enterprise account owner, as they will be listed in the "Account Owner" tab of Enterprise>Profile for selection.
Users
Select this option to allow the enterprise users management access in a role. This will enable the "Users" tab under the "Enterprise Settings" option for the enterprise users/ admins belonging to this role, see details.
Roles management
Select this option to allow the enterprise roles management access in a role. This will enable the "Roles" tab under the "Enterprise Settings" option for the enterprise users/ admins belonging to this role, see details.
Groups
Templates
Select this option to allow the enterprise templates management access in a role. This will enable the "Templates" tab under the "Enterprise Settings" option for the enterprise users/ admins belonging to this role, see details.
Library
Select this option to allow the enterprise documents library management access in a role. This will enable the "Library" tab under the "Enterprise Settings" option for the enterprise users/ admins belonging to this role, see details.
Signature settings are all about configuring the allowed signing methods (i.e., Server-side Signing, Client-side (Local) Signing, and/or Mobile Signing), authentication methods (i.e., No Authentication, OTP via SMS, SigningHub ID, Microsoft Active Directory, Salesforce, Freja eID etc.) and signing capacities in a role. You can separately configure these settings for web browsers and mobile apps, and choose a default signing method for each case. You can also configure Remote Authorized Signing here, which allows a user to authorize a remote signature (done on the server) using their registered mobile device. The device will have its user authentication built-in (touchID or PIN), so in a way they can also configure two-factor authentication. Furthermore, this section lets you manage signing reasons, which are used in the Signature Appearance, and become a permanent part of a PDF signature. The signing reasons can optionally be displayed in the signed PDF document.
Login with your enterprise admin credentials.
Click "Configuration" in left menu.
Choose "Roles" under People options in Enterprise Administration section.
Select the role to edit and click "Edit Role" in right panel. Role screen will appear for re-configurations.
Click "Document Preferences" and "Signing Server Preferences" and configure desired setting.
Click "Save changes".
Allow user to manage signing reason
Enable this option to allow the users (belonging to this role) to view the "Signing Reason" field in the signing dialog of signature and set its value as required before signing. When 'Allow user to manage signing reason' is selected, there are following three options available further:
Select the "User defined" option, if you want the users to specify their own signing reasons at the time of signing.
Select the "Predefined" option, if you want your users to choose a signing reason from the available list (added via "Signing Reasons" button) at the time of signing. Also select a default signing reason that will be displayed to your enterprise users at the signing time. When the "Predefined" option is selected, the "Allow user to provide a custom signing reason" checkbox appears. If this checkbox is checked. the user will be able to choose a signing reason from the available list and will additionally have the option to add a custom singing reason at the time of signing. By default, this checkbox is unchecked for all existing enterprise roles.
Manage Signing Reasons
Click the "Add a signing reason" button to add signing reasons. The specified reasons will then be available in the "Predefined" and "Fixed" fields for selection. When used in the Signature Appearance, Signing reason becomes a permanent part of the PDF signature and can optionally be displayed in the signed PDF document. To add a new signing reason, write it in the "Signing Reason" field and click the "Save" button. To delete a signing reason, select the signing reason and click "Delete" button from the right panel.
Allow users to sign documents
Enable this option to allow the users (that are associated with this role) to perform signing operations and signature settings management. If this option is disabled, the below fields will also be disabled:
Hide signature dialog at the time of signing
Allow users to manage contact information
Allow user to manage location
Hide signature dialog at the time of signing
Enable this option to allow the users (who are associated with this role) to skip the signing dialogue box while performing the signature. The signing dialogue box will be hidden if :
“Hide signature dialogue box at the time of signing“ is enabled in your role,
You have selected Hand Signature Method as Text or Upload having the signature image in your My Settings> Signatures> Signature Appearance, and
You have a single signing capacity only
Allow user to manage contact information
Enable this option to allow the enterprise users (belonging to this role) to view the "Contact Information" field on the signing dialog of signature, and set its value as required before signing.
If you keep it deselected, this field will not be shown to the enterprise users on the signing dialogue box. In this case, the default set value will automatically be picked from the user's role upon signing, as highlighted below.
Allow user to manage location
Enable this option to allow the enterprise users (belonging to this role) to view the "Location" field on the signing dialog of signature, and set its value as required before signing.
If you keep it deselected, this field will not be displayed to the enterprise users on the signing dialogue box. In this case, the field value will be selected automatically from the default set value under the user's role settings upon signing. When this option is disabled from roles, then the signing location cannot be updated from the user's personal settings and will be shown as disabled in the user's settings.
Bulk signing
Enable this option to allow the enterprise users (belonging to this role) to sign and share multiple documents with a single click. They can perform bulk signing from the document listing screen or the document viewer screen.
If you keep it deselected, the bulk signing feature will not be available to the users belonging to this role.
Restrict delegated signing to only registered users
Enable this option to restrict the enterprise users (belonging to this role) to only delegate signing to the registered users.
If you keep it deselected, users belonging to this role can choose unregistered users as well for delegated signing.
The User Access Preferences tab lets you configure the usability related SigningHub modules in a role. You can select your choice modules from the list to make them available to your enterprise users (registered with this role) for navigation. SigningHub supports granular access management along with their fine grained authorization, i.e. read, add/ edit, and delete access on different modules/ sub modules of the system.
The 'Stamp Preferences' tab allows enterprise administrators to control which enterprise stamps are available to users assigned to the selected role. All enterprise stamps are listed in this section, and access can be managed individually using the toggle next to each stamp. Administrators can quickly enable or disable all stamps at once using the Allow All or Disable All options in the table header, ensuring complete flexibility in stamp access management.
Log in with your enterprise admin credentials.
Click "Configuration" in the left menu.
Choose "Roles" under People options in the Enterprise Administration section.
Select the role to edit and click "Edit Role" in the right panel. The role screen will appear for re-configurations.
Click "Stamp Preferences".
All your enterprise stamps will be listed here. Use the toggle next to the stamp to allow/disable it.
Select the "Fixed" option, if you want your users to use a fixed signing reason. Select a fixed signing reason from the list (added above using the "Signing Reasons" button).
If you keep the "Allow user to manage signing reason" option disabled, this field will not be displayed to the users in the signing dialog. In this case, the default set value will automatically be picked from the user's role upon signing, as highlighted below.
Click "Configuration" in left menu.
Choose "Roles" under People options in Enterprise Administration section.
Select the role to edit and click "Edit Role" in right panel. Role screen will appear for re-configurations.
Click "User Access Preferences". Select the user settings toggle buttons and their respective granular access as required.
Click "Save changes".
See the description in the "User Access Preferences" table below.
Signature Settings
Select this option to allow the user signatures configuration access in a role. This will enable the tab under the configurations for your enterprise users belonging to this role.
Groups
Select this option to allow the user groups management access in a role. This will enable the and tabs under the configurations for your enterprise users belonging to this role.
Templates management
Select this option to allow the user templates management access in a role. This will enable the tab under the configurations for your enterprise users belonging to this role.
Library management
Select this option to allow the user documents library management access in a role. This will enable the tab under the configurations option for your enterprise users belonging to this role.
Notifications
Select this option to allow the user emails configuration access in a role. This will enable the tab under the configurations option for your enterprise users belonging to this role.
Legal notices
Select this option to allow the user legal notices management access in a role. This will enable the tab under the configurations option for your enterprise users belonging to this role.
Click "Configuration" in left menu.
Choose "Roles" under People options in Enterprise Administration section.
Select the role to edit and click "Edit Role" in right panel. Role screen will appear for re-configurations.
Click "Template and Library Document Preferences".
In "Allowed Templates" section, enable toggle adjacent to the template you want to allow to be accessible.
You can use "Filter" to search, "Show" drop-down to manage which templates to show and "Disable All" and "Enable All" buttons to manage templates.
Login with your enterprise admin credentials.
Click "Configuration" in left menu.
Choose "Roles" under People options in Enterprise Administration section.
Select the role to edit and click "Edit Role" in right panel. Role screen will appear for re-configurations.
Click "Template and Library Document Preferences".
In "Allowed Templates" section, enable toggle adjacent to the template you want to allow to be accessible.
You can use "Filter" to search, "Show" drop-down to manage which templates to show and "Disable All" and "Enable All" buttons to manage templates.
Delegation
Select this option to allow the delegated signing feature in a role. This will enable the "Delegated Signing" tab under the configurations option for your enterprise users belonging to this role.
Advanced options
Select this option to allow the account deletion feature in a role. This will enable the "Advanced" tab under the configurations option for your enterprise users belonging to this role.
SmartForms
Select this option to allow the user SmartForms management access in a role. This will enable the "SmartForms" tab under the configurations for your enterprise users belonging to this role. This option will only appear if the "SmartForms" feature is enabled in the service plan.
Cloud Drives
Select this option to allow the cloud drive configuration access in a role. This will enable the "Cloud Drives" tab under the configurations option, and the "Get from Cloud" option on Document adding screen, for your enterprise users belonging to this role.
Google Drive: Select this option to allow access to Google Drive in a role.
OneDrive: Select this option to allow access to OneDrive in a role.
Dropbox: Select this option to allow access to Dropbox in a role.
Stamps
Select this option to allow the user Stamp management access in a role. This will enable the "Stamps" tab under the configurations for your enterprise users belonging to this role. This option will only appear if the "Stamps" feature is enabled in the service plan.
When you purchase an enterprise account of SigningHub, a default Enterprise Admin user is provided to you, having all the privileges and access in your SigningHub account. You can use the credentials of your Enterprise Admin to configure the role based granular access (i.e. read, add/ edit, and delete access on different modules/ sub modules of the system) for your enterprise users. You can even create multiple Enterprise Admins as required. When a new Enterprise is created, two roles will also be created in the Enterprise: Enterprise Admins and Enterprise Users. The Enterprise Users role is marked as "default", which means whenever a new user will be created in this Enterprise, the default role will automatically get assigned to the user. However, you can always modify which role should be the default. Remember, only one role can be marked as "default". In addition, you can also add new roles under this Enterprise. Read on to know what more you can do on this page. From here, you can manage (Add, Clone, Edit, and Delete) different roles and can assign them to your enterprise users and external users, in order to provide them custom access in the system. However you cannot delete a role, as long as it is assigned to any user within your enterprise or to external user of third party integration.
Login with your enterprise admin credentials.
Click "Configuration" in left menu.
Choose "Roles" under People options in Enterprise Administration section.
Login with your enterprise admin credentials.
Click "Configuration" in left menu.
Choose "Roles" under People options in Enterprise Administration section.
Login with your enterprise admin credentials.
Click "Configuration" in left menu.
Choose "Roles" under People options in Enterprise Administration section.
Login with your enterprise admin credentials.
Click "Configuration" in left menu.
Choose "Roles" under People options in Enterprise Administration section.
Login with your enterprise admin credentials.
Click "Configuration" in left menu.
Choose "Roles" under People options in Enterprise Administration section.
As a security consideration, always assign least privileges to a default users role. SigningHub assigns the default role to those enterprise users, for which Enterprise Admin did not specify any role. Similarly, the default role is automatically selected when inviting the enterprise users.
When you update a role, the saved changes are available to the related enterprise users on their next login.
Add a New Role dialogue will appear. Provide name and description and click "Add role" button to continue.
Fill in all the information in the respective sections.
Click "Save changes" button. Now assign this role to your enterprise user to give them configured access, see Manage your enterprise users.
"Clone Role" dialogue will appear. Specify name of the clonal role and its description as required. The clonal role name must be different than the original role name. If you want to make the clonal role as default in your enterprise, tick the "Mark default" check box. SigningHub assigns the default role to those enterprise users, for which Enterprise Admin did not specify any role. The default role is also automatically selected when inviting the enterprise users.
Role screen will appear. Edit the required tabs and click "Save changes".
Click "Delete" on confirm dialogue.
You cannot downgrade all the Enterprise Admins to Enterprise Users. SigningHub will ensure that at least one Enterprise Admin must be under Enterprise Admin role to manage all the account related configurations.
This section also lets you select a signature appearance design, which specifies the user information (i.e., Hand signature with details & company logo, hand signature with details, or hand signature only) to be displayed in a user signature. The configurations set here will be displayed as the default settings to your enterprise users belonging to this role. However, users can overrule these configurations through their personal signature settings or while signing a document.
Additionally you can configure a signature font, when using text based signatures in SigningHub Desktop Web. The signature appearance will be rendered in the same font upon signing.
Login with your enterprise admin credentials.
Click "Configuration" in left menu.
Choose "Roles" under People options in Enterprise Administration.
Signature Pad can be used to perform hand signatures and in-person hand signatures, only on Desktop Web.
Signature Pad can be used to perform initials only on Desktop Web.
If you clear all the signature appearance designs from the "Allowed Signature Appearance Designs" field, the "Default Signature Appearance" field will also clear up automatically.
If you want to configure a fixed signature appearance design for your enterprise users, belonging to this role, only select one signature appearance design in the "Allowed Signature Appearance Designs" field.
The Document Preferences tab lets you configure document-related settings in a role. From here, you can set the privileges for the document owners and recipients (within your enterprise) registered with this role, and may also configure document-related provisions available within integration mode (i.e., iFrame). The concept of has been introduced, which allows delegating your document processing authority to a group of users, configure it as required. It also provides a team working environment, where the peers have the same set of privileges inside a space and can process the team documents accordingly.
Click "Signature Appearance Preferences".
Click "Save Changes" button.
For a new enterprise user, by default, the first signature appearance design which was allowed in the user's service plan will appear in the "Default Signature Appearance" field.
For an existing user, if they had previously selected the "All" option to allow all the signature appearance designs, all the signature appearance designs as configured in the user's service plan will now be selected in the "Allowed Signature Appearance Designs" field, by default.
For an existing user, if they had previously selected the "Only" option to allow only one signature appearance design, the same signature appearance design will now be selected in the "Allowed Signature Appearance Designs" field, by default.
Web Browsers: Types of Hand Signature
The following preferences will be applicable to your enterprise users (that are registered with this role), when they perform signing through Web Browsers:
Select the "Hand-Drawn Signature" option, if you want to allow your enterprise users to draw freehand signatures using their system's mouse or touchscreen.
Select the "Text-based Signature" option, if you want to allow your enterprise users to type their names using their system's keyboard. Choosing this option will display an additional preference which can be set:
Select the "Auto fill with user name and lock the text field" check box to restrict your enterprise users from typing their names in the signature fields. SigningHub will auto fill their names in the signature fields and wont allow them to edit it.
Keep the "Auto fill with user name and lock the text field" check box deselected, if you don't want to add such a restriction for your enterprise users and allow them to type their names in the signature fields.
Select the "Upload Signature Image" option, if you want to allow your enterprise users to use an image for their signature. SigningHub will allow them to upload an image of their signature from their machine.
In case of allowing multiple signature methods, the "Default" field will list all the allowed methods. Select a method from the list that will be displayed as the default signature method for web browsers to your enterprise users in their Personal Settings. They can however overrule the default signature method as required from there.
Mobile Apps: Types of Hand Signature
The following preferences will be applicable to your enterprise users (that are registered with this role), when they perform signing through Mobile Apps:
Select the "Hand-Drawn Signature" option, if you want to allow your enterprise users to draw freehand signatures using their system's mouse or touchscreen.
Select the "Text-based Signature" option, if you want to allow your enterprise users to type their names using their system's keyboard. Choosing this option will display an additional preference which can be set:
Select the "Auto fill with user name and lock the text field" check box to restrict your enterprise users from typing their names in the signature fields. SigningHub will auto fill their names in the signature fields and wont allow them to edit it.
Keep the "Auto fill with user name and lock the text field" check box deselected, if you don't want to add such a restriction for your enterprise users and allow them to type their names in the signature fields.
Select the "Upload Signature Image" option, if you want to allow your enterprise users to use an image for their signature. SigningHub will allow them to upload an image of their signature from their machine.
In case of allowing multiple signature methods, the "Default" field will list all the allowed methods. Select a method from the list that will be displayed as the default signature method for web browsers to your enterprise users in their Personal Settings. They can however overrule the default signature method as required from there.
Types of Initials
The following preferences will be applicable to your enterprise users (that are registered with this role), when they add their initials:
Select the "Hand-Drawn Initials" option, if you want to allow your enterprise users to draw freehand signatures using their system's mouse or touchscreen.
Select the "Text-based Initials" option, if you want to allow your enterprise users to type their names using their system's keyboard. Choosing this option will display an additional preference which can be set:
Select the "Auto fill with user name and lock the text field" check box to restrict your enterprise users from typing their names in the signature fields. SigningHub will auto fill their names in the signature fields and wont allow them to edit it.
Keep the "Auto fill with user name and lock the text field" check box deselected, if you don't want to add such a restriction for your enterprise users and allow them to type their names in the signature fields.
Select the "Upload an Initials Image" option, if you want to allow your enterprise users to use an image for their signature. SigningHub will allow them to upload an image of their signature from their machine.
In case of allowing multiple initial methods, the "Default" field will list all the allowed methods. Select a method from the list that will be displayed as the default signature method for web browsers to your enterprise users in their Personal Settings. They can however overrule the default signature method as required from there.
Signature Appearance Designs
The "Allowed Signature Appearance Designs" field allows the enterprise admin to configure the signature appearance designs (i.e., Hand Signatures Only, Hand Signature with Details and Logo, Hand Signature with Details, or any other custom signature design) that the users, belonging to the role being configured, are allowed to use for digital signatures. It is a mandatory field. You can either allow specified signature appearance designs or allow all the available signature appearance designs. The drop down list for this field displays the signature appearance designs as configured in the service plan.
The "Default Signature Appearance" field defines what signature appearance design will be used by default when the document owners signs a signature field. Once the enterprise admin configures the "Allowed Signature Appearance Designs" field, the system will automatically populate the "Default Signature Appearance" field.
By default, the first allowed signature appearance from the "Allowed Signature Appearance Designs" field will be selected in the "Default Signature Appearance" field. The configured levels of assurance from the "Allowed Signature Appearance Designs" field will be listed in the "Default Signature Appearance" drop down list for the enterprise admin to manually configure it.
For a new enterprise user under a specific role, the system will pick the configured default signature appearance from this field and set it as the default signature appearance for the user in Personal Settings.
If "Allow users to manage signature logo" is enabled, the signature logo from user's personal signature appearance will appear on signature appearance. Signature Logo set under Enterprise Branding will appear if this configuration disabled for the user.
If "Allow users to use the signature appearance for Simple Electronic Signatures" is enabled, the users under this role, will be able to use signature appearance(s) for performing Simple Electronic Signatures (SES). By default this checkbox will be unchecked. If this checkbox is unchecked, the "Signature Appearance Design", "Reason", "Location", and "Contact Information" fields will not appear in the "SIGN" dialog, when performing signatures. The signatures will appear like an annotation.
Hand signature font
Specify the font to create signature text, when using text based signatures in SigningHub Desktop Web. The font preview will be available along with the font name.
By default "Phontphreaks" will be selected for new enterprises or roles. For individual and enterprise users "Phontphreaks" will be set as the default.
Login with your enterprise admin credentials.
Click "Configuration" in the left menu.
Choose "Roles" under People options in the Enterprise Administration section.
Select the role to edit and click "Edit Role" in the right panel. The role screen will appear for reconfigurations.
Click "Document Preferences". Select the user settings check boxes and their respective granular access as required.
Click "Save changes".
See the description in the "Document Preferences" table below.
Allow uploading and sharing of new documents
Select this option to allow the document owners within your enterprise (belonging to this role) to upload and share documents with any users (i.e., inside and outside your enterprise). This will enable the "New Workflow" option on their System Dashboard and Document Listing screens. If you keep the "Upload and Share" option deselected, it will restrict the document owners to upload and share documents with other users. However, they can still sign their (personal and received) documents.
Select the "Start existing workflow" sub option to show or hide the "" option on the the "Documents Listing" page under the More Options menu.
Select the "Replicate Workflow" sub option to show or hide the "" option on the the documents listing screen under the More Options menu, and on the document viewer screen.
Manage recipients after sharing a document
Select this option to allow the document owners within your enterprise (belonging to this role) to change the specified recipients after sharing a document. If you keep this option deselected, it will restrict the document owners to change the recipients once a workflow is initiated by them.
Printing
Select this option to allow the document owners within your enterprise (belonging to this role) to print the documents after initiating their workflows. If you keep this option deselected, it will restrict the document owners to print their workflow documents.
Download
Select this option to allow the document owners within your enterprise (belonging to this role) to download the documents after initiating their workflows. If you keep this option deselected, it will restrict the document owners to download their workflow documents.
Manage document attachments and document merging
Select this option to allow the document owners within your enterprise (belonging to this role) to manage their documents attachments and merging, after initiating their workflows. If you keep this option deselected, it will restrict the document owners to manage attachments of their documents or merge their documents once their workflows are initiated by them.
Recall workflows
Select this option to allow the document owners within your enterprise (belonging to this role) to recall workflows. If you keep this option deselected, it will restrict the document owners from recalling their workflows.
The enterprise admin who is willing to upload and share documents on behalf of their enterprise users, must have the "Application Integration" rights in their assigned role.
The "Template Applying", "Package Renaming", "Document Renaming", "Documents Merging", and "Documents Managing" options will not be available in the integration mode (i.e., iFrame), irrespective of their role settings.
When you update a role in a production environment, the saved changes are applicable to the related users on their next login.
The availability of "Bulk Signing and Sharing" provision is subject to your subscribed service plan. If you cannot find this option in your account, upgrade your service plan.
The availability of "Allow users to apply Artificial Intelligence (AI) to documents" option is subject to your subscribed service plan. If you cannot find this option in your account, upgrade your service plan.
In the "Level of Assurance" field under the "Allowed Signature Fields" section, the names of the Levels of Assurance are displayed as configured in the SigningHub Admin.
In addition, this field displays all the Levels of Assurance available in the SigningHub Admin. The "Only share with your enterprise contacts and groups" and the "Allow users to only use personal contacts and groups" options can not be checked simultaneously. If either one of the checkbox is checked, and the user tries to check the other one, the system will prompt an error
In case the "Allow users to only use personal contacts and groups" checkbox is checked, only personal contacts and groups will be visible to the user while:
Starting a workflow
Changing a recipient
The system will show the user name of a configured contact by checking the email address in the personal contacts. If the contact does not exist in personal contacts, then the system will show, as user name, the name set by the contact itself in their "My Settings".
If the "Set Document Access Authentication for all recipients" option is selected against the document owner's user role, the document owner will not be allowed to share the workflow until "Document Access Authentication" is set for all the recipient in the workflow.
If the "Set Document Signing Authentication for all recipients" option is selected against the document owner's user role, the document owner will not be allowed to share the workflow until "Document Signing Authentication" is set for all the recipient in the workflow.PreferencesPreferences
Adding a collaborator to the template
Adding a collaborator to the shared space
Configuring delegated signing
Configuring the delegate settings for the delegator and the gatekeeper
Personal groups
Configuring the personal groups; the system will hide the enterprise dropdown from personal groups.
Configuring the personal contacts; the system will hide the enterprise dropdown from personal contacts.
Configuring post-processing
Select the "Only share with your enterprise contacts and groups" sub option to restrict the document owners to only share documents with their enterprise contacts and enterprise groups. The users will not be able to share documents with any personal contacts or personal groups.
Select a value (i.e., Just Others, Me and Others, or Only Me) from the "Default signing mode" drop-down list that can be set as default when the document owners click the "New Workflow" button from their System Dashboard or Document Listing screens. They can however change the default workflow mode by clicking the adjacent drop-down list while initiating a workflow as required.
Select a value (i.e. Serial, Parallel, Individual, or Custom) from the "Default signing order" drop-down list which can be displayed (as selected) to the document owners while adding recipients in a workflow. They can however change the default workflow type while initiating a workflow as required.
Allow users to save a workflow as a template
Select this option to allow the document owners within your enterprise (belonging to this role) to save workflows as templates for use later. If you keep this option deselected, it will restrict the document owners from saving workflows as templates.
View the workflow details and workflow evidence reports
Select this option to allow the document owners within your enterprise (belonging to this role) to view the workflow history and workflow evidence reports of their documents after initiating their workflows. If you keep this option deselected, the document owners will not be able to see these options against their workflow documents.
Add invisible signatures in the document
Select this option to allow the document owners within your enterprise (belonging to this role) to add invisible signatures in a document. This will add an additional field (i.e., Display) under the "Details" tab of a signature field properties dialog. An invisible signature will not be displayed on a document. However it entails all other verifiable characteristics of e-signing i.e., Time stamping, Certificate Chain, Certificate Status, etc. An invisible signature can be a Digital Signature, Witness Digital Signature or Witness In-Person Signature as configured in a workflow.
Enforce document access authentication for the recipients
Select this option to require the document owners within your enterprise (belonging to this role) to set the document access authentication for all the recipients before sharing the workflow. By default, this option is deselected.
If you select this option, you can choose between: All: To configure document access authentication for all recipients in the workflow. Unregistered: To configure document access authentication only for the unregistered users in the workflow.
If you keep this option deselected, the document owners will be able to share the workflow without having to set the document access authentication for all the recipients.
Enforce document signing authentication for the recipients
Select this option to require the document owners within your enterprise (belonging to this role) to set the document signing authentication for all the recipients before sharing the workflow. By default, this option is deselected.
If you select this option, you can choose between: All: To configure document signing authentication for all recipients in the workflow. Unregistered: To configure document signing authentication only for the unregistered users in the workflow.
If you keep this option deselected, the document owners will be able to share the workflow without having to set the document signing authentication for all the recipients.
Enforce post-processing to send the completed document to all recipients
Select this option to require the document owners within your enterprise (belonging to this role) to check the 'Send the completed document to all recipients' post-processing option, before sharing the workflow. By default, this option is deselected. If you keep this option deselected, the document owners will be able to share the workflow without having to check the 'send the completed document to all recipients' post-processing option.
Allow users to apply Artificial Intelligence (AI) to documents
Select this option to allow the document owners within your enterprise (belonging to this role) to use Artificial Intelligence (AI) features while working with documents, including Simplify Content, Summarise, Legal Implications, and Error Detection. By default, this option is deselected.
If you keep this option deselected, the document owners will not be able to access or use any AI-powered features while working on documents.
By enabling this feature, you agree that the document content may be securely transmitted to third-party Artificial Intelligence (AI) service providers for processing. The information will be used solely to provide AI-powered features and will not be shared with unauthorised parties. By proceeding, you consent to this transfer and processing.
Certification options
Select this option to allow the document owners within your enterprise (belonging to this role) to certify the document to restrict the recipients to perform only the specific changes in a document, as the system won't allow them to perform any other changes.
If you keep this option deselected, the document owners will be able not be able to certify documents.
Certify with no changes
Select this option to disallow any changes to the document after the Certified Digital Signature has been applied. The recipients will not be able to add any annotation to the document, fill out PDF forms, or include additional signatures. This option is intended for documents requiring only one signature.
Certify with form filling and signing
Select this option to allow the recipients to only fill in PDF forms, and sign empty signature fields after the Certified Digital Signature has been applied. They will not be able to add any new annotations to the document. This option is intended for documents requiring one or more signatures.
Certify with form filling, signing and annotations
Select this option to allow the recipients to fill in PDF forms, sign empty signature fields, and add annotations to the document after the Certified Digital Signature has been applied. This option is intended for documents requiring one or more signatures.
Signature field
Select this option to allow the document owners within your enterprise (belonging to this role) to add signature fields in their workflows. If this option is selected, the "Level of Assurance" and "Default Level of Assurance" mandatory fields will appear for the user to configure. If you keep this option deselected, the document owners will not be able to add the "Signature" field while preparing workflows. The "Level of Assurance" field allows the enterprise admin to configure the levels of assurance that the document owners are allowed to use for a signature field. You can either allow specified levels of assurance or allow all available levels of assurance. The drop down list for this field displays the levels of assurance as configured in the service plan. The possible options for this field are:
Simple Electronic Signature (SES)
Electronic Seal (eSeal)
Advanced Electronic Seal (AdESeal)
Qualified Electronic Seal (QESeal)
Advanced Electronic Signature (AES)
High Trust Advanced Signature (AATL)
Qualified Electronic Signature (QES)
For details about the above mentioned levels of assurances, . The "Default Level of Assurance" field defines what levels of assurance will be used by default when the document owners drops a signature field. The system automatically populates this field as per the "Default Levels of Assurance" field, in the service plan. The configured levels of assurance from the "Level of Assurance" field will be listed in the "Default Level of Assurance" drop down list for the enterprise admin to manually configure the "Default Level of Assurance" field. The configuration of this field supersedes the configuration of the "Default Levels of Assurance" field in the service plan. For a new enterprise user under a specific role, the system will pick the configured default level of assurance from this field and set it as the default level of assurance for the user in .
In-Person signature field
Select this option to allow the document owners within your enterprise (belonging to this role) to add In-Person signature fields in their workflows. If this option is selected, the "Level of Assurance" and "Default Level of Assurance" mandatory fields will appear for the user to configure. If you keep this option deselected, the document owners will not be able to add the "In-Person Signature" field while preparing workflows. The "Level of Assurance" field allows the enterprise admin to configure the levels of assurance that the document owners are allowed to use for an In-Person signature field. You can either allow specified levels of assurance or allow all available levels of assurance. The drop down list for this field displays the levels of assurance as configured in the service plan. The possible options for this field are:
Simple Electronic Signature (SES)
Electronic Seal (eSeal)
Advanced Electronic Seal (AdESeal)
Qualified Electronic Seal (QESeal)
The "Default Level of Assurance" field defines what level of assurance will be used by default when the document owners drops an In-Person signature field. The system automatically populates this field as per the "Default Levels of Assurance" field, in the service plan. The configured levels of assurance from the "Level of Assurance" field will be listed in the "Default Level of Assurance" drop down list for the enterprise admin to manually configure the "Default Level of Assurance" field. The configuration of this field supersedes the configuration of the "Default Levels of Assurance" field in the service plan.
For a new enterprise user under a specific role, the system will pick the configured default level of assurance from this field and set it as the default level of assurance for the user in Personal Settings.
Initials
Select this option to allow the document owners within your enterprise (belonging to this role) to add initials fields in their workflows. If you keep this option deselected, the document owners will not be able to add the "Initials" field while preparing workflows.
Stamps
Select this option to allow document owners within your enterprise (assigned to this role) to add Stamp fields in their workflows. If you keep this option deselected, document owners will not be able to add the Stamp field while preparing workflows.
Name
Select this option to allow the document owners within your enterprise (belonging to this role) to add name fields in their workflows. If you keep this option deselected, the document owners will not be able to add the "Name" field while preparing workflows.
Select this option to allow the document owners within your enterprise (belonging to this role) to add email fields in their workflows. If you keep this option deselected, the document owners will not be able to add the "Email" field while preparing workflows.
Date
Select this option to allow the document owners within your enterprise (belonging to this role) to add date fields in their workflows. If you keep this option deselected, the document owners will not be able to add the "Date" field while preparing workflows.
Company
Select this option to allow the document owners within your enterprise (belonging to this role) to add company fields in their workflows. If you keep this option deselected, the document owners will not be able to add the "Company" field while preparing workflows.
Job Title
Select this option to allow the document owners within your enterprise (belonging to this role) to add job title fields in their workflows.
If you keep this option deselected, the document owners will not be able to add the "Job Title" field while preparing workflows.
Text field
Select this option to allow the document owners within your enterprise (belonging to this role) to add text fields in their workflows.
If you keep this option deselected, the document owners will not be able to add "Text Field" while preparing workflows.
Text area
Select this option to allow the document owners within your enterprise (belonging to this role) to add text areas in their workflows.
If you keep this option deselected, the document owners will not be able to add the "Text Area" field while preparing workflows.
Radio button
Select this option to allow the document owners within your enterprise (belonging to this role) to add radio buttons in their workflows.
If you keep this option deselected, the document owners will not be able to add "Radio Button" while preparing workflows.
Check box
Select this option to allow the document owners within your enterprise (belonging to this role) to add check boxes in their workflows.
If you keep this option deselected, the document owners will not be able to add "Check Boxes" while preparing workflows.
Add text
Select this option to allow the document owners within your enterprise (belonging to this role) to add text fields in their workflows.
If you keep this option deselected, the document owners will not be able to add the "Add Text" field while preparing workflows.
Attachment
Select this option to allow the document owners within your enterprise (belonging to this role) to add attachment fields in their workflows.
If you keep this option deselected, the document owners will not be able to add "Attachment" field while preparing workflows.
QR Code
Select this option to allow the document owners within your enterprise (belonging to this role) to add QR codes in their workflows.
If you keep this option deselected, the document owners will not be able to add QR codes while preparing workflows.
Proceed automatically upon completion of the mandatory actions by the signer
Select this option to automatically trigger the "Finish" button in a role. When the users belonging to this role will complete the mandatory actions of their collaboration, the "Finish" button will not be displayed on the screen and the process will be concluded automatically from their end.
If the "Automatically proceed with workflow upon completion of mandatory actions by signer" option is checked, the "Automatically close the document viewer" option shall appear.
Select the "Automatically close the document viewer" sub option to automatically close the document viewer once the signer has performed all the mandatory actions. By default, this option will be unchecked.
Add comments on documents
Select this option to allow the enterprise users (belonging to this role) to add comments on the workflow documents once their workflows are initiated.
If you keep this option deselected, it will restrict them to add comments on such documents.
Delete documents
Select this option to allow the enterprise users (belonging to this role) to remove documents from their accounts.
If you keep this option deselected, it will restrict them from deleting documents from their accounts.
Perform actions on behalf of enterprise users
Select this option to allow your enterprise admin to upload and share documents, manage recipients, add signature fields and form fields on behalf of the enterprise users belonging to this role, by using the SigningHub API. This is useful in cases where a specific set of users (i.e., Reviewers) are not allowed to upload and share documents on their own (i.e., the "Upload and Share" option is turned off for them), however they can still review the current status of documents and can send their reminders as required.
Manage shared folders
Select this option to allow the users within your enterprise (belonging to this role) to manage their shared spaces. They can create their own shared spaces for their nominated collaborators, and may also edit and delete these spaces as required. In this way, the nominated collaborators can process the workflows of shared space documents on behalf of the space owner in their absence.
If you keep this option deselected, the users (belonging to this role) would not be able to manage their own shared spaces. However, they can still collaborate in the shared spaces of other users, if they are made collaborators in them.
Restrict users from editing fields
Select this option to restrict the users (belonging to this role) from editing their job title and/or company name in Personal Configurations>Personal Information and workflows. By default, this option is deselected.
If you select this option, you can choose between: Job title: To restrict the user from being able to edit their job title. Company: To restrict the user from being able to edit their company name.
If you keep this option deselected, the users will be able to edit their job title and company name.
Even if a user is restricted from editing their job title and/or company, both the enterprise administrator and any user whose role includes permission to edit user details will still be able to modify these fields.
Login with your enterprise admin credentials.
Click "Configuration" in left menu.
Choose "Roles" under People options in Enterprise Administration.
Search and select the desired role and click on "Edit" button in left panel.
Expand "Signature Server Preferences" tab and click "Add a Signing Server".
Configure the settings as required.
Click "Done" button.
See below table for description.
When a new signing server is configured in the user role, it will fetch any signature appearance configurations set against the signing server in the service plan, if any.
When a new enterprise user is registered, if a signature appearance was set against this signing server in the service plan, against the user's role, it will be selected as the "Signature Appearance", by default.
Same authentication is applied on Electronic Seal (eSeal), Advanced Electronic Seal (AdESeal) and Qualified Electronic Seal (QESeal) though it will generate different certificates accordingly. Therefore, if you have selected the signing capacities of Electronic Seal (eSeal), Advanced Electronic Seal (AdESeal) and Qualified Electronic Seal (QESeal), then on this screen you will see them bundled as a single authentication.
Signing Servers to be configured under enterprise roles, are subject to your assigned enterprise service plan and only those signing servers will be available under enterprise roles that are configured in your service plan.
When adding a Signing Server for CSC, there is no signing capacities or level of assurance related information appears.
When the "Key Protection Option" option is set to 'System Password' (i.e., Sole Control is off) in certification profiles under SigningHub Admin configurations, SigningHub gives you the provision to choose a third-party authentication option for your enterprise users. You may select any of the following 15 options; through which your enterprise users can authenticate themselves for server-side signing.
No Authentication:
Select this option to let your enterprise users sign their documents directly without any authentication. In this case, their server based certificate will be used for signing but system will not prompt for any password or OTP.
SigningHub ID:
Select this option to allow enterprise users to use their SigningHub account password to sign their documents.
Microsoft Active Directory:
Select this option to allow enterprise users to use their Active Directory credentials to sign their documents. SigningHub will require their user ID (as registered in the organisational Active Directory) and domain password for the signing activity. you can authenticate using your Active Directory credentials at the time of signing having a different email address and vice versa.
Microsoft ADFS:
Select this option to allow enterprise users to use their ADFS credentials to sign their documents. SigningHub will require their user ID (as registered in cloud ADFS) and domain password for the signing activity. you can authenticate using your ADFS credentials at the time of signing having a different email address and vice versa.
Microsoft Office 365:
Select this option to allow enterprise users to use their Microsoft Office 365 credentials to sign their documents. SigningHub will require their Office 365 credentials (ID and password) for the signing activity. In case your enterprise user has logged in through SigningHub ID and want to sign through Microsoft Office 365 credentials, then their SigningHub ID (email address) and Office 365 ID (email address) must be the same.
Salesforce:
Select this option to allow enterprise users to use their Salesforce credentials to sign their documents. SigningHub will require their Salesforce credentials (ID and password) for the signing activity. you can authenticate using your Salesforce credentials at the time of signing having a different email address and vice versa.
LinkedIn:
Select this option to allow enterprise users to use their LinkedIn credentials to sign their documents. SigningHub will require their LinkedIn credentials (ID and password) for the signing activity. you can authenticate using your LinkedIn credentials at the time of signing having a different email address and vice versa.
Google:
Select this option to allow enterprise users to use their Google credentials to sign their documents. SigningHub will require their Google credentials (ID and password) for the signing activity. you can authenticate using your Google credentials at the time of signing having a different email address and vice versa.
Freja eID:
Select this option to allow your enterprise users to use their Freja eID authentication to sign their documents. Whenever, your enterprise user attempts to sign a document, a signing request will be sent to their mobile device running the Freja eID app. Upon confirmation from the Freja eID app, the document will be signed.
Authorisation via Mobile App:
Select this option as the Authentication Method to allow your enterprise users to use remote authorised signing provision. This option will only appear for the capacities that has Qualified Electronic Signature (QES) configured as the level of assurance and appears under 'Signing Capacities for Remote Authorization (Owned by User)' category.
OAuth2:
Select this option to allow enterprise users to use your IDP credentials (OAuth2 supported protocol) to sign their documents. SigningHub will require their IDP credentials (ID and password) for the signing activity. you can authenticate using your IDP credentials at the time of signing having a different email address and vice versa.
OIDC:
Select this option to allow enterprise users to use your IDP credentials (OIDC supported protocol) to sign their documents. SigningHub will require their IDP credentials (ID and password) for the signing activity. you can authenticate using your IDP credentials at the time of signing having a different email address and vice versa.
When you update a role in a production environment, the saved changes are applicable to the related users on their next login.
The drop-down list of "Authentication Method" (i.e., SigningHub ID, Salesforce, Microsoft Active Directory, LinkedIn, Google, Bank ID etc.) in server-side signing, depends on the key protection option under your certification profiles. If you are unable to find the required authentication method in the list; contact .
CAPACITIES
Capacities
This screen lets you configure different "Signing Capacities" for each Level of Assurance. It enables a user to sign on multiple positions within an organisation. When configured, SigningHub creates multiple certificates for the user as per their allowed capacities in the service plan and categorized based on the allowed level of assurances that are configured in the service plan. The user can pick a desired capacity at the signing time and the related certificate will be used in their signature.
Add the signing capacities as required for the enterprise user(s) belonging to this role, categorised as per level of assurance. The options available in the drop-down list are allowed in your service plan.
If there is only one signing capacity then it will not be displayed in the signing dialog at the time of signing. Only the multiple signing capacities will be displayed in the signing dialog. You can select any one of these available capacities for signing.
Default Signing Capacity
Select a capacity from the selected ones in this field that will be displayed as the default signing capacity to the user(s) while signing.
In a scenario where one or more enterprise users can have the same signing capacities within your enterprise, create a specific role with the desired capacities and simply assign it to them. However, when each user has a different set of signing capacities, then create an exclusive role for each user and configure their signing capacities accordingly.
AUTHENTICATIONS
Authentications
This screen lets you select signing-time authentication methods separately for the role. The Levels of Assurance of the selected Signing Capacities are hierarchically grouped under Organization, User and SigningHub Admin. You can select signing-time authentication methods for each of them separately.
Authentication Method
You can select authentication methods for SigningHub web and mobile apps against the relevant Levels of Assurance. The available authentication methods are subject to your Service Plan configuration. The selected method will be used as authentication method, when your enterprise users sign their documents through any web browser. You can configure both; public and private authentication profiles, under "Authentication Method". See the details of authentication methods below. In case of configuring Remote Authorised Signing (RAS), configure signing capacities for RAS in your Service Plan and "Authorisation via Mobile App" option will appear as Authentication Method for those capacities under 'Signing Capacities for Remote Authorisation (Owned by User).
Secondary Authentication Method
Select another authentication method (i.e., Time based One Time Password, One Time Password or No Authentication) from the "Secondary Authentication Method" field. This method will be used in addition to the above mentioned authentication method, giving your enterprise users a provision to use a secondary authentication method at signing time. If a secondary authentication for signing through web browsers is not required, then select "No Authentication" from this field.
The "Signature Appearance" field appears for both; server-side signing servers, and local-side signing servers.
A passkey authentication profile can be configured as the 'Authentication Method' for the ADSS signing server.
The availability of Time based One Time Password, and One Time Password as a secondary authentication method is subject to your subscribed service plan.
Once the enterprise administrator enforces Time based One Time Password as a secondary authentication method for a signing server against a role, and a user under that role does not have two factor authentication (2FA) configured at the time of signing with that signing server, they will be prompted with a 'Configure Two Factor Authentication' dialogue to set up and provide a Time-based One-Time Password.. If the user has already configured two factor authentication (2FA) they will be prompted to provide the Time based One Time Password from the authenticator app configured on their mobile device.
To configure the two-factor authentication (2FA) the user will need to install an authenticator app (Google Authenticator, Microsoft Authenticator, etc.) on their mobile device. The 'Configure Two-Factor Authentication' dialogue shown to the user will contain:
QR Code
Manual Key
Recovery Codes
To set up two-factor authentication (2FA), the user can either scan the QR code or manually enter the Manual Key into an authenticator app. After successful registration, the user must provide the Time-based One-Time Password (TOTP) generated by the app to proceed in SigningHub. A set of recovery codes is also provided in the configuration dialog, which can be used in place of a TOTP to regain access if the user loses access to their mobile device. Each recovery code is valid for one-time use only, and it is strongly recommended to store them in a secure location. Users can regenerate a new set of recovery codes anytime from the Manage Two Factor Authentication (2FA). If an enterprise user loses access to both their mobile device and recovery codes, or has used all of them, they can contact their enterprise administrator to reset the two factor authentication (2FA) for their account.
The availability of configuring "OTP via SMS" is subject to your subscribed service plan. If you are unable to find this option in your account; upgrade your service plan.
"Authorisation via Mobile App" is subject to your signing profile that is configured in your service plan. If there is a signing capacity added for remote authorisation signing under your singing profile then these capacities will appear under signature settings under the label 'Signing Capacities for Remote Authorisation (Owner by User). If you are unable to find this option in your account; contact support.
SIGNING SERVER
Keys location
Select the "Keys Location", which display the following options:
Server
Client Held Keys
Signing server
The Signing Server list will display the available signing servers, based on your service plan configurations.
You can choose to add a signature appearance to be used for the selected signing server. The "Signature Appearance" list will display the available signature appearances allowed in your service plan. If a signature appearance was set against this signing server in the service plan, it will be selected as the "Signature Appearance", by default. The user can choose to change the default "Signature Appearance" as per their requirements. If the user selects a signature appearance that includes a logo, the "Signature Logo" field will appear, allowing the user to upload a logo. The "Signature Logo" is an optional field. The uploaded logo will be used in the signature appearance when signing with this specific signing server. If a logo has not been uploaded, the system will use the "Signature Logo" configured in the "Branding" section.
Only select a "Signature Appearance", if you want the users to use a fixed signature appearance while performing signatures with this specific signing server. If a signature appearance has not been selected, the system will allow the users to perform signing using the signature appearances allowed in the user role.
Level of Assurance
List of level of assurances available for the selected server at the time of signing.
Qualified Electronic Signature (QES)
Advanced Electronic Signature (AES)
High Trust Advanced Signature (AATL)
Qualified Electronic Signature (QES)
Electronic Seal (eSeal)
Advanced Electronic Seal (AdESeal)
Qualified Electronic Seal (QESeal)
Default signature appearance
Select the default signature, for this server. The user will be able to modify it based on the role settings.
Hand Signature with Details and Logo
Hand Signature with Details
Hand Signature Only
Signature Logo
This logo will be used only for those signature appearances which have a company logo to display.
