Looking for a section on this page? Hover your cursor over the Table of Contents icon to the right to quickly navigate this page.
Use this chart to help select which type of signature to use based on factors that are commonly used to determine legally binding signatures:
(Wet or Text/Image)
|Requires Authentication||No - can be used by anonymous users||Yes - via frevvo User auth or, for workflow steps assigned to email, by email|
|Secure from tampering||No||Yes|
|Automatically disable section and set date||No - but can be done with business rules||Yes|
This paragraph applies to Signed Sections. Signed Sections may be used by an authenticated user, who will be required to login, or by an email user who will be required to supply the correct email as well as first and last name to authenticate the signature.
uses public key cryptography. When a server is first started, it generates a public and a private key. This is automatically generated using the RSA algorithm. There is no official certificate authority (CA); however, if you want one you can supply your own public and private keys that are certified by some authority (like Verisign). An official CA is not required, since the data is signed by and verified by using keys generated by . You must keep the private key "private" by setting up good security practices to the server's disk. The public key may be shared with anyone and, in fact, if you manage the server as the admin user, and click on Security you can see the public key displayed there.
When a section is signed, the data in the section, together with a time stamp, the signing user, and a few other things are used to generate a message digest. The message digest is digitally signed using the private key. The signatures (there can be more than one) are included with the submission – in the repository and sent in the HTTP POST so you can save it yourself if you want.
When the form is re-initialized from the submission documents, you must also supply the signatures. The initialization process will verify that the data has not changed (i.e., has not been tampered with) and the signature is still valid. If the signature is not valid, it is removed and the entire Section is displayed with a visible error (large red background). If it is valid, there is a green background and the Section cannot be edited.
One way signatures become invalid is when the production form is changed to remove a control that was inside a signed section. See Admin Best Practices for updating a form/workflow in production.
provides true digital signature functionality via a Section control in your form. The user signs a specific Section, so that different parts of the form can be signed by different people rather than a signature being applied only to the entire form. Signed sections provide authenticated digital signatures with either a Wet Signature or Text/Signature Image type of signature.
You can configure any section(s) in your form as Signed Sections.
Select a Section control on your form and click thein the properties panel. The bottom portion of the tab is relevant to signatures. Refer to Security Properties for information on the Role dropdown. The drop down select has three options, and the default value is None Required.
The Lock sign means that the next person in the workflow can not remove the signature and edit the signed data. A good use case is an employee performance review where the manager starts the form, and signs the review, and sends it to the employee. You would check Lock sign so the employee cannot unsign and edit the data entered by the manager.
The Must sign property makes the signature required. With Must sign, a form cannot be submitted or a workflow is not sent to the next person until the signature is added.Checking Must sign will disable the None Required option from the Signature dropdown and automatically selects Text/Signature Image. You can change the Signature dropdown to Wet Signature.
Sections that are hidden/not hidden via a rule or the Visible property in the designer, behave as stated below with respect to Must Sign:
Let's look at the user experience when filling out a form with a Signed Section.
A consent to digitally sign statement is provided above the Sign this section button. It reads "By clicking the button below, you consent to the use of digital signatures." This element cannot be changed.
Click anywhere in the signature panel or click the Sign this section button to sign.
Here's how the authentication works:
When used in a Workflow Step, this type of signature will authenticate the signer based on the Workflow Step assignment.
If the Workflow Step is assigned to a User, that person must login to perform the step and sign the section.
If the Workflow Step is assigned to an Email address, when the anonymous user clicks to sign they will be prompted to enter the correct email address along with their first and last name to authenticate.
Email Authentication does not work in workflows embedded in Confluence. This is because the user must login to Confluence to complete the task.
When the user signs and clicks Continue/Submit, a unique signature ID is created. You can see this ID under the signature on future steps and on the completed submission.
Signed sections that are authenticated based on the logged in user will display "Digitally Signed (identity verified)" above the signature. Signed sections that are authenticated based on email address will display "Digitally Signed (email verified) above the signature.
Once the user signs, all of the controls in the section become disabled and cannot be edited unless the user clicks Edit this Section. Clicking anywhere in the signature panel or on the Edit this section clears the signature and the date. The user can sign again, if desired.
If a user clicks the Sign this section button and there are invalid or empty required controls in the section, they will see this error "An error has occurred. Your signature could not be saved because the Section you are signing contains invalid controls. Please enter valid information in all such controls and click the Sign button again."
You can use the signature control to place a signature anywhere in your form. The Signature control allows the user to enter their signature using either a track pad/mouse, stylus or a touch screen during form completion. Authentication to the server is not required. If the Printable property is checked, the Signature image will be displayed on the PDF Snapshot of the form. Your browser must support HTML5 canvas technology for proper signature entry functionality.
When designing a form with a Signature control, the captured signature is attached to the form submission as a PNG image attachment. This PNG image is included in your form data and will be sent in any Document Actions that handle form data. For example, should you choose to post the data to your web application, then the signature PNG is part of that posted data. Should you choose to email the data, the signature PNG will be attached to the email. The captured signature PNG is available for downloading by browsing your submissions within . See Submissions Stored Inside of frevvo for the details.
All of the standard properties and settings apply to the signature control. For example, the required setting can be used to force the entry of a Signature in order for the form to be valid (in use mode).
The user can sign using the Signature Control just by clicking anywhere on the control. They will get a popup signature box and can sign using mouse, touchscreen or signature pad. When they click "Done" the signature drawing will appear on the form. The user can clear or change the signature by clicking the control again.
Signature controls don't automatically set the controls in the section to disabled or capture the date. However, you can configure such behavior (as we have in the example below) using business rules. Please see these rule examples.
If you have a Wet signature control in your forms/workflows, you may prefer to use a device to capture a hand-written signature instead of the mouse or a touch screen. The Topaz Electronic Signature Pad is one such device that is now supported in .
Topaz devices are only supported for desktop workstations/laptops running the Windows Operating system. It is not supported for on mobile devices.
Forms and workflows can be made accessible to help individuals with visual and motor impairment. The Topaz Signature Pad works well when used in a form/workflow designed for accessibility.
There are many models of electronic signature pads. You can find more information on the Topaz website. frevvo supports/certifies the following models:
A unit with -HSB or -BSB suffix on the model number is recommended for machines that only have USB ports.
The Topaz Electronic Signature pad works with a standalone Wet Signature control and when the Wet Signature control is configured in a.
You can still use the mouse or touch screen to sign if a Topaz Signature pad is installed on your system.
In order to use a Topaz signature pad with a particular laptop or workstation, driver and web api software modules must be installed before connecting the device to your computer. Refer to the instructions below.
It is recommended that you do not connect the Topaz Electronic Signature Pad to the workstation, until the software has been installed. Depending on your security settings, you may need to login to Windows as an "Administrator" to begin the software installation.
Follow these steps to install the software/hardware:
Ensure that the Topaz Electronic Signature Pad and the required software are correctly installed before activating the feature in your forms/workflows.
It is up to the designer to specify the forms and steps in a workflow, that will be using the Topaz signature tablet. Simply click the cog icon in the forms designer to display the form property panel. You will notice the Allow Sign Pad property is not checked (default). Check this property to change the runtime behavior of the signature dialog and allow users to sign with the external signature pad.
The Allow Sign Pad property is also available in Workflow Step Properties. This allows the designer to specify the steps in a workflow that will be using the external signature pad. Click on the steps that you want to use the signature pad with and check the Allow Sign Pad checkbox. Leave the property unchecked on the steps that will not be using the signature pad.
Consider a three step workflow used by officers to obtain a blood warrant from a judge. Step one is performed by the arresting police officer and requires a signature. In the harsh environment of a police station or jail, the Topaz Electronic Signature Pad is a good inexpensive and sturdy option. Step two is performed by a judge who accesses the workflow from a mobile device. Step 2 is not configured for the signature pad. When the judge completes Step 2 and signs, the workflow is routed back to the police officer who performs the third step and signs using the signature tablet again.
Here's how it works:
Forms and steps of a workflow that have the Allow Sign Pad property checked at design time display the signature dialog shown in the image when a Wet Signature control or a signed section that contains a Wet Signature control is encountered:
Notice the Use Signature Pad button. Until the user selects this button, the attached external signature pad is not enabled and regular signing via the mouse or touch screen is still possible. If Allow Sign Pad is not checked, the Use Signature Pad button is not visible.
When the Use Signature Pad button is selected, the signature dialog displays as shown:
The attached signature pad "takes over" the signing area and it is no longer possible to sign with the mouse or touch pad. Once the user signs with the attached pad, the on-screen Done button is selected to accept the signature. If the Use Signature Pad button is clicked in error, click the Cancel button.
If you see the error shown below, check your software/hardware installation.