Setting up an approval signing token

Owned by
Robert Alexander Marshall
Last updated: Feb 06, 2024
6 min read
1 Overview | 2 Add the authentication app to your smart device | 3 Initialize Signing Token | 4 Adding the approval signing token account to the authenticator app | 5 Setting up approval signing token through the workflow report | 6 Using an approval signing token to activate the review | 7 Multiple reviewers | 8 Approval signing token admin | 9 Related Links

Overview

E-signatures for reviewers are required for approvals in the Quality Management System workflow.

Setting up the approval signing token for the e-signature first time requires a few special steps

Add the authentication app to your smart device

Download and install a 2 Factor Authentication (2FA) app through your device app store. Here are some possible examples:

You may already have an app installed if you have 2FA for other internet sites.

If you are already using 2FA for Confluence login, this is not the same.

A new authentication account needs to be added to the app that is just used for Comala Document Control approvals.

The first time a user is required to approve content in the QMS workflow, they aree required to initialize the signing token to create their authentication account in the authentication app.

Initialize Signing Token

The very first time a user is expected to approve a page, they are asked to set up a personal code.

Choose setup personal code.

The two-step setup process is shown.

You must first download and install the 2FA app on your smart device.

  • the approval signing token is generated using one of several different apps such as Google Authenticator available from Google Play and Apple App Store

  • the authentication client must be installed and linked to your email for the Confluence instance

Once the 2FA app is installed on your device

  • add your email address to Step 2 in Comala Document Control signing token setup dialogue box

  • choose Validate to generate a confirmation email with a link that allows you to set up the authentication app installed on your device

There is an option to resend this email if required.

To validate your email address choose the Go to approval signing token settings link in the email.

The link for the email validation is time-limited to 15 minutes. After this period a new validation email is required.

The link returns you to the instance. A QR code is displayed to use for the signing token setup using the authenticator app installed on your smart device.

  • use of this QRCode or key is time-limited to 30 minutes

  • a key is also shown for the manual set up of the authenticator app

To initialize the approval signing token, the QRCode must be scanned to your smart device authenticator app. This will generate an authentication account specific to the user email and Comala Documentation Control.

Adding the approval signing token account to the authenticator app

The QR code will be used by the authenticator app to set up the authentication account linked to the user and the Confluence instance.

A numeric signing token will be generated by your authentication app using the QRCode. This signing token is specific to the content review and will be different to any 2FA token you may use for access to your Confluence instance.

Scan the QRCode generated to your authenticator app.

Choose the account details (such as logo or name, if appropriate).

Choose Save.

  • note the six-figure numeric signing token

  • the approval signing token is renewed every 30 seconds by the authenticator app

Add the approval signing token to the Comala Document signing token setup dialogue box.

Choose Validate.

  • signing token creation date for the setup and the expiry date are displayed

  • Confluence administrators can reset the need to initialize the signing token

Setting up approval signing token through the workflow report

An individual user can set up the signing token through the Document Report.

Select Document Report in the sidebar.

Choose the E-signature token setup link.

If the signing token setup is complete and valid, the link displays confirmation.

If there is no valid token setup, the link displays the signing token setup dialogue box. 

Once set up for a user, new numeric signing tokens are generated every 30 seconds by the authentication app.

With e-signature set up, when the user undertakes an approval

  • the numeric signing token displayed by the authentication app is required to activate the content review

  • the e-signature credentials are checked when the approve or reject decision is made

Navigating away from the popup and returning later may require a new 6-figure numeric token generated by the authentication app.

Using an approval signing token to activate the review

In the content review workflow popup add your email address and the current authenticator app generated signing token displayed on your smart device.

If the signing token and email are accepted, the popup content review buttons become active for that user.

The content review for the In Approval state also requires an e-signature.

If the current user has already set up a signing token there is no prompt in the workflow popup. The approval buttons are simply disabled until the email and a token are added.

When a valid signing token and email address are added, the review buttons are activated.

Multiple reviewers

Where there are multiple reviewers, a separate approval signing token will be required by each reviewer

  • for usability, user validation is provided against previous, current, and the next calculated signing tokens generated by the authenticator app

  • the e-signature process submits the user email address and approval signing token through the Appfire Comala secure server without storing these details

Approval signing token admin

Administrators can view all setup tokens for users in the instance.

A global administrator can

  • remove the signing token for users, requiring users to re-authenticate with the app

  • set a signing token expiry date for a user