Set up a reviewer signing token

Personal code setup prompt

For an approval that is configured to require an e-signature, a user attempting to approve content for the first time in that approval is prompted to set up a signing token.

This token needs to be set up before the user is able to approve or reject the content. 

Choose setup personal code in the workflow popup.

A user can also set up a personal code through the Signing Token option in the page tools menu.

Both these options open the Signing Token tab in the current user's profile

User Signing Token tab

Initial setup instructions for the authentication app are displayed in the Signing Token tab in the current user's profile.

The user must

  • download and install an authentication app to a smart device or computer

  • validate the setup of the app for the current instance (using the email address that the user is currently using to log in to Confluence)

Setup varies according to the chosen app and the smart device operating system or desktop app or browser extension being used.

Existing authentication apps on your device can be used to set up a new account to manage the personal code.

Initialize the signing token

Once the 2FA app is installed on the device

  • add the user email address used to log in to Confluence to Step 2 Email Validation in the Comala Document Management signing token setup dialogue box

  • choose Validate to generate a confirmation email with a link that allows the setup of the authentication app account for the user on the device

If required there is an option to resend this validation email.

To validate your email address choose the Go to Approval signing token settings link in the email.

The link for the email validation is time-limited (usually to 15 minutes). After this period a new validation email is required.

The link returns you to the instance.

A QRCode is displayed to use for the signing token setup using the authenticator app installed on your smart device.

To initialize the approval signing token, the QRCode must be scanned to your smart device authenticator app. This generates an authentication account specific to the user email and Comala Documentation Management in the current instance.

Adding the approval signing token account to the authenticator app

The QR code is used by the authenticator app to set up the authentication account linked to the user and the Confluence instance.

A numeric signing token is generated by your authentication app using the QRCode. 

  • the signing token code required is set as a 6-digit numeric code

This should be automatically set up in the app when the QRCode is scanned/app is manually setup

This signing token is specific to the content review and is different from any signing token you may use for access to your Confluence instance

Scan the QRCode generated to your authenticator app.

  • edit the account details (if required to identify for the current instance)

  • choose Save

The authenticator app displays a 6-digit numeric token.

The signing token is usually renewed every 30/60 seconds by the authenticator app.


Add the approval signing token to the user Comala Document Management signing token setup dialogue box.

Choose Validate.

  • signing token creation date and the token expiration date are displayed for the user

Confluence global administrators can reset the need to initialize the signing token.

Related Links

User Guide

Authoring Guide

Confluence Administration