E-signature
Overview
Reviewers assigned to the approval in the In Approval state in the Quality Management System workflow are required to confirm their identity by providing an e-signature using their username and a password.
A credentials prompt for a reviewer is added to the workflow state dialog box for the approval in the In Approval state.
The content review is disabled until the reviewer credentials are added.
The credentials are validated when the reviewer adds their Approve or Reject decision.
Global admins can configure the e-signature method in the global Document Control E-Signatures configuration dashboard.
E-signature authentication method
Depending on the global configuration, the credentials prompt in the workflow state dialog box requires either:
the Confluence username and Confluence password that the reviewer uses to log in to the instance
the Confluence username and a signing token generated by an authentication app
Setting up the e-signature signing token
If the approval requires a signing token, the first time a reviewer opens the workflow state dialog box in the In-Approval state they are prompted to set up an authentication app to generate the signing token.
Once a user sets up the authenticator app, a signing token generated by the authenticator app can be added to the workflow state dialog box to activate the approval:
The token is only validated when the user makes the approval decision
The signing token is time-limited
The authenticator app generates a new valid 6-digit numeric signing token every 30 seconds
If the user navigates away from the content without undertaking the approval the next time they view the content a new time-based signing token will be required to activate the approval buttons.
The method of identity authentication required for the workflow approval is configured by a global administrator in the Document Control E-Signatures Configuration dashboard.
Global administrators can manage the signing token for each user in the E-Signatures configuration
Remove the signing token for a user
Change the expiry date for the signing token for a user
Related pages