When to Use
Use Signature fields for:- Contract signatures
- Agreement and consent forms
- Document approvals
- Legal acknowledgments
- Financial authorizations
- Medical consent
- Terms and conditions acceptance (when signature required)
- Compliance acknowledgments
- Verification of identity
- Multi-party agreements
- Use Checkbox for simple agreement checkboxes (non-signature)
- Use File for uploading pre-signed documents
- Use document generation with signatures for template-based signing
Configuration Options
| Option | Description | Type | Default | Example |
|---|---|---|---|---|
key | Unique identifier | String | Required | contract_signature |
name | Display label | String | Required | ”Contract Signature” |
description | Help text for signers | String | Optional | ”Sign to accept the contract terms” |
required | Must be signed to proceed | Boolean | false | true |
signer_role | Who signs this field | String | main_contact | secondary_contact, case_manager |
authentication | Authentication method | String | handwritten | sms_otp, email_otp, itsme, swisscom |
document | Document to sign | String | None | Document UUID or variable |
signature_type | Type of signature | String | standard | qualified, advanced |
sequence | Signing order (for multiple signatures) | Number | 1 | 2, 3 |
visibility | Display setting | String | always-visible | hide-when-empty |
section | Section this field belongs to | String | None | Section UUID |
Authentication Methods
Signature fields support multiple authentication methods for different legal and security requirements:| Method | Description | Use Case | Legal Level |
|---|---|---|---|
handwritten | Draw signature with mouse/touch | Simple agreements, internal approvals | Basic |
email_otp | One-time code via email | Remote signing, email verification | Standard |
sms_otp | One-time code via SMS | Strong verification, phone validation | Standard |
itsme | Belgian eID authentication | Belgian residents, strong identity verification | Advanced/Qualified |
swisscom | Swiss qualified signature | Swiss residents, legally binding in Switzerland | Qualified |
- Basic: Simple electronic signature (handwritten)
- Standard: Verified email/phone with OTP
- Advanced: Identity-verified signature (Itsme)
- Qualified: Highest legal level, equivalent to handwritten (Itsme, Swisscom)
Examples
Simple Contract Signature
Basic signature for contract acceptance:SMS-Verified Signature
Signature with SMS one-time code authentication:Multi-Party Signing Sequence
Multiple signatures in specific order:Qualified Electronic Signature (Itsme)
Legally binding qualified signature for Belgian residents:Signer Roles
Control who signs each signature field:| Role | Who Signs | Use Case |
|---|---|---|
main_contact | Primary case contact | Client signatures, customer agreements |
secondary_contact | Additional contact | Co-signers, witnesses, secondary parties |
case_manager | Case owner/manager | Internal approvals, manager authorization |
custom | Specified via variable | Dynamic signer assignment |
- Use
sequenceto control signing order - Each signer must complete before next can sign
- Useful for approval chains and multi-party agreements
Signature Workflow
Signature Request Process
- Request sent: Signer receives notification (email/SMS)
- Authentication: Signer verifies identity (method depends on configuration)
- Review: Signer reviews document (if attached)
- Sign: Signer provides signature (draw, type, or authenticated)
- Confirmation: Signature captured and stored
- Complete: All parties notified, document finalized
Signature Metadata Stored
Each signature captures:- Signer name and contact information
- Timestamp (date and time signed)
- IP address (for audit trail)
- Authentication method used
- Device information
- Signature image (if handwritten)
- Certificate information (if qualified)
Document Attachment
Signatures can be attached to documents:- Generated documents from templates
- Pre-uploaded documents
- Documents from other steps
- Multiple signatures on same document
Validation
Signature fields enforce signing validation:Required Validation
- If
required: true, signature must be completed - Case cannot progress until signed
- Useful for mandatory agreements
Authentication Validation
- OTP codes must match (email/SMS)
- Identity must be verified (Itsme, Swisscom)
- Prevents unauthorized signatures
Sequence Validation
- Earlier sequence signatures must complete first
- Order enforced automatically
- Prevents out-of-order signing
Compliance and Legal
Audit Trail
Complete audit trail for each signature:- Who signed (name, email, phone)
- When signed (timestamp with timezone)
- Where signed (IP address, location)
- How authenticated (method used)
- What was signed (document version)
Legal Validity
Signature validity depends on authentication method:- Handwritten: Valid for low-risk agreements
- Email/SMS OTP: Valid for verified identity
- Itsme/Swisscom: Legally equivalent to handwritten signature in EU
GDPR Compliance
Signature data is:- Stored securely and encrypted
- Retained according to legal requirements
- Included in data export requests
- Deleted when case deleted (with retention rules)
eIDAS Regulation
Qualified signatures (Itsme, Swisscom) comply with:- eIDAS Regulation (EU 910/2014)
- Legally binding across EU member states
- Equivalent to handwritten signatures
- Admissible as legal evidence
Best Practices
Choose appropriate authentication:- Handwritten: Simple agreements, internal documents
- Email OTP: Remote signing, email verification needed
- SMS OTP: Higher security, phone verification
- Itsme/Swisscom: Legal requirements, high-value agreements
- Only mark required if signature truly mandatory
- Consider fallback if authentication fails
- Provide clear instructions for signers
- Client signs first, then internal approval
- Primary signer before secondary signers
- Lower authority before higher authority
- Attach document being signed
- Ensure document is finalized before signing
- Use generated documents for consistency
- Explain what signer is agreeing to
- Mention authentication method required
- Indicate estimated time to complete
- Test OTP delivery (email/SMS)
- Verify Itsme/Swisscom integration
- Check user experience on mobile devices
- Mobile-friendly signature methods
- Clear error messages for failed authentication
- Allow signature retry on failure
- Send reminders for pending signatures
- Store audit trail for legal minimum period
- Document authentication methods used
- Regularly review signature processes
- Ensure GDPR compliance for signature data