Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.penbox.io/llms.txt

Use this file to discover all available pages before exploring further.

The Signature field enables digital signature collection directly within cases. This field type captures legally binding electronic signatures with multiple authentication methods, creating a complete audit trail for compliance and verification. Use Signature fields when you need to collect formal agreements, approvals, or legally binding signatures as part of your case workflow — contracts, consent forms, acknowledgments, or any document requiring a verified signature.

When to Use

Use Signature fields for:
  • Contract signatures
  • Agreement and consent forms
  • Document approvals
  • Legal acknowledgments
  • Financial authorizations
  • Medical consent
  • Terms and conditions acceptance (when signature required)
  • Compliance acknowledgments
  • Verification of identity
  • Multi-party agreements
Consider alternatives:
  • Use Checkbox for simple agreement checkboxes (non-signature)
  • Use File for uploading pre-signed documents
  • Use document generation with signatures for template-based signing

Configuration Options

OptionDescriptionTypeDefaultExample
keyUnique identifierStringRequiredcontract_signature
nameDisplay labelStringRequired”Contract Signature”
descriptionHelp text for signersStringOptional”Sign to accept the contract terms”
requiredMust be signed to proceedBooleanfalsetrue
signer_roleWho signs this fieldStringmain_contactsecondary_contact, case_manager
authenticationAuthentication methodStringhandwrittensms_otp, email_otp, itsme, swisscom
documentDocument to signStringNoneDocument UUID or variable
signature_typeType of signatureStringstandardqualified, advanced
sequenceSigning order (for multiple signatures)Number12, 3
visibilityDisplay settingStringalways-visiblehide-when-empty
sectionSection this field belongs toStringNoneSection UUID

Authentication Methods

Signature fields support multiple authentication methods for different legal and security requirements:
MethodDescriptionUse CaseLegal Level
handwrittenDraw signature with mouse/touchSimple agreements, internal approvalsBasic
email_otpOne-time code via emailRemote signing, email verificationStandard
sms_otpOne-time code via SMSStrong verification, phone validationStandard
itsmeBelgian eID authenticationBelgian residents, strong identity verificationAdvanced/Qualified
swisscomSwiss qualified signatureSwiss residents, legally binding in SwitzerlandQualified
Legal signature levels:
  • Basic: Simple electronic signature (handwritten)
  • Standard: Verified email/phone with OTP
  • Advanced: Identity-verified signature (Itsme)
  • Qualified: Highest legal level, equivalent to handwritten (Itsme, Swisscom)

Examples

Simple Contract Signature

Basic signature for contract acceptance: 
{
  "key": "contract_signature",
  "type": "signature",
  "name": "Contract Signature",
  "description": "Sign below to accept the contract terms",
  "required": true,
  "signer_role": "main_contact",
  "authentication": "handwritten",
  "document": "{document.contract_generated}"
}

SMS-Verified Signature

Signature with SMS one-time code authentication: 
{
  "key": "authorization_signature",
  "type": "signature",
  "name": "Authorization Signature",
  "description": "Sign to authorize this transaction. You will receive a code via SMS.",
  "required": true,
  "signer_role": "main_contact",
  "authentication": "sms_otp",
  "signature_type": "advanced"
}

Multi-Party Signing Sequence

Multiple signatures in specific order: 
{
  "key": "client_signature",
  "type": "signature",
  "name": "Client Signature",
  "description": "Client signature on agreement",
  "required": true,
  "signer_role": "main_contact",
  "authentication": "email_otp",
  "sequence": 1,
  "document": "{document.agreement}"
}

{
  "key": "manager_signature",
  "type": "signature",
  "name": "Manager Approval",
  "description": "Manager approval signature",
  "required": true,
  "signer_role": "case_manager",
  "authentication": "handwritten",
  "sequence": 2,
  "document": "{document.agreement}"
}

Qualified Electronic Signature (Itsme)

Legally binding qualified signature for Belgian residents: 
{
  "key": "qualified_signature",
  "type": "signature",
  "name": "Qualified Electronic Signature",
  "description": "Sign using your Itsme account for legally binding signature",
  "required": true,
  "signer_role": "main_contact",
  "authentication": "itsme",
  "signature_type": "qualified",
  "document": "{document.legal_agreement}"
}

Signer Roles

Control who signs each signature field:
RoleWho SignsUse Case
main_contactPrimary case contactClient signatures, customer agreements
secondary_contactAdditional contactCo-signers, witnesses, secondary parties
case_managerCase owner/managerInternal approvals, manager authorization
customSpecified via variableDynamic signer assignment
Multiple signers:
  • Use sequence to control signing order
  • Each signer must complete before next can sign
  • Useful for approval chains and multi-party agreements

Signature Workflow

Signature Request Process

  1. Request sent: Signer receives notification (email/SMS)
  2. Authentication: Signer verifies identity (method depends on configuration)
  3. Review: Signer reviews document (if attached)
  4. Sign: Signer provides signature (draw, type, or authenticated)
  5. Confirmation: Signature captured and stored
  6. Complete: All parties notified, document finalized

Signature Metadata Stored

Each signature captures:
  • Signer name and contact information
  • Timestamp (date and time signed)
  • IP address (for audit trail)
  • Authentication method used
  • Device information
  • Signature image (if handwritten)
  • Certificate information (if qualified)

Document Attachment

Signatures can be attached to documents:
  • Generated documents from templates
  • Pre-uploaded documents
  • Documents from other steps
  • Multiple signatures on same document

Validation

Signature fields enforce signing validation:

Required Validation

  • If required: true, signature must be completed
  • Case cannot progress until signed
  • Useful for mandatory agreements

Authentication Validation

  • OTP codes must match (email/SMS)
  • Identity must be verified (Itsme, Swisscom)
  • Prevents unauthorized signatures

Sequence Validation

  • Earlier sequence signatures must complete first
  • Order enforced automatically
  • Prevents out-of-order signing

Audit Trail

Complete audit trail for each signature:
  • Who signed (name, email, phone)
  • When signed (timestamp with timezone)
  • Where signed (IP address, location)
  • How authenticated (method used)
  • What was signed (document version)
Signature validity depends on authentication method:
  • Handwritten: Valid for low-risk agreements
  • Email/SMS OTP: Valid for verified identity
  • Itsme/Swisscom: Legally equivalent to handwritten signature in EU

GDPR Compliance

Signature data is:
  • Stored securely and encrypted
  • Retained according to legal requirements
  • Included in data export requests
  • Deleted when case deleted (with retention rules)

eIDAS Regulation

Qualified signatures (Itsme, Swisscom) comply with:
  • eIDAS Regulation (EU 910/2014)
  • Legally binding across EU member states
  • Equivalent to handwritten signatures
  • Admissible as legal evidence

Best Practices

Choose appropriate authentication:
  • Handwritten: Simple agreements, internal documents
  • Email OTP: Remote signing, email verification needed
  • SMS OTP: Higher security, phone verification
  • Itsme/Swisscom: Legal requirements, high-value agreements
Set realistic requirements:
  • Only mark required if signature truly mandatory
  • Consider fallback if authentication fails
  • Provide clear instructions for signers
Sequence multiple signatures logically:
  • Client signs first, then internal approval
  • Primary signer before secondary signers
  • Lower authority before higher authority
Attach the right documents:
  • Attach document being signed
  • Ensure document is finalized before signing
  • Use generated documents for consistency
Provide clear descriptions:
  • Explain what signer is agreeing to
  • Mention authentication method required
  • Indicate estimated time to complete
Test authentication methods:
  • Test OTP delivery (email/SMS)
  • Verify Itsme/Swisscom integration
  • Check user experience on mobile devices
Consider user experience:
  • Mobile-friendly signature methods
  • Clear error messages for failed authentication
  • Allow signature retry on failure
  • Send reminders for pending signatures
Maintain compliance:
  • Store audit trail for legal minimum period
  • Document authentication methods used
  • Regularly review signature processes
  • Ensure GDPR compliance for signature data

Checkbox

Use for simple agreement checkboxes

File

Use for uploading pre-signed documents

Document Generation

Learn about generating documents for signing

Data Schema Overview

Back to Data Schema overview