> ## Documentation Index > Fetch the complete documentation index at: https://docs.penbox.io/llms.txt > Use this file to discover all available pages before exploring further. # Signature Field > Digital signature capture for legally binding electronic signatures The Signature field enables digital signature collection directly within cases. This field type captures legally binding electronic signatures with multiple authentication methods, creating a complete audit trail for compliance and verification. Use Signature fields when you need to collect formal agreements, approvals, or legally binding signatures as part of your case workflow — contracts, consent forms, acknowledgments, or any document requiring a verified signature. ## When to Use **Use Signature fields for:** * Contract signatures * Agreement and consent forms * Document approvals * Legal acknowledgments * Financial authorizations * Medical consent * Terms and conditions acceptance (when signature required) * Compliance acknowledgments * Verification of identity * Multi-party agreements **Consider alternatives:** * Use **Checkbox** for simple agreement checkboxes (non-signature) * Use **File** for uploading pre-signed documents * Use document generation with signatures for template-based signing ## Configuration Options | Option | Description | Type | Default | Example | | ---------------- | --------------------------------------- | ------- | ---------------- | ------------------------------------------- | | `key` | Unique identifier | String | Required | `contract_signature` | | `name` | Display label | String | Required | "Contract Signature" | | `description` | Help text for signers | String | Optional | "Sign to accept the contract terms" | | `required` | Must be signed to proceed | Boolean | `false` | `true` | | `signer_role` | Who signs this field | String | `main_contact` | `secondary_contact`, `case_manager` | | `authentication` | Authentication method | String | `handwritten` | `sms_otp`, `email_otp`, `itsme`, `swisscom` | | `document` | Document to sign | String | None | Document UUID or variable | | `signature_type` | Type of signature | String | `standard` | `qualified`, `advanced` | | `sequence` | Signing order (for multiple signatures) | Number | `1` | `2`, `3` | | `visibility` | Display setting | String | `always-visible` | `hide-when-empty` | | `section` | Section this field belongs to | String | None | Section UUID | ## Authentication Methods Signature fields support multiple authentication methods for different legal and security requirements: | Method | Description | Use Case | Legal Level | | ------------- | ------------------------------- | ----------------------------------------------- | ------------------ | | `handwritten` | Draw signature with mouse/touch | Simple agreements, internal approvals | Basic | | `email_otp` | One-time code via email | Remote signing, email verification | Standard | | `sms_otp` | One-time code via SMS | Strong verification, phone validation | Standard | | `itsme` | Belgian eID authentication | Belgian residents, strong identity verification | Advanced/Qualified | | `swisscom` | Swiss qualified signature | Swiss residents, legally binding in Switzerland | Qualified | **Legal signature levels:** * **Basic**: Simple electronic signature (handwritten) * **Standard**: Verified email/phone with OTP * **Advanced**: Identity-verified signature (Itsme) * **Qualified**: Highest legal level, equivalent to handwritten (Itsme, Swisscom) ## Examples ### Simple Contract Signature Basic signature for contract acceptance: ```json theme={null} { "key": "contract_signature", "type": "signature", "name": "Contract Signature", "description": "Sign below to accept the contract terms", "required": true, "signer_role": "main_contact", "authentication": "handwritten", "document": "{document.contract_generated}" } ``` ### SMS-Verified Signature Signature with SMS one-time code authentication: ```json theme={null} { "key": "authorization_signature", "type": "signature", "name": "Authorization Signature", "description": "Sign to authorize this transaction. You will receive a code via SMS.", "required": true, "signer_role": "main_contact", "authentication": "sms_otp", "signature_type": "advanced" } ``` ### Multi-Party Signing Sequence Multiple signatures in specific order: ```json theme={null} { "key": "client_signature", "type": "signature", "name": "Client Signature", "description": "Client signature on agreement", "required": true, "signer_role": "main_contact", "authentication": "email_otp", "sequence": 1, "document": "{document.agreement}" } ``` ```json theme={null} { "key": "manager_signature", "type": "signature", "name": "Manager Approval", "description": "Manager approval signature", "required": true, "signer_role": "case_manager", "authentication": "handwritten", "sequence": 2, "document": "{document.agreement}" } ``` ### Qualified Electronic Signature (Itsme) Legally binding qualified signature for Belgian residents: ```json theme={null} { "key": "qualified_signature", "type": "signature", "name": "Qualified Electronic Signature", "description": "Sign using your Itsme account for legally binding signature", "required": true, "signer_role": "main_contact", "authentication": "itsme", "signature_type": "qualified", "document": "{document.legal_agreement}" } ``` ## Signer Roles Control who signs each signature field: | Role | Who Signs | Use Case | | ------------------- | ---------------------- | ----------------------------------------- | | `main_contact` | Primary case contact | Client signatures, customer agreements | | `secondary_contact` | Additional contact | Co-signers, witnesses, secondary parties | | `case_manager` | Case owner/manager | Internal approvals, manager authorization | | `custom` | Specified via variable | Dynamic signer assignment | **Multiple signers:** * Use `sequence` to control signing order * Each signer must complete before next can sign * Useful for approval chains and multi-party agreements ## Signature Workflow ### Signature Request Process 1. **Request sent**: Signer receives notification (email/SMS) 2. **Authentication**: Signer verifies identity (method depends on configuration) 3. **Review**: Signer reviews document (if attached) 4. **Sign**: Signer provides signature (draw, type, or authenticated) 5. **Confirmation**: Signature captured and stored 6. **Complete**: All parties notified, document finalized ### Signature Metadata Stored Each signature captures: * Signer name and contact information * Timestamp (date and time signed) * IP address (for audit trail) * Authentication method used * Device information * Signature image (if handwritten) * Certificate information (if qualified) ### Document Attachment Signatures can be attached to documents: * Generated documents from templates * Pre-uploaded documents * Documents from other steps * Multiple signatures on same document ## Validation Signature fields enforce signing validation: ### Required Validation * If `required: true`, signature must be completed * Case cannot progress until signed * Useful for mandatory agreements ### Authentication Validation * OTP codes must match (email/SMS) * Identity must be verified (Itsme, Swisscom) * Prevents unauthorized signatures ### Sequence Validation * Earlier sequence signatures must complete first * Order enforced automatically * Prevents out-of-order signing ## Compliance and Legal ### Audit Trail Complete audit trail for each signature: * Who signed (name, email, phone) * When signed (timestamp with timezone) * Where signed (IP address, location) * How authenticated (method used) * What was signed (document version) ### Legal Validity Signature validity depends on authentication method: * **Handwritten**: Valid for low-risk agreements * **Email/SMS OTP**: Valid for verified identity * **Itsme/Swisscom**: Legally equivalent to handwritten signature in EU ### GDPR Compliance Signature data is: * Stored securely and encrypted * Retained according to legal requirements * Included in data export requests * Deleted when case deleted (with retention rules) ### eIDAS Regulation Qualified signatures (Itsme, Swisscom) comply with: * eIDAS Regulation (EU 910/2014) * Legally binding across EU member states * Equivalent to handwritten signatures * Admissible as legal evidence ## Best Practices **Choose appropriate authentication:** * Handwritten: Simple agreements, internal documents * Email OTP: Remote signing, email verification needed * SMS OTP: Higher security, phone verification * Itsme/Swisscom: Legal requirements, high-value agreements **Set realistic requirements:** * Only mark required if signature truly mandatory * Consider fallback if authentication fails * Provide clear instructions for signers **Sequence multiple signatures logically:** * Client signs first, then internal approval * Primary signer before secondary signers * Lower authority before higher authority **Attach the right documents:** * Attach document being signed * Ensure document is finalized before signing * Use generated documents for consistency **Provide clear descriptions:** * Explain what signer is agreeing to * Mention authentication method required * Indicate estimated time to complete **Test authentication methods:** * Test OTP delivery (email/SMS) * Verify Itsme/Swisscom integration * Check user experience on mobile devices **Consider user experience:** * Mobile-friendly signature methods * Clear error messages for failed authentication * Allow signature retry on failure * Send reminders for pending signatures **Maintain compliance:** * Store audit trail for legal minimum period * Document authentication methods used * Regularly review signature processes * Ensure GDPR compliance for signature data *** ## Related Field Types Use for simple agreement checkboxes Use for uploading pre-signed documents Learn about generating documents for signing Back to Data Schema overview