In a workflow users can be required to electronically sign for document approvals. This can be enabled for each individual approval.

You will need:

A time based token generated by the authentication app will be required each time the user needs to approve a page that requires an e-signature.

If e-signature is enabled for an approval this will be required for each individual reviewer.

Each individual approval can be edited using workflow builder to require credentials.

Global administrators can reset existing valid setup tokens for a user and amend the signing token expiry date.

inWebo MFA authentication can also be used with Comala Document Management for Cloud.

Using inWebo will disable the use of other 2FA apps and the OTP authentication is managed through inWebo

  • Comala Document Management must be globally configured to use inWebo MFA authentication
  • the validation of the user is managed by inWebo administration
  • each user must have an inWebo account
  • each user generates an OTP token using the inWebo Authenticator app installed on their Android or IOS mobile device

E-signature process and approval signing token

The compliance review Quality Management Systems (QMS) workflow requires users to use their email and a signing token to confirm their identity when registering an approval. The workflow requires e-signature authentication for all reviewers in both the Draft and the In Approval states.

Users will need to utilize a one time signing token to digitally sign their documents. Users will enter a signing token along with their email address.

The first time a user is asked to electronically sign a Confluence page, they will see a set up a personal code link.

The approval decision buttons are disabled until the reviewer sets up the personal code and then adds their email and personal code token to the workflow popup.

The token is generated by a third party app installed on your smart phone.

When the first time user chooses the Set up a personal code link the user will be asked to setup an authentication app

  • installation of an authenticator app (Authy, Google etc) on the user smart device.
  • linking the authenticator app to the instance using an email generated QR code link.
  • addition of an app generated numeric token to confirm the setup for the specific user in the current instance.

The authenticator app will generate a new valid numeric signing token every 30 seconds.

Once setup, each individual approval will require a numeric signing token from the authenticator app to activate for the user.

E-signature for an approval

To activate each approval in a workflow, the e-signature process requires the user to add their email and the current signing token generated by the authenticator app .

As long as the signing token is entered correctly along with your email address, the approval will become active.

Each approval signing token generated by the app is temporary and will expire quickly (less than a minute).

  • if a user navigates away from the content with an approval activated but not undertaken, a new signing token will be required on returning to the page to activate the approval.

When the review is undertaken it will be logged as electronically signed.

Related Links