Authentication mode
Authentication modes available
We offer several methods to authenticate your signers, depending on the Signature Level you choose, your documents' security requirements and the availability of the Signers phone number.
Three methods are available when it comes to authentication:
- One-time-Password (OTP) sent by SMS
- One-time-Password sent by Email
- No One-time-Password
The availability of these different methods depends on the Signature Level, as shown in the table below.
Signature Level | Available authentication modes | Comment |
|---|---|---|
Simple eSignature |
| Signers authentication only (no identification). Ideal for most signature requests. Those options are available:
|
Advanced eSignature |
| Signers will be identified by an identity check (ID document). The One-time-Password sent by SMS is mandatory. |
Qualified eSignature |
| Signers are identified by a double identity check (ID document and video face verification) or with their saved identity registered after their first identification. Authentication with an OTP code is not relevant for this level of signature, as we perform a video verification of the face. However, this verification will require a mobile phone with a camera. Please ensure that the signer has one with them. |
The authentication mode is set at the signers level, in the signature_authentication_mode property in the signer payload.
It can be different for each signer.
| Mode | signature_authentication_mode | Comment |
|---|---|---|
| One-time-Password sent by SMS | otp_sms | Signer phone_number is required |
| One-time-Password sent by Email | otp_email | Signer phone_number is optional |
| No One-time-Password | no_otp | Signer phone_number is optional |
In the following example, we have added 3 Signers, each with a different signature_authentication_mode.
POST /signature_requests/{signatureRequestId}/signers
{
"info": {
"first_name": "John",
"last_name": "Doe",
"email": "[email protected]",
"phone_number": "+33700000000",
"locale": "en"
},
"signature_level": "electronic_signature",
"signature_authentication_mode": "otp_sms"
}{
"info": {
"first_name": "Jane",
"last_name": "Doe",
"email": "[email protected]",
"locale": "en"
},
"signature_level": "electronic_signature",
"signature_authentication_mode": "otp_email"
}{
"info": {
"first_name": "Jane",
"last_name": "Doe",
"email": "[email protected]",
"phone_number": "+33700000000",
"locale": "en"
},
"signature_level": "electronic_signature",
"signature_authentication_mode": "no_otp"
}Updating the authentication mode
Updating the authentication with PATCH /signature_requests/{signatureRequestId}/signers is only available for the Simple eSignature (SES) as long as the Signer has not signed the Signature Request.
Updating the authentication for AES and QES is not permitted as the AES requires an OTP by SMS, and the QES requires no OTP.
If you change the authentication mode while the Signer is on the signature step in the signing flow, the old mode is immediately invalidated and the new mode applies.
Updated 6 days ago