...
- Organization Details
- Default Callback URL
- If you set a callback, every finished or changed envelope will cause a request on your defined URL. With this URL you can add your own service for e.g. performing an automatic archiving via eSAW API. If the URL is empty no callback is fired on finish or change of the envelope. More details about the callbacks are available in our API Reference - SOAP and below this enumeration as a separate chapter.
- Placeholder for envelope complete callback: ##EnvelopeId## and ##Action## (only envelopeFinished action available)
- Placeholder for envelope status change callback: ##EnvelopeID## and ##Action## (workstepFinished, workstepRejected, workstepDelegated, workstepOpened, sendSignNotification, evnelopeExipired, workstepDelegatedSenderActionRequired)
- If you set a callback, every finished or changed envelope will cause a request on your defined URL. With this URL you can add your own service for e.g. performing an automatic archiving via eSAW API. If the URL is empty no callback is fired on finish or change of the envelope. More details about the callbacks are available in our API Reference - SOAP and below this enumeration as a separate chapter.
- Design of the document viewer for recipients
- Set a default redirect URL for finished documents
- Upload and download designs
- Information about the biometric encryption key
- Disposable Certificate
- Configuration of the LRA to use the disposable certificates. Settings for LRA credentials, certificate type and disclaimer usage.
- Configure disposable type
- SwissCom OnDemand Certificate
- Configuration for the SwissCom OnDemand Certificate
- SwissCom OnDemand Certificate UI configuration
- Configuration for the SwissCom OnDemand Certificate
- BankId Authentication
- Set the authentication certificate
- Generic Signing Plugins
- Configure the signing plugin
- Notification Plugins
- Configure notification plugins
- Policy for the document viewer for recipients
- Upload and download the default policy for the document viewer for recipients
- Retention Period
- Enable Retention Period of Organization Drafts and Envelopes. This will automatically delete envelopes after a certain time, when they reached a final state (expired, finished, canceld). Please note that templates are not affected by the retention period.
- Backup
- Download all finished envelopes. A backup-process will be started and you will be informed if the backup is ready for download.
- Due its complexity of the configuration, we highly recommend you to contact us about the SAML configuration.
- Add provider for the SAML signer authentication
Examples of Use Cases
- ADFS integration for eSAW backend users
- Signer authentication with external SAML service
- SAML Settings for User Authentication
- Add provider for the SAML user authentication
- Recipient Settings
- Set the recipient settings of your organization
- Default Signature Settings
- Default signature method (preselected)
- Imprint settings, such as font-type, font-size, date-format
- Biometric signature batch configuration (allow usage of biometric signature over different physical documents). Check with your legal consultant about its usage (default is disabled)
- Settings for draw to sign signatures
- Envelope Defaults
- default organization settings about reminders for signers
- Audit Log Settings
- Settings of the audit log (audit trail). It is not recommended to disable the audit-log, because it is an important evidence (see signature guide).
- Settings for separate logs per document
- Email Settings
- User Logout Redirect Url
- Envelope Details Page
- Signature PAdES (PDF Advanced Electronic Signature) Configuration
...
- Set your company logo
- Organization Name
- CustomizationID (display-only; might be required for integrations with SSP API)
- Contact URL (can be inserted into into notification templates - for more information please see Notification Template Settings)
- Support URL (can be inserted into notification templates - for more information please see Notification Template Settings)
Overview of the organization settings
...
For envelopes sent via WebUI, it is currently not supported to specify a workstep event callback handler URL.
Read the Integration Guide, section Api Reference - Introduction RESTREST#CallbackTypes, for further information about integrating with callback handlers.
...
The next screenshot shows an overview where you can find the settings:
| Figure | Description |
|---|---|
|
|
If you click on the button “add authentication” the following window appears:
| Figure | Description |
|---|---|
|
|
...
If you choose “basic” as authentication the following window appears:
| Figure | Description |
|---|---|
 |
|
...
After filling in the dates for the authentication you can test if the URL matches any pattern of the authentications. If no pattern matches you get an information. The following screenshots show you a warning and a successful matching of the patterns.
| Warning | Matching pattern |
|  |
If you have more than one authentication and you check the URL for the pattern and more than one authentication matches, always the first one of the list will be highlighted green.
...
In the next Screenshot you can see both scenarios (with a valid authentication and with a invalid authentication). If you click on the exclamation mark following text appears: “Response status code does not indicate success:401 (unauthorized)”.
| Warning |
|---|
Using the following two websites by your own risk. These two websites are not part of Namirial! |
...
- LRA ID
- User
- Password
- Choose a disposable type
- Regular disposable
- Lean disposable with validity of 60 min (choose this type unless instructed different or stated different in contracts for the service)
- Lean disposable with validity Lean disposable with validity of 30 days
Moreover, you can decide if you want to get a disclaimer before certificate request and if you want to send disposable disclaimer document emails. The following screenshot shows you where to find those settings.
| Figure | Description |
|---|---|
|
|
For more details and information of how to use the disposable certificate please also see the Beginner Guide Envelope Structure.
BankId Authentication
...
| Info |
|---|
This feature is not available with basic subscription, so please contact your Namirial sales. |
It is possible to set an AuthenticationCertificateThumbrint in the organization settings:
You can use different bankId AuthenticationCertificateThumbrints in different organizations.
You can find a sample configuration (REST and SOAP) on the following page: Beginner Guide Envelope Structure
Generic Signing Plugin
...
| Info |
|---|
This feature is not available with basic subscription, so please contact your Namirial sales. |
In your organization settings you can find the configuration for the generic signing plugin. Configure the plugin in this settings to use the signature in creating an envelope. Please see the next figure (sample of a plugin).
For more information about how to create an envelope with a generic signing plugin in the UI please also have a look at the Beginner Guide Envelope Structure.
For information about how to send an envelope with a generic signing plugin in REST please see a sample configuration at the Beginner Guide. Envelope Structure.
Notification Plugin
Selection of the notification type per organization:
- default notification type is always available
- enabled plugins (with a valid configuration) are shown
It is possible to assign plugins to notification messages individually by adding a notification message type:
Policy for the Policy for the document viewer for recipients
...
Please see the following sample of the policy template.
| Code Block | ||||
|---|---|---|---|---|
| ||||
<GeneralPolicies> |
...
<AllowSaveDocument>1</AllowSaveDocument> |
...
<AllowSaveAuditTrail>1</AllowSaveAuditTrail> |
...
<AllowUndoLastAction>1</AllowUndoLastAction> |
...
<AllowAdhocPdfAttachments>0</AllowAdhocPdfAttachments> </GeneralPolicies> |
You can find an overview of all policies on this page: Document-Policy
...
The signature appearance section allows to configure the representation of the signature (or seal) on the PDF document. With custom signature rendering layout configuration ("stamp imprint configuration"), an organization administrator can define how the stamp imprint on the signature image looks like (e.g. fonts, elements, layout etc). It can be used e.g. to set organization wide background images (e.g. company logos) or define specific fonts for text added to the stamp imprint. While it has no impact on the legal levels of signatures (in EU, defined by eIDAS), a customer specific stamp imprint representation can create higher subjective trust and contract awareness of your customers.
A detailled detailed guide about changing the Signature Rendering Configuration is available in chapter "Stamp Imprint Configuration".
| Info |
|---|
The Signature Appearance section is visible only when all of the following preconditions are fulfilled:
|
Retention Period
| Info |
|---|
Please note the following: The process starts with the next interval (interval time can be configured in the _global.xml). Depending on the configured interval it could take some time until the process starts. After the interval was reached the senders get a notification that the envelopes will be deleted soon. Immediately afterwards the envelopes will be deleted. Please also note that there is no limit (maximum number) for envelopes that will be deleted. |
In this section you can define a retention period for the organization drafts and envelopes. Please note the following rules for the different types of documents (add the days you selected in this section to the following rules:
- Drafts will be removed X days after creation date
- completed/rejected and canceled envelopes will be removed X days after completed/rejected/canceled date
- expired envelopes will be removed X days after expiration date
- templates are not removed
Please also see the next figure:
When enabling retention period, please ensure to set up an appropriate process to keep copies of signed documents, audit trail evidence and other legally binding documentats related to the envelope elsewhere. Data retention configuration will permanently delete the envelopes, including signed envelopes, from the eSignAnyWhere Platform according to the rules described above. We recommend to store the documents and related evidence in a DMS. When API access is granted for your account, you can implement automatic storage in a DMS after an envelope was completed. Alternatively you could e.g. keep copies in any other storage or probably keep a copy in your mail inbox.
Backup
In this section you can download all finished envelopes you have signed or sent.
If you click on the “Finished Envelopes” button you can see that the backup is prepared.
While collecting all envelopes on the server for the backup (which may take up to several hours), following Text will be displayed:
Your backup is queued and will be started soon. You will receive an email once your backup is ready for download.
If you e.g. have been logged in in several browsers while requesting the backup, or request the backup at the same time as another user does, the text might not yet be visible while the backup process is already in progress. If you press the button to start a backup process, an error message informing that you "tried to schedule a backup operation while another one is already in progress" will be shown.
Once the backup was completed, you will receive an email to download the backup:
The backup will then available for 48 hours to be downloaded. The download option is presented only in the organization settings, which require user login of a user with some permissions to access the organization settings, to avoid unauthorized access to the backup.
Automatic Remote Signature Profiles
In this section the user manager of an organization can add automatic remote signature profiles, which can be used for any workflow as a recipient (recipient type “Automatic”). This recipient signs automatically the signatures and the workflow continues automatically. For more information please also have a look at the electronic signature guide.
| Info |
|---|
The Automatic Remote Signature Profiles section is visible only when all of the following preconditions are fulfilled:
|
Default Signature Settings
In this section you can set the default signature type for the envelopes. After you have set the configuration in this section the defined signature type will be preselected if you create a new envelope.
Envelope Defaults
You can set the following settings for the envelope defaults:
- Prevent editing of form fields after envelope is finished
- default send automatic reminders
- Set the reminders
- For detailed information about the reminders please have a look at the User Guide.
If you prevent editing form fields after the envelope is finished the form fields in the PDF are all read only.
Therefore, after locking the form fields (after the final workstep), the form fields are not editable any more with other PDF tools.
Please also see the next figures:
...
Locked
...
Activity-Engine Custom Localizations
...
This setting allows you to override localizations, enabling customization for various elements such as signature image rendering labels and text for transaction code configuration (e.g. SMS text). In this section you can
- upload a translation bundle,
- reset to default settings,
- download the current translation bundle,
- and also access the default template for localizations.
Use the template to customize any supported localizations of the SIGNificant Wokrstep Controller. Note the following procedure:
- Make a copy of the file
- Rename it to include the language code of the target language (e.g. Localizations.de.custom.json)
- Open the copied file
- Find the items that needs to be changed and adapt the values accordingly
- Remove all other items (which still have the default value) to receive updates automatically after a software update
Please see also Language Support for the available languages.
Retention Period
...
| Info |
|---|
Please note the following: The process starts with the next interval (interval time can be configured in the _global.xml). Depending on the configured interval it could take some time until the process starts. After the interval was reached the senders get a notification that the envelopes will be deleted soon. Immediately afterwards the envelopes will be deleted. Please also note that there is no limit (maximum number) for envelopes that will be deleted. |
In this section you can define a retention period for the organization drafts and envelopes. Please note the following rules for the different types of documents (add the days you selected in this section to the following rules:
- Drafts will be removed X days after creation date
- completed/rejected and canceled envelopes will be removed X days after completed/rejected/canceled date
- expired envelopes will be removed X days after expiration date
- templates are not removed
Please also see the next figure:
When enabling retention period, please ensure to set up an appropriate process to keep copies of signed documents, audit trail evidence and other legally binding documentats related to the envelope elsewhere. Data retention configuration will permanently delete the envelopes, including signed envelopes, from the eSignAnyWhere Platform according to the rules described above. We recommend to store the documents and related evidence in a DMS. When API access is granted for your account, you can implement automatic storage in a DMS after an envelope was completed. Alternatively you could e.g. keep copies in any other storage or probably keep a copy in your mail inbox.
Backup
...
In this section you can download all finished envelopes you have signed or sent.
If you click on the “Finished Envelopes” button you can see that the backup is prepared.
While collecting all envelopes on the server for the backup (which may take up to several hours), following Text will be displayed:
Your backup is queued and will be started soon. You will receive an email once your backup is ready for download.
If you e.g. have been logged in in several browsers while requesting the backup, or request the backup at the same time as another user does, the text might not yet be visible while the backup process is already in progress. If you press the button to start a backup process, an error message informing that you "tried to schedule a backup operation while another one is already in progress" will be shown.
Once the backup was completed, you will receive an email to download the backup:
The backup will then available for 48 hours to be downloaded. The download option is presented only in the organization settings, which require user login of a user with some permissions to access the organization settings, to avoid unauthorized access to the backup.
Timestamp Configuration
The timestamp configuration allows to set timestamp service on a per-organization basis.
Following configurations are available:
- Server URL
- User credentials
- User
- Password
- Hash Algorithm
- Sha1, Sha256, Sha512
Automatic Remote Signature Profiles
In this section the user manager of an organization can add automatic remote signature profiles, which can be used for any workflow as a recipient (recipient type “Automatic”). This recipient signs automatically the signatures and the workflow continues automatically. For more information please also have a look at the electronic signature guide.
| Info |
|---|
The Automatic Remote Signature Profiles section is visible only when all of the following preconditions are fulfilled:
|
Default Signature Settings
...
In this section you can set the default signature type for the envelopes. After you have set the configuration in this section the defined signature type will be preselected if you create a new envelope.
| Info |
|---|
Note that settings which we name "default" or "default for ...", or combine in a grouping element with one of this terms, just define the "defaults" (i.e. the preselected configuration value) for drafts and envelopes. A user may change the value on a per-envelope level. |
Envelope Defaults
...
The envelope defaults section allows to set "default" parameters for drafts and envelopes which are created. Settings take immediately effect for all drafts or envelopes created after changing the value. Already created drafts, envelopes or templates will not be updated.
| Info |
|---|
Note that settings which we name "default" or "default for ...", or combine in a grouping element with one of this terms, just define the "defaults" (i.e. the preselected configuration value) for drafts and envelopes. A user may change the value on a per-envelope level. |
The section allows defining the following default values:
- Default value for preventing editing of form fields after envelope is finished
- Default values for the automatic reminders sent to a signer for an envelope until it is getting signed
- Should reminders be set, in general?
- In which interval should reminders be set? (See User Guide for more details about reminders)
If you prevent editing form fields after the envelope is finished the form fields in the PDF are all read only.
Therefore, after locking the form fields (after the final workstep), the form fields are not editable any more with other PDF tools.
Please also see the next figures:
| Standard (Not Locked) | Locked Form Field |
|---|---|
The form field value remains editable in the PDF file even after completing |
The form field's final value at the end of envelope processing is inserted into |
...
...
Information on whether the form fields are locked or not can also be found in the audit trail. Please see the next figure:
Audit log Settings
| Info |
|---|
Note: It is not recommended to disable the audit-log, because it is an important evidence (see signature guide). |
In this section you can define the following settings:
- Settings of the audit log (audit trail).
- Settings for separate logs per document
Signature PAdES Configuration 
Allows to set the signature configuration based on the different PAdES levels, for following types of signatures.
...
be found in the audit trail. Please see the next figure:
Audit log Settings
...
| Info |
|---|
Note: It is not recommended to disable the audit-log, because it is an important evidence (see signature guide). |
In this section you can define the following settings:
- Settings of the audit log (audit trail).
- Settings for separate logs per document
Signature PAdES Configuration
...
Allows to set the signature configuration based on the different PAdES levels, for following types of signatures.
- HTML5 Signatures (Click2Sign, Type2Sign, Draw2Sign)
- Biometric Signatures, SMS-OTP Signatures
- Digital Remote Signatures, Disposable Certificate, Automatic Remote Signatures, P7M-Signature, SwissCom, A-Trust, LongLiveDisposable, PushTan, LocalCertificate
- Timestamps in case they are independently added and not part of a signature
In case of having one signature field with multiple signature types allowed, the signature type is selected per signature field and not per signature method. Therefore, as soon as a signature field contains one of the signature methods listed above, its PAdES configuration is considered for all signature types. If different PAdES configurations would match, then the "highest value" PAdES configuration is considered, while the sort order from lowest to highest value is "HTML5 Signatures", "Biometric Signatures, SMS-OTP Signatures
...
", "Digital Remote Signatures, Disposable Certificate, Automatic Remote Signatures, P7M-Signature, SwissCom, A-Trust, LongLiveDisposable, PushTan, LocalCertificate, GenericSigningPlugin"
Description of the different PAdES baseline levels supported by eSignAnyWhere:
- PAdES level BASELINE-B without using an external timestamp server
- B-Level: Short-term electronic signature with signing certificate
- contains just the time information from local machine; without an external server time stamp
- contains just the time information from local machine; without an external server time stamp
- B-Level: Short-term electronic signature with signing certificate
- PAdES level which require using an external timestamp server: BASELINE-T, BASELINE-LT and BASELINE-LTA
- T-Level: Includes B-Level and a time stamp
- Use the configured time stamp server on the signature itself
- Ensures that the document existed at a specific date and time, where time is granted by the external timestamp server
- LT-Level: Includes T-Level and a full set of certification and full set of revocation data
- Use the configured time stamp server on the signature itself
- Allows validation of the signature without access to the signing environment.
- LTA-Level: Includes LT-Level and a timestamp of a TSA (Time Stamping Authority)
- produces in addition to the signature field defined a time stamp signature on the document
- T-Level: Includes B-Level and a time stamp
| Figure | Description |
|---|---|
|
|
...
- Set the email sender appearance configuration
The dropdown list allows to select one of the 3 different appearances:
...
Configures a Redirect URL to which the envelope creator is redirecting instead of sending an envelope. Following placeholders are available:
- ##EnvelopeId##
- ##SenderUserId##
- ##OrganizationId##
Instead of the page sequence
...
- Allows the sender to copy the viewer link from the envelope details page (if sender role grants required envelope permission)For more information please also see this pagegrants required envelope permission)
- For more information please also see this page
Extended Signing Options
...
Since version 23.52
| Info |
|---|
Be careful when changing these settings, as they might have unwanted side effects. Per default, locked PDFs can not be signed! |
- Allow signing of locked documents
Recipient settings
...
You can set the following settings for the recipient:
- default CC for all signers
- usage of envelope metadata
- allow recipients to access envelope again after it has been completed and closed
- Show warning dialog, if there are fewer signature fields than signers
- warning will be shown if:
- only some of the signers have no signature field
- when all of the signers have no signature field
- warning will be shown if:
- delegation settings
- allowed authentication methods for signers
- force authentication
If you force an authentication and the user does not select any or a specific authentication method then the user will get the following notification:
...
