Use enforced identity authentication
The Adobe Acrobat Sign "Enforce Identity Authentication" feature is available with the enterprise and business service plans.
The Enforce identity authentication feature defines the trigger events that prompt a recipient to re-authenticate when interacting with an agreement.
Opening the agreement is the primary authentication trigger.
- This authentication must be enabled if either of the other triggers is enabled.
Other triggers will force authentication when a signature is applied and/or when the signature process is completed.
The triggers enabled encompass all signers included in the agreement (internal and external).
Access to the feature is on the Bio-Pharma Settings page and is available to all customers with an enterprise or business service plan.
How it's used
For Enforce identity authentication to work, the signer must be authenticating their identity with either:
- Phone authentication (SMS) - Recommended for external signers
- Acrobat Sign authentication - Recommended for internal signers
The authentication method is defined on the Send Settings page in the Identity Authentication Methods section.
When enabled, Enforced identity authentication requires the signer to authenticate when opening the agreement.
Additional authentication triggers can be configured:
- Challenge for authentication at each signature field - When clicking into a signature field, the recipient is challenged to authenticate
- Challenge for authentication when finalizing the agreement - When clicking the Click to Sign button, the recipient is challenged to authenticate
Upon triggering an authentication challenge, the recipient is presented with the authentication UI.
There are two possible options:
- Phone authentication - An SMS-based text that provides a five-digit code that the signer must enter before affixing the signature
- Acrobat Sign authentication - A request to provide the signer's Acrobat Sign password
Once the signature is applied, the recipient can continue the form filling/signing process.
When Enforce Identity Authentication is enabled, there are three options available that govern when the recipient is challenged to authenticate:
- Authenticate as the agreement is opened - Upon opening the agreement, the recipient is challenged to authenticate prior to displaying the agreement content.
- This option must be enabled if any of the other authentication challenges are to be enabled.
- Authenticate for every signature field - When enabled, the recipient will be prompted to authenticate every time they click into a signature field.
- Only signature fields are re-authenticated, initial fields are not.
- The setting impacts both required and optional signature and signature block fields.
- Authenticate when finalizing the signature cycle - Upon clicking the Click to Sign button, the recipient will be challenged to authenticate.
How to enable or disable
The "Enforce identity authentication" feature can be enabled at the Account level by the Acrobat Sign Account Admin.
Group level settings are permitted and will override the Account level values.
To access the options, navigate to: Account Settings > Bio-Pharma Settings
Things to keep in mind...
- Enforced Identity works with authenticated self-signing
- Enforced identity authentication works with digital and electronic signature fields
- Each signer can have only one digital signature field and multiple electronic signature fields
- Enforced authentication does not apply when only a Stamp is used as a signature