Signer Identity Verification

Search
Adobe Sign

Adobe Sign

Open app

Enable automatic signer authentication for users in your account.

When enabled, the Signer Identity Verification feature requires that any user (as defined by the email address) in your Adobe Acrobat Sign account must authenticate to Acrobat Sign before applying their signature.

Signer Identity Verification addresses two use cases:

  • Signing agreements - When an agreement is sent to a signer in the account from a trusted source, the user is challenged to authenticate to Acrobat Sign immediately after selecting the Review and sign link in the email.
  • Signing web forms - When a signer attempts to sign a web form that has been created in the same Acrobat Sign account that the user is in, they are challenged either when confirming the email address or when accessing the document after it has been saved.

The Signer Identity Verification process is applied in addition to any authentication method configured in the agreement or web form.

Configuration of the Signer Identity Verification controls

Signer Identity Verification offers two independently selectable options that can be turned on or off based on your security needs.

Availability:

This feature is available only for Acrobat Sign Solutions accounts.

Configuration scope:

You can enable Signer Identity Verification at both the account and group levels.

To access these controls, navigate to Security Settings > Signer Identity Verification

Navigate to the Signer Identity Verification controls

Note:

UserIDs inherit the Signer Identification Verification setting through their primary group.

Groups designed to control documents/workflows (that users are members of) do not confer the Signer Identity Verification security to those documents or workflows.

Require signers in my account to log in to Acrobat Sign before signing.

When this option is enabled for a group, users with that group as their primary group must authenticate to Acrobat Sign before signing an agreement sent by a trusted userID. All userIDs within the same account are automatically considered trusted.

When the recipient selects the Review and Sign link in the email, they are prompted to log in. A new tab opens with their email address pre-filled, and a banner instructs them to complete the login process to proceed.

Agreement Review and sign email and challenge

Note:

If the sender has applied an extra authentication layer to the agreement, the recipient must complete that verification after logging in to Acrobat Sign. Once their account authentication is confirmed, they will be prompted to pass the additional security challenge before accessing the agreement.

Require web form signers in my account to validate their identity by logging in to Acrobat Sign.

Signer Identity Verification applies to all web forms created in Acrobat Sign, regardless of the account that created them. However, specific web form settings can affect how identity verification works during the signing process:

  • If Require Signer to Verify Their Email Address is Enabled:
    Once the signer completes the form and triggers the Confirm My Email Address link in the verification email, they must log in to Acrobat Sign before the process is finalized.

  • If Require Signer to Verify Their Email Address is Disabled:
    The signer isn't required to authenticate before signing. Without email verification, identity validation isn't enforced.

  • If the signer saves the Web Form before finishing:
    They must log in to Acrobat Sign before resuming, even if the Disable Signer Reauth on Accessing the Web Form from Emailed Link option is enabled. This functions similarly to agreement verification.

These settings determine the level of authentication required, ensuring the appropriate level of identity validation based on your security needs.

Web form email confirmation email and challenge


Things to know

Accessing an agreement link with an active Acrobat Sign session

When a user accesses a signing link while already authenticated in Acrobat Sign, the service evaluates the userID attempting access and compares it to the userID assigned to the link (i.e., the next recipient in the signature cycle).

For email-based signing links, one of three outcomes occurs:

  • Matching UserID – Access Granted:

    • If the authenticated userID matches the signing userID, access is granted.
    • If additional authentication is required, the user must still complete it before proceeding.

  • Mismatched UserID – Internal Delegation Disabled:

    • If the authenticated userID does not match the signing userID and internal delegation is disabled, an error appears.
    • The message instructs the user to log in as an authorized signer to access the agreement.

  • Mismatched UserID – Internal Delegation Enabled:

    • If internal delegation is enabled, the service displays the email addresses of both the authenticated user and the assigned signer.
    • The authenticated user has two options:
      • Delegate the agreement to themselves and proceed with signing.
      • Sign out and authenticate as the assigned user to complete the signing process.

 

For API-based links, the response is always the Please log in as an authorized signer message unless 1st party and 3rd party cookies are turned off (cookieless session).

Get help faster and easier

New user?

Quick links

View all your plans Manage your plans
View quick links
Hide quick links

Legal Notices    |    Online Privacy Policy