Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

Configuring advanced identity verification for envelope recipients

Updated on April 5, 2022

For business objectives that require a high threshold of transaction security, configure your DocuSign integration to require additional authentication from the envelope recipients.

For example, some businesses or government institutions might require digital signatures to be verified by a Qualified Trust Service Provider (QTSP).

Important: Advanced identity verification is available only when using the DocuSign API version 2.1. For more information, see Updating your application to use the DocuSign API version 2.1.
Pega Platform supports the following advanced identity verification methods:
  • Authentication through a Qualified Trust Service Provider (QTSP)
  • Authentication through a text message
Before you begin:
  • Save the pyRecipientIdentityVerification data transform rule as part of your application ruleset, in the case type class that integrates the DocuSign services.
  • Ensure that step 2.7 in the pyAssignRecipientsToEnvelope data transform is enabled. See the following figure for reference:
    pyAssignRecipientsToEnvelope step that enables recipient identity verification
    Step 2.7 in the pyAssignRecipientsToEnvelope data transform that enables recipient identity verification.
    For more information, see Assigning recipients to an envelope.

Verifying recipient identity with a Qualified Trust Service Provider

In this method, DocuSign requires a proof of identity that is verified by a Qualified Trust Service Provider (QTSP) to complete an envelope.

Some industries, countries, or government entities might require recipients to digitally sign documents by using a QTSP-verified proof of identity because this method provides an increased level of identity assurance for digital signatures.

For more information and a complete list of QTSPs that DocuSign accepts, see the following article in the DocuSign Developers documentation: Use Digital Certificate-Based Signatures for More Secure Agreements

Before you begin: Add the advanced identity verification feature to your DocuSign developer or production account by contacting your DocuSign account administrator. For more information, see the DocuSign Developers documentation.
  1. Find and open the pyRecipientIdentityVerification data transform.
  2. On the Definition tab, in step 2, ensure that the .pyEnableIdentityVerification property is set to false.
    The .pyEnableIdentityVerification property enables or disables phone-based identity verification.
  3. Select the identity verification mode that matches your business needs:
    • For advanced identity verification that includes a QTSP with no additional authentication steps, skip to step 4 of this task.
    • For advanced identity verification that includes a QTSP with such additional security assurance as one-time password or text message, skip to step 5 of this task.
  4. If you use a QTSP but your business use case does not require additional recipient authentication, perform the following actions:
    1. In data transform step 9, enter the following information:
      StepPropertyDescription
      9.1.pySignatureProviderName

      The name of the digital signature provider for the recipient to use.

      For example, you can use the following providers:"UniversalSignaturePen_ICP_SmartCard_TSP""universalsignaturepen_opentrust_hash_tsp""docusign_eu_qualified_idnow_tsp""universalsignaturepen_signer_held_eu_qualified"For more information, see the following article in the DocuSign Developers documentation: Use Digital Certificate-Based Signatures for More Secure Agreements

    2. Disable step 11 of the data transform.
    3. Skip to step 6 of this task.
  5. If you use a QTSP and your business use case requires an additional step for recipient authentication, perform the following steps:
    1. Disable step 9.1 of the data transform.
    2. In step 11, enter the following information:
      StepPropertyDescription
      11.1.pySignatureProviderName

      The name of the digital signature provider for the recipient to use.

      For example, you can use the following providers:"UniversalSignaturePen_ICP_SmartCard_TSP""universalsignaturepen_opentrust_hash_tsp""docusign_eu_qualified_idnow_tsp""universalsignaturepen_signer_held_eu_qualified"For more information, see the following article in the DocuSign Developers documentation: Use Digital Certificate-Based Signatures for More Secure Agreements

    3. Choose the additional authentication method:
      Important: Consider the following points:
      • The available authentication methods include a one-time password or a text message.
      • You can use only one additional authentication method.
      • After configuring the data transform step for the preferred authentication method, disable the step that corresponds to the other method.
      StepPropertyDescription
      11.2.2.pyOneTimePassword

      Specify a pre-shared, case-sensitive, one-time password that the recipient must enter to authenticate.

      11.2.4.pySms

      Specify the phone number to which to send an authentication text message.

      The format is a + character, followed by the country code, followed by the full mobile phone number, without spaces or special characters. For example: "+48123456789"

    For example: The following figure shows the advanced identity verification settings with two-step authentication by using a text message. The steps that require your input are highlighted.
    Advanced identity verification settings for DocuSign
    The pyRecipientIdentityVerification data transform configuration for advanced identity verification.
  6. Confirm your settings by clicking Save.

Verifying recipient identity with a text message

In this method, the envelope recipient receives a text message with an authentication code that the recipient must enter to view their documents.

  1. Find and open the pyRecipientIdentityVerification data transform.
  2. On the Definition tab, in data transform step 2, enable phone-based identity verification by configuring the following step:
    StepPropertyDescription
    2.pyEnableIdentityVerification

    Change the default value to true.

    The default value is false.

  3. Use SMS for phone-based authentication by configuring the following steps:
    StepPropertyDescription
    4.pyRequireIdLookupEnable ID lookup authentication by changing the sample value in the Source column to "true"
    5.pyIdCheckConfigurationNameSpecify the authentication check type by changing the sample value in the Source column to "SMS Auth $"
  4. In data transform step 6, provide the recipient's phone numbers to which DocuSign sends the text message with an authentication request:
    StepPropertyDescription
    6.1.1.pyValue

    Provide the recipient's primary phone number, including the country code.

    The format is a + character, followed by the country code, followed by the full mobile phone number, without spaces or special characters. For example: "+48123456789"

    6.2.1.pyValue

    Provide the recipient's secondary phone number that includes the country code.

    The format is a + character, followed by the country code, followed by the full mobile phone number, without spaces or special characters. For example: "+48123456789"

  5. Optional: To add more phone numbers, perform the following actions:
    1. For each additional phone number, create a copy of data transform step 6.1 or step 6.2.
    2. In each copy, set the value of the .pyValue property to the phone number to which you want to send an SMS authentication request.
  6. Disable data transform steps 9 and 11.
    For example: The following figure demonstrates the SMS authentication configuration, in which the steps that require your input are highlighted:
    Configuring additional SMS authentication for a DocuSign envelope
    The pyRecipientIdentityVerification data transform that is configured for SMS authentication.
  7. Confirm your configuration by clicking Save.

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us