Manage E-Signature
The e-signature functionality allows users to sign and approve electronic records within the system. Selected programs, tables, and objects can be set up to trigger a request for an e-signature to ensure that review or approval of the electronic record is performed before changes are saved.
This document describes the basic data set up required to activate this functionality in addition to the activities involved in e-signature creation, signature, and error handling.
Basic data for e-signature
Perform these activities to set up basic data for e-signature.
- Define programs and tables for e-signature
Programs and tables for e-signature are defined in 'E-Signature Program. Open' (SES410). This program is used to identify programs and tables that require an e-signature. Records are stored in table CESPGM. A program is an entity that updates data in electronic records stored in a table.
A program can update records in multiple tables. A combination of the two - program and table - comprise the e-signature program that requests an e-signature from the user when changes are made.
To generate the standard setup of programs where e-signature functionality is applied, select function key
. F14 can also be used later to update the (SES410) with new programs where electronic signature has been enabled.These settings are defined for an e-signature program:
Field Description Sign process Determines the process used in signing the e-signature. Alternatives are 1-'Synchronous' and 2-'Asynchronous'. When alternative 1 is selected, the e-signature or comment is prompted immediately and must be completed without interruption. Signing must be made before a new transaction is started. When alternative 2 is selected, the record is locked for update until the signature is completed through an Infor OS workflow. The signatories execute their signatures independently. Note: When changing the signature process, the status of any connected fields in (SES411) are set to 10-'Preliminary'.To use alternative 2, the program where this field can be edited must be enabled for record locking on (CMS005/E). Not all programs can be enabled for record locking. In this case, this setting will not be available in (CMS005).
Alternative 2 is also limited for record update or deletion. Record creation would be overridden by the synchronous process.
Signature Event Determines how often an e-signature is required per program. Alternatives are 1-'First Panel' and 2-'Every Panel'. When alternative 1 is selected, the e-signature will be required only once, in the first panel of the program or the first panel where a field requiring signature is changed. The signature will be applied throughout the program. In alternative 2, the e-signature will be required in every panel of the program where a field requiring signature is changed. If comments are required, based on the set up in (SES411), the e-signature is displayed in every panel regardless of the setting, allowing the user to specify the required comments. Note: For asynchronous process, only alternative 1 is applicable.Status Determines if the e-signature program is 10-'Preliminary' or 20-'Released'. Only released e-signature programs will trigger a request for an e-signature. Note: Only one individual file can be set to 20-'Released'. This is relevant for programs where multiple files are updated on the same panel. - Define objects for e-signatures
E-signature objects are defined in 'E-Signature Object. Open' (SES411). This program can be accessed directly or started from 'E-Signature Program. Open' (SES410) using related option 11='E-signature object'.
Only programs and tables that are defined in (SES410) can be used to define an e-signature object. Fields from the identified program and table are set up to trigger an e-signature request. When changes are made in the field, an e-signature will be required. The combination of these three - program, table, and field - form the e-signature object. This is stored in the CESTRG table.
A blank field can be entered to enable e-signature when creating or deleting records in the e-signature program.
The available options for signature method, strategy and process depends on the signature process selected in (SES410) for the program and table.
These settings must be defined for an e-signature object:
Field Description Reason The reason for requiring an e-signature for the object. This will be displayed when the e-signature is triggered. Signature Method Determines the method used when signing the e-signature. Alternatives for synchronous process:
When alternative 0-'No Signature' is selected, no signature is required. Only a comment on the reason for the signature will be required for the updated information. Comment input should be set to 1 or 2.
When alternative 1-'System' is selected, signing is performed within the system by specifying user and password. No external system or security product is used.Alternative for asynchronous process:
Alternative 2-'Workflow' is set by the system when the signature process is set to asynchronous in (SES410). Then an Infor OS workflow must be set up and handle the signing of the electronic record.
Signature Strategy Determines the strategy used when signing the e-signature. Alternatives for synchronous process:
When alternative 0-'No Signature' is selected, no signature is required. Only a comment on the reason for the signature will be required for the updated information.
When alternative 1-'Simple' is selected, no other signatory is required. The user who made the changes to the record will also be the one to sign. The user must be set up as a signatory for 'Workflow'= 3-'Release' in (SES415).
Alternatives for asynchronous process:
The strategy for asynchronous process requires more than one user to sign and when alternative 2-'Dual control' is selected, users must be setup as signatories for 'Workflow' = 2-'Approve' and 3-'Release' in (SES415).
When alternative 3-'Several' is selected users must be setup as signatories for 'Workflow' = 1-'Review', 2-'Approve' and 3-'Release' in (SES415).
Sign Process Determines the process used in signing the e-signature. For synchronous process:
The field can be set to 0-'No signature' if only a comment on the reason for the change is required and not a signature.
When alternative 1-'Synchronous' is selected, e-signature will immediately be prompted and must be completed without interruption. Signing must be made before a new transaction can be started.
For asynchronous process:
Alternative 2-'Asynchronous' is set by the system, the record would be locked for update until the signature is completed through Infor OS workflow.Note: Alternative 2 is limited for record update and deletion. Record creation would always use synchronous process.Comment Input Determines whether comments are required when updating an object or executing the e-signature. Alternatives are '0-Not Applicable', 1-'Optional' or 2-'Mandatory'. When alternative '0-Not Applicable' is selected, the comment box is not displayed. Status Determines if the e-signature object is 10-'Prelimary' or 20-'Released'. Only released e-signature objects will trigger an e-signature when changes are made. Note: Signatories must be set up according to signature strategy before status is set to 20.For asynchronous process, applicable API program and transaction must also be defined in 'Table. Open' (MNS120) before status is set to 20.
Settings for application messages and workflows are also defined in this program. These settings are defined for successful signature, failed signature, and asynchronous workflow:
Field Description Send Message Determines if an application message should be sent after a successful or failed signature Note: Application message type 020 and/or 021 must be activated in 'Settings - Application Messages' (CRS424). If an email is also to be sent, the receiver must be connected to the message type in 'Application Message E-mail Param. Open' (CRS427).Receiver Determines to whom the application message will be sent BOD Enabled Indicates if the created application message should be sent to ION in the form of a business object document Workflow Name Indicates the name of the workflow to be started in ION when an application message is created Workflow Name – Asynchronous signature Indicates the name of the of the workflow to be started in ION to process the e-signatures. Note: The application message type 022 in (CRS424) must be activated to trigger start of the ION Workflow. - Define signatories for E-signature
Signatories are defined in 'E-Signature Object. Connect Signatory' (SES415). This program can be started from 'E-signature Object. Open' (SES411) using related option 11='Signatory'. Only signatories or users defined in (SES415) are authorized to sign and approve, or review electronic records.
These settings must be defined for a signatory:Field Description Workflow Determines the type of workflow done by the signatory. Which workflows that can be entered depends on the selected signature strategy in (SES411) for the object. Strategy 1-'Simple': The user must be set up as a signatory for workflow 3-'Release'. Multiple signatories can be added for the same validity dates. The user who made the change to the record should also sign.
Strategy 2-'Dual control': Users must be set up as signatories for workflow 2-'Approve' and 3-'Release'. Multiple signatories can be added for the same validity dates for workflow 'Approve' but only one for 'Release'. All signatories with valid dates specified in (SES415) must sign.
Strategy 3-'Several': User must be set up as signatories for workflow 1-'Review', 2-'Approve' and 3-'Release'. Multiple signatories can be added for the same validity dates for workflow 'Review and Approve' but only one for 'Release'. All signatories with valid dates specified in (SES415) must sign.
Signatory Determines the user defined as the signatory for the electronic signature. Valid from/to Determines the validity dates for the signatory. - Define exceptions for e-signature
By default, e-signature is required for all changes in objects defined in 'E-Signature Object. Open' (SES411). In program 'E-Signature Exception. Open' (SES412), exceptions per e-signature object are defined. It is better to define exceptions to avoid missing definition of conditions where e-signature will be applied.
This program can be accessed directly or started from (SES411) using related option 12='E-signature exception'. The exceptions are stored in table CESEXC.
- Validations
New exception records can only be created for existing (SES411) records (CESTRG) with status 20. The table to be validated for exception is the object table being signed. Related tables defined in 'Related Tables. Connect' (CMS011) can also be used. This can be accessed from 'List and Printer programs. Configure' (CMS005), using related option 11='Related Tables'.
Note that use of related tables are valid only for programs using the new list standard.
- Assumption
Verification is not performed between conditions. It is the responsibility of the user to specify correct exception criteria. Exception conditions are specified per e-signature object. The following are defined for each condition on (SES412/E):
Field Description Sequence number for sorting Sequence (SQNU) starts from 1 and can be manually inputted. If not specified, last sequence will be incremented with 1. and/or Multiple conditions can be joined by 'AND' or 'OR'. The first condition should always have value of '0-Blank' and will mark the beginning of the entire process exception. Table The same as the object table being signed or one of the related tables defined in (CMS011). Field The specific table field to be validated if the record will be exempted from signature processing. Condition Determines the comparison to be performed for the specified value field. Value field Specific value to be tested if met to enable exception.
If there are multiple exceptions created for an e-signature object, the relation between the conditions should be logical to represent the business condition where the e-signature is not required.
- Validations
- Create electronic record template
When all the required e-signatures are done for a record, the system creates an electronic record, or a snapshot of the record in the database. The snapshot preserves the entire record for the master table. In the asynchronous process, an electronic record is always created.
A standard template for the electronic record is created automatically in 'Ad Hoc Report Group. Open' (AHS100) when you select option 2-'Change' for a program in (SES410) and press Next, if it does not still exist. The name of the templates uses 'STD-ES-TABLE' where TABLE is the name of the table for the applicable program. For example, STD-ES-MITMAS for program 'Item. Open' (MMS001) with table MITMAS in (SES410). The template is a basis for manually adding additional information required for the electronic record, but there is a predefined information generated.
The additional information is a description field in a related table that is connected to a field in the master table. For example, the name of a user exists in table CMNUSR which is connected to the user ID specified in the field 'Responsible' (RESP) in MITMAS, the item master table. These description fields show as another column in 'Electronic Record. Open' (SES445). Additional information can come from a name or description in the CSYTAB System Tables file.
- Add additional information to the electronic record template
- Open 'Related Tables. Connect'
(CMS011) by using alternative 11='Related tables' for the electronic
record template in (AHS100) to add the related tables and the description fields. For
information on how to do this, see Manage Related Tables. Note: If different description fields should be added from the same related table, the related table must be added with different prefixes for each field.
- Open 'Virtual Fields. Connect' (CMS012) by using alternative 12='Virtual fields' from (AHS100). On (CMS012/B), specify the virtual field ID and use alternative 1='Create'.
- Specify a name for the virtual field by specifying either a description or a message ID.
- Select Field type 12-'Description'.
- In the 'Field' (OBJ9) field, specify the field name from the master table.
- In the 'Description' (OB10) field, specify the field from the related table where the description exists for the value in the connected master table field.
Example
The master table for the electronic record template is MITMAS. The Responsible (RESP) in MITMAS is a user ID and the name of the user is stored in the field 'TX40' in the CMNUSR table. Then, MMRESP is specified in 'Field' and JUTX40 in 'Description', only if 'JU' was used as prefix for the related table.
- Open 'Related Tables. Connect'
(CMS011) by using alternative 11='Related tables' for the electronic
record template in (AHS100) to add the related tables and the description fields. For
information on how to do this, see Manage Related Tables.
- Define API program and transactions for asynchronous processIn the program 'Table. Open' (MNS120) is API or Fnc-program and associated transactions defined. They are used to delete or update the table for the electronic record through the e-signature functionality. This is only applicable for the asynchronous process where the changed field or deleted record that triggered the e-signature will not be updated or deleted until all signatories have signed the electronic record.
Field Description Updating pgm Determines the API or Fnc-program that should be used to update the record in the table. For example, MMS200MI for table MITFAC or QQS005Fnc for table QQTMIT. Update transaction Determines the API or Fnc transaction that should be used to update the record in the table. For example, UpdItmFac for MITFAC or maintain for QQTMIT. Delete program Determines the API or Fnc-program that should be used to delete the record in the table. For example, MMS200MI for MITFAC or QQS005Fnc for QQTMIT. Delete transaction Determines the API or Fnc transaction that should be used to delete the record in the table. For example, DltItmFac for MITFAC and delete for QQTMIT. - Enable record locking for program in the asynchronous process In the asynchronous process, the record that triggered the e-signature is locked through the record locking functionality, so the record would not have any other updates while the e-signature process is ongoing. The record locking functionality is enabled per program on 'List and Printer programs. Configure' (CMS005/E). Select the check box 'Enable rec lock' (ENRL) for the program where the e-signature is enabled.Note: Not all programs have record locking functionality. In this case, this setting will not be available in (CMS005) and the synchronous process can be used.
Locked records are displayed in 'Locked Records. Open' (CMS430). Records that have been locked in the e-signature process gets a reason code 2-'E-Signature' and the e-signature number as external reference in (CMS430).
- Create Infor OS workflow for the asynchronous process
In the asynchronous process, an Infor OS workflow must be set up to handle the signing of the electronic records. To trigger the workflow to start, the name of the workflow must be specified in the 'Workflow name' field for Asynchronous process in (SES411) and application message 022 in (CRS424) must be activated. In the workflow, transactions for API SES450MI (Manage e-signature) are intended to use. Transaction PrcEsignature to process and sign, or RejEsignature to reject the changes and cancel the e-signature process. No update of changed fields or record deletion will be done.
E-signature process
- Creation of e-signature record
When changes are made to specific fields that require an e-signature in the program, records are created in 'E-Signature Record. Open' (SES440) with 'Pending' or 'Pending – Asynchronous' as status. Multiple records are created depending on how many fields for e-signature are changed. The records will be assigned the same unique number series (per panel) called 'E-signature number'.
Records contain this information:
Field Description Program The e-signature program where changes were made. Table The table containing the changed field or object. Field The changed field or object. Old value The old value of the field changed. New value The proposed new value of the field. Reason The reason for requiring the e-signature. Change Date and Time Determines when the changes were made. Changed by The user who made the changes in the record. Sign date and time Determines when the e-signature record was signed. Signatory The user who last signed the record. Settings of the e-signature object at time of creation Sign method, Sign strategy, Sign process, and Comment Input. E-sign reason A personal comment on the reason for the e-signature. When adding or deleting a record in the e-signature program, an electronic record is created in 'E-Signature Record. Open' (SES440) with reason 'Record Creation' or 'Record Deletion'. There records initially get status 'Pending' or 'Pending – Asynchronous'. Fields 'Old Value' and 'New Value' are blank.
- Signing of e-signature record with synchronous process
When clicking Enter in the program, 'E-Signature. Open' (SES450/B) will be displayed. The timing of the display is dependent on the basic option used (for example, add, delete, or change) in addition to the 'Signature Event' setup in 'E-Signature Program. Open' (SES410). Records will be created in (SES450) with 'Pending' as status.
When adding a new record, (SES450/B) will be displayed after the record creation panel. Only one line with reason 'Record Creation' will be displayed in the list. When deleting a record, (SES450/B) will be displayed after confirmation in Panel D in the e-signature program. Only one line with reason 'Record Deletion' will be displayed in the list.
When updating a record, (SES450/B) will be displayed after the first panel or every panel, depending on the 'Signature Event' setting in (SES410). Single or multiple fields or objects will be displayed in the list, depending on the numbers updated.
In all cases, 'E-signature number', 'workflow', and 'signatory' will be displayed in the header.
After reviewing the list, 'Process All' under Actions is selected to sign the records. If one or more fields in the panel require signature, a PIN code prompt will be displayed. When the user ID and PIN code is provided and specified, the records in (SES440) and (SES450) will be updated with 'Signed' status.
When signed, date and time of signing and the last signatory will be updated. An electronic record will be created in the database and is displayed in 'Electronic Record. Open' (SES445).
If user ID and PIN code is not specified and (SES450) is closed, the record in (SES440) and (SES450) will be updated with 'Rejected' status.
- Signing of e-signature record with asynchronous processWhen clicking Enter in the program, 'E-Signature. Open' (SES450/B) will be displayed. The timing of the display is dependent on the basic option used for example, add, delete, or change. Records will be created in (SES450) with 'Pending - Asynchronous' as status. Multiple records are created depending on the number of fields changed for e-signature and the number of signatories with valid dates in (SES415).Note: When adding a new record, the synchronous process will override the asynchronous process. See section on using the synchronous process.
When deleting a record, (SES450/B) will be displayed after confirmation in Panel D in the e-signature program. Lines with the workflows and signatories, and blank field will be displayed in the list.
When updating a record, (SES450/B) will be displayed when clicking enter in the panel. Single or multiple fields or objects will be displayed in the list, depending on the numbers updated.Note: Only updated fields defined in (SES411) will be displayed, any other updated fields in the panel will be ignored.In all cases, 'E-signature number' will be displayed in the header.
After reviewing the list, 'Process All' under Actions is selected. A dialog is displayed to inform the user that the changes will not be applied until e-signature process is completed through Infor OS workflow. When you click OK in the dialog, you will return to the panel in the program. The record is locked from further updates until the e-signature process is completed, use F12 to go back to the start panel. Application messages are created to notify the signatories to complete the e-signature process and to start the Infor OS workflow used for signing.
The records in (SES440) and (SES450) will have 'Pending - Asynchronous' status.
If , 'Process All' is not selected and (SES450) is closed, the records in (SES440) and (SES450) will be updated with 'Rejected' status.
Signatories execute their signatures independently asynchronously. When a signatory has reviewed or approved the record and signs, the API SES450MI, transaction PrcEsignature is called by the Infor OS workflow, to update the records in (SES450) for the specific workflow and signatory. When signed, the status is set to 'Signed' and the date and time are updated as well as the reason for the e-signature, if this was specified.
When the last signatory has signed, these additional updates will be made:
- Removal of record lock.
- Update of the changed field through the API defined in (MNS120) or record deletion, depending on basic option that triggered the e-signature.
- The status of the record in (SES440) will be set to 'Signed', date and time of signing and the last signatory will be updated.
- Electronic record created in 'Electronic Record. Open' (SES445).
A signatory who wants to reject the e-signature must have this opportunity in the workflow. Then the API SES450MI, transaction RejEsignature is supposed to be called by the Infor OS workflow. A personal comment on the reason for the rejection of the electronic signature can be specified. When rejected, the records in (SES440) and (SES450) will be updated with 'Rejected' status, the record lock removed, and an error log created in (SES490) with error 'Cancellation'.
- Error logging of e-signature record
Errors in the signing process will create a record in 'E-Signature Err Log. Open' (SES490). Cancelling or closing (SES450) or the PIN code prompt will trigger the creation of error log in (SES490) with error 'Cancellation'. Entering a wrong PIN code will trigger the creation of error log in (SES490) with error 'Cancellation' or 'Invalid PIN code '.
In the event when two users make changes to the same record at the same time, only the first signed record will be saved. The second record in (SES440) will be updated with status 'Discarded' and a record in (SES490) is created with error 'Change overruled'.
In the asynchronous process, when API SES450MI, transaction PrcEsignature fails in the signing process, an error log is created in (SES490) with the error 'Unsuccessful API/Fnc call'.
When e-signature is cancelled or an error is encountered, no changes are made in the database and the original program and panel will be displayed for synchronous process. For asynchronous process, no changes are made in the database and the record lock is removed.
- Trouble shooting with concept logging in the asynchronous process
If the e-signature process fails for the API transaction PrcEsignature in SES450MI, a way to troubleshoot is to turn on the concept log 'mvx.msf.sec.eSignature'. Example of logging is error returned by the API defined in (MNS120) when updating the record for the e-signature, or missing settings in (MNS120).
- Electronic record and data integrity validation
When an electronic signature process is successful, electronic record is created and displayed in (SES445). A hash key is added to each row of the electronic record data in the database. This is to make a comparison if a record may have been tampered with. The hash key is calculated based on the entire row of data, including the creation date and time. The value is also encrypted as additional protection. Hash key also exists for the E-signature signing history records.
Related option 16='Data integrity validation' in (SES440) can be used to check if the electronic record is genuine or has been altered based on the hash key. If the record is genuine, a message is displayed saying that the record is genuine, otherwise, the record has been altered.
You can use ‘E-sign data integrity validation.Print’ (SES495) to print a range of electronic records and E-signature signing history records.
The 'E-sign data integrity validation report’ (SES496PF). (SES496PF) include details of altered records to display the number of records checked and the number of altered records in each selected table.
Note: The data integrity validation can only be done for records where an electronic record exists, not for old records created before this functionality existed. Then a message is displayed saying that the data integrity validation cannot be used.Print an electronic record
An electronic record can also be printed by using function key F16='Run Report' from (SES445) that would trigger the generation of 'Electronic Record' print out (SES446PF).
Functional limitations
- Only those programs that have the program infrastructure are enabled to request electronic signature. Enabled programs are available in (SES410).
- You can use asynchronous process if record locking functionality has been enabled for the program.
- For record creation, you can use synchronous process only. Asynchronous setting is overridden by synchronous.
- In the asynchronous process, only the fields that are configured for e-signature are updated once the electronic record is signed, not the other fields that may have changed simultaneously.
- Events that do not trigger the e-signature process:
- Editing of records in list panel (B-panel).
- Copying of records.
- Updates through API or Fnc-programs.