Data Requests
Collect legally binding electronic signatures
Section titled “Collect legally binding electronic signatures”Create a Data Request to collect UETA and ESIGN compliant electronic signatures.
When you make an API request to fill out a PDF, you can specify that some fields must be filled in by certain people (including signature fields). The PDF submission will be in a pending state until all of the data requests have been completed. You can then send these people a link to fill in the form, or embed this form on your own website. When everyone has filled in the form, the PDF will be generated, and we can send your server a webhook notification.
To collect UETA and ESIGN compliant electronic signatures, DocSpring must record an audit trail that includes user authentication. This means that you need to send us some details about how and when your users have been authenticated.
How Data Requests Work
Section titled “How Data Requests Work”Here is an overview of the process:
- Create a submission with data requests - Include details about the people who will be filling out and signing the document
- Send notification emails - Send your users links to the signing form and record the event
- Request authentication tokens - Create one-time tokens when users are ready to sign
- Update authentication details - Ensure authentication information is current
- Render the signing form - Embed the form on your website or use hosted forms
- Process the completed PDF - Receive webhook notifications when all signatures are collected
This process ensures that DocSpring can record a complete audit trail of events, making all electronic signatures legally binding.
Data Request Components
Section titled “Data Request Components”Authentication Requirements
Section titled “Authentication Requirements”To ensure legal compliance, data requests must include:
- The user’s full name
- The user’s email address
- Details about how and when the user was authenticated
- The fields that the user must fill out (including signature fields)
- Optional metadata to save on the data request
Audit Trail
Section titled “Audit Trail”DocSpring automatically records a complete audit trail for each data request, including:
- When the notification was sent
- Authentication methods and timestamps
- When the document was viewed
- When each signature was collected
- When the document was completed
Example audit trail log:
2024-01-01 12:00:00 - Sent via email to Test ([email protected])2024-01-01 12:10:00 - Test ([email protected]) signed in via username/password2024-01-01 12:10:00 - Viewed by Test ([email protected])2024-01-01 12:20:00 - Signed by Test ([email protected])2024-01-01 12:20:00 - Document completedAuthentication Tokens
Section titled “Authentication Tokens”Authentication tokens are one-time use tokens that authorize a user to access and sign a specific data request. Key characteristics:
- Can only be used once
- Should be requested immediately before showing the signing form
- Include an authenticated URL for hosted forms
- Expire after use or timeout
Mobile Support
Section titled “Mobile Support”When an embedded form is displayed on a mobile device, it will always be shown in a full-screen modal overlay. The user can zoom in to enlarge the document and fields. You should use the following viewport meta tag in your HTML <head>:
<meta name="viewport" content="width=device-width, initial-scale=1" />