# Provide a signature

Capture a trusted, auditable signature so a service can confirm who signed, what they signed, and when.

**Use this pattern when**

* the outcome is legally/procedurally significant, or fraud prevention is essential
* the service must produce a verifiable record of agreement/approval
* multiple signers, roles (personal/business), or asynchronous signing are involved

**Do not use this pattern when:**

* a simple confirmation or acknowledgement is sufficient
* consent is not the lawful basis, or signing is not required for the decision (use information + normal confirmation instead)

## Steps

<details>

<summary><strong>Example user flow</strong></summary>

<figure><img src="https://content.gitbook.com/content/u8moxPbFWK9pTxPYNIyh/blobs/edkKkBTzfre9LJV1k4FE/Provide%20a%20signature.png" alt=""><figcaption></figcaption></figure>

</details>

### 1. Verify identity and authorise to sign (optional)

Confirm the user is the intended signatory and is authorised to sign in the chosen role whther personal, business or on behalf of another.

Use the [authenticate](https://specs.govstack.global/service-patterns/2.-functional-patterns/authenticate) functional pattern or additional verification steps depending on risk.&#x20;

### 2. Review what will be signed

Show a clear, human-readable view of the content and a short summary of consequences.

Use the [check answers](https://specs.govstack.global/service-patterns/3.-step-patterns/check-answers) pattern where users must be able to:&#x20;

* confirm they agree
* stop/cancel if they don’t

### 3. Choose signature method or role (if applicable)

If multiple signing methods or roles are available, let the user select how and as whom they are signing.

Examples:

* sign as individual vs on behalf of an organisation (entrepreneur)
* certificate-based vs one-time signing flow (where supported)

Present options using [single or multiple-choice question](https://specs.govstack.global/service-patterns/3.-step-patterns/ask-a-question). &#x20;

If signature exists as credential, use the [present credential](https://specs.govstack.global/service-patterns/2.-functional-patterns/present-a-credential) pattern.&#x20;

### 4. Apply eSignature

The service applies the signature using the [eSignature Building Block](https://specs.govstack.global/esignature) and returns the result via internal integration, typically protected via [Information Mediation](https://specs.govstack.global/information-mediator).

### 5. Return outcome (and confirmations)

Show a clear result. Use [outcome](https://specs.govstack.global/service-patterns/3.-step-patterns/outcome) step pattern.&#x20;

Must include:

* status: signed / pending / failed / declined / expired
* reference for audit/support
* what happens next in the service

Send confirmations where appropriate to the signatory and to the document owner or requester (if different)

Use the [notification](https://specs.govstack.global/service-patterns/3.-step-patterns/send-a-notification) step pattern.&#x20;

***

### Considerations

* Enable a user to save and return to sign later, with reminder notifications and expeiry where relevant.&#x20;
* Signing must be usable with assistive technology such as screen readers.&#x20;
* Where eSignature isn’t possible, offer other assisted or alternative ways to access and complete this part of the service.