search
GovStack Website

Provide a signature

Capture a trusted, auditable signature so a service can confirm who signed, what they signed, and when.

Use this pattern when

  • the outcome is legally/procedurally significant, or fraud prevention is essential

  • the service must produce a verifiable record of agreement/approval

  • multiple signers, roles (personal/business), or asynchronous signing are involved

Do not use this pattern when:

  • a simple confirmation or acknowledgement is sufficient

  • consent is not the lawful basis, or signing is not required for the decision (use information + normal confirmation instead)

hashtag
Steps

hashtag
1. Verify identity and authorise to sign (optional)

Confirm the user is the intended signatory and is authorised to sign in the chosen role whther personal, business or on behalf of another.

Use the autheticate functional pattern or additional verification steps depending on risk.

hashtag
2. Review what will be signed

Show a clear, human-readable view of the content and a short summary of consequences.

Use the check answers step where users must be able to:

  • confirm they agree

  • stop/cancel if they don’t

hashtag
3. Choose signature method or role (if applicable)

If multiple signing methods or roles are available, let the user select how and as whom they are signing.

Examples:

  • sign as individual vs on behalf of an organisation (entrepreneur)

  • certificate-based vs one-time signing flow (where supported)

Present options using single or mulple-choice question.

If signature exists as credential, use the present credential pattern.

hashtag
4. Apply eSignature

The service applies the signature using the eSignature Building Block and returns the result via internal integration (typically protected via Information Mediation).

hashtag
5. Return outcome (and confirmations)

Show a clear result. Use outcome step.

Must include:

  • status: signed / pending / failed / declined / expired

  • reference for audit/support

  • what happens next in the service

Send confirmations where appropriate to the signatory and to the document owner or requester (if different)

Use the notification step.

hashtag
Considerations

  • Enable a user to save and return to sign later, with reminder notifications and expeiry where relevant.

  • Signing must be usable with assistive technology such as screen readers.

  • Where eSignature isn’t possible, offer other assisted or alternative ways to access and complete this part of the service.

Last updated

Was this helpful?