Home > Configure Enterprise Settings > Integrate third party applications > Manage third party integrations

Manage third party integrations

SigningHub allows digital signatures to be easily integrated into any website/app through simple API calls. This is the smart way of adding Advanced Electronic Signatures into a web application that ensures a seamless experience for the end users. 

SigningHub also facilitates multi-tenancy that enables an organisation to define custom signing policies for their external users (i.e. clients, partners, contractors, etc.). The external users are those recipients who are not a part of your enterprise.  They would be either part of another enterprise,  an individual user, or a guest (non-SigningHub registered user), and you require them to sign documents within a tightly integrated app environment. This feature is usually requested by the banks and financial institutions, who appreciate high-trust digital signing with tailor-made configurations to ensure a consistent signature style (appearance, details, etc.) for all users. For more details, see Configuration Guide.

You can integrate multiple web applications with your enterprise account. For details, see the Quick Integration guide and the Developers guide.

With respect to security, and embedded iframes used by SigningHub for tight integration, the Integrations set-up allows you to specify the trusted domains of your business application.  When you supply input variables under "Allowed Domains" SigningHub will create the appropriate Internet headers when the iframe is called by the business application.  These are X-Frame-Options ALLOW-FROM for older browsers and CSP: frame-ancestors Header for the latest versions of Chrome for example. If you do not specify a value it will allow all parent domains to add this integration page in an iFrame.




Integrate a (third party) web application 

  1. Login with your enterprise admin credentials.
  2. Click your profile drop down menu (available at the top right corner).
  3. Click the "Enterprise Settings" option. 
  4. Click the "Integrations" option from the left menu.
  5. Click  from the grid header. 



  1. A dialog will appear with two tabs (i.e. Application and Settings) to input API details as shown in the following image. Add the API configurations of integrating app in the Application and Settings tabs as required. See the fields description of these tabs in the "Application Integration" and "Integration Settings" tables below.





  1. Click the "Save" button.


Application Integration

Fields

Description

Client ID

Field to specify the client ID (application name) to be integrated, i.e. SalesforseApp.

Call-back URL
  • In case of tight integration, specify the call-back URL where the users could be redirected when they close a document in the Iframe. 
  • However for loose integration, specify a dummy URL to generate a Client Secret. As the call-back URL will not be required in the app configuration.

Default Authentication Method

Select the default authentication method for this integration, i.e. SigningHub, Active Directory, Salesforce, etc. The drop down is showing the list of public and private authentication methods that are allowed in your service plan. 

SigningHub will use the selected method for users authentication. The selected method is also automatically configured for third party app callback on SigningHub login page, without any user interaction. 

Select the "None" option to disable the default authentication for this integration. In this case SigningHub will look for the authentication method configured in the users' role, and let them authenticate accordingly. If the users' role is also configured with the "None" authentication, then they will be asked to use their SigningHub ID for login.

The Microsoft Active Directory, Microsoft ADFS, Salesforce, and Microsoft Office 365 authentication methods also support the Single sign-on (SSO) provision.

Client Secret

Click the "Generate" link after specifying client ID and call-back URL. This will create a unique client secret (API key) for this integration. By default, the generated client secret is displayed partially masked to comply with the GDPR policy.

  • Click  to view it completely.
  • Click  to copy the client secret to the clipboard.




Integration Setings

Fields

Description

Default Authentication Method

Select the default authentication method for this integration, i.e. SigningHub, Active Directory, Salesforce, etc. The drop down is showing the list of public and private authentication methods that are allowed in your service plan. 

SigningHub will use the selected method for users authentication. The selected method is also automatically configured for third party app callback on SigningHub login page, without any user interaction. 

Select the "None" option to disable the default authentication for this integration. In this case SigningHub will look for the authentication method configured in the users' role, and let them authenticate accordingly. If the users' role is also configured with the "None" authentication, then they will be asked to use their SigningHub ID for login.

The Microsoft Active Directory, Microsoft ADFS, Salesforce, and Microsoft Office 365 authentication methods also support the Single sign-on (SSO) provision.

Default Role For External Users

This field is related to multi-tenancy functionality, see Configuration Guide.
Select a default role for all those users who don't belong to this enterprise, to make them use your custom signature settings. 

In this way when your enterprise document is shared with an external user through this integrated app, and they (external user) also sign it through this integrated app, SigningHub will supersede their personal/ enterprise signature settings with the ones defined in this role at the time of signing. 

The user roles can be managed from Enterprise Settings>Roles section.

 

Hide Documents from recipients

This field is related to multi-tenancy functionality and is used to hide your shared documents from the external users, see Configuration Guide
You can select any of the three options, i.e.:

  • None - this option will not hide documents from any recipient in a workflow. The external users will be able to view your enterprise documents that have been shared with them in their personal documents listing.
  • First - this option will hide documents from only the first recipient in a workflow. When a document is shared with the external users, SigningHub will not send any notification email to the first user (recipient). They can see and sign the shared document only by following the respective tight-integration link, as provided by the document owner. The shared documents will not be displayed even in the personal documents listing of the first user. 
  • All - this option will hide documents from all the recipients in a workflow. In this way, when a document is shared with the external users, SigningHub will not send any notification email to them. They can see and sign the shared document only by following the respective tight-integration links, as provided by their document owners. The shared documents will not be displayed even in the personal documents listings of external users. 

Allowed Domains 

Specify the domain(s) that are allowed to embed the Document Viewer within the iframe. Only the specified domains would be able to embed the Document Viewer within the iframe. 
Leaving this filed as blank will allow all the domains to embed the Document Viewer.

Collapse document viewer's recipient and document panels by default

Tick this check box to open the Document Viewer inside the tight integration screen with collapsed left and right (i.e. Documents and Recipients) panels. However, users can still open these panels by clicking their respective icons.

Keep this check box un-ticked if there is no such requirement. The Document Viewer will open with the left and right panels intact.




 Edit an integration instance

  1. Login with your enterprise admin credentials.
  2. Click your profile drop down menu (available at the top right corner).
  3. Click the "Enterprise Settings" option. 
  4. Click the "Integrations" option from the left menu. The instances of already integrated apps will be listed.
  5. Search/ move to the instance to edit and click  adjacent to it. The "Edit Application Details" dialog will appear.



  1. Edit the required content (i.e. Application Name, Call-back URL, or Default Authentication Method).
  2. Click the "Save" button.


Delete an integration instance 

  1. Login with your enterprise admin credentials.
  2. Click your profile drop down menu (available at the top right corner).
  3. Click the "Enterprise Settings" option. 
  4. Click the "Integrations" option from the left menu. The instances of already integrated apps will be listed.
  5. Select the instance(s) to delete and click  from the grid header.



The selected integration(s) will be deleted.


​1. In order to use the Single sign-on (SSO) facility in SigningHub, the "Default Authentication Method" must either be Microsoft Active Directory, Microsoft ADFS, Salesforce, or Microsoft Office 365.
2. The external users are those document recipients who are not a part of your enterprise. They would either be part of another enterprise, an individual user, or guest non-SigningHub registered users, and you require them to sign documents within a tightly integrated app environment. 
3. The availability of "Integrations" feature is subject to your subscribed service plan. If you cannot find this option in your account, upgrade your service plan.



See also

Assign custom roles to external users
Configure workflow completion report