Missing signature required 2nd signer to sign
Friday, January 27, 2023 at 09:21amHi ,
I have a package (see attachment for the package details), there are 2 signers required to sign the package (1st signer required to sign form 6249 and form Healthcheck, 2nd signer required to sign form 6249). From signers, they have same email, and use SSO as authentication method.
for 1st signer signing: which is good
Actual result: when 1st signer launched signing ceremony, it prompted to sign form 6249 and form Healthcheck
Expected result: when 1st signer launched signing ceremony, it prompted to sign form 6249 and form Healthcheck
for 2nd signer signing: which is not expected
Actual result: when 2nd signer launched signing ceremony, no signature required to sign
Expected result: when 2nd signer launched signing ceremony, it prompted to sign form 6249
could you please review the scenario and to see if 2nd signer behavior is correct or not?
thanks,
Cindy
Reply to: Missing signature required 2nd signer to sign
Friday, January 27, 2023 at 09:58amHi Cindy,
Thanks for your post! Because it's Signer SSO + signers sharing the same email, it will take some time to set up a similar environment. Just a quick question that in your Active Directory, the recipients are having the same email and names as configured in the package (signer1 [email protected], Joan1 River1; signer2 [email protected], Joan2 River2), right?
Duo
Duo Liang OneSpan Evangelism and Partner Integrations Developer
Reply to: Missing signature required 2nd signer to sign
Friday, January 27, 2023 at 09:59amThis is only have in the remote eSig scenario, when the signer launch signing ceremony from email.
Reply to: Missing signature required 2nd signer to sign
Friday, January 27, 2023 at 10:06amHi Cindy,
Do you by any chance have the package ID of this transaction? Want to check if signer1 has signed all the signatures, including the ones assigned for signer2.
Duo
Duo Liang OneSpan Evangelism and Partner Integrations Developer
Reply to: Missing signature required 2nd signer to sign
Friday, January 27, 2023 at 10:10amHi Duo,
No, in AD, only 1 person setup, but the package is allow to use the same email for different signer, so we'd like to test it.
Reply to: Missing signature required 2nd signer to sign
Friday, January 27, 2023 at 10:14amHi Cindy,
I see, that might be the case of issue. When signer logged in via SSO, the IDP will send first/last name and email to OneSpan Sign, which will be checked against the package JSON signer list to identify which signer is currently signing. Although the email can be shared across signers, but the name + email combination will still be the unique identification.
Duo
Duo Liang OneSpan Evangelism and Partner Integrations Developer
Reply to: Missing signature required 2nd signer to sign
Friday, January 27, 2023 at 10:39amHi Duo,
from the package signer list, signer1 and signer2 firstname and last name are all fake, only email address is correct and registered in our AD, in this case, how to identify?
Reply to: Missing signature required 2nd signer to sign
Friday, January 27, 2023 at 10:43amHi Cindy,
From my understanding, I think it's a general rule that the name and email should be the same in both AD and package JSON. Mismatch information could result in errors during SAML authentication.
Duo
Duo Liang OneSpan Evangelism and Partner Integrations Developer
Reply to: Missing signature required 2nd signer to sign
Friday, January 27, 2023 at 10:44ambut in my case, the name is fake, and email is correct. the signer is able to launch the signing ceremony via email though. any idea?
Reply to: Missing signature required 2nd signer to sign
Tuesday, January 31, 2023 at 09:20amHi Duo,
I found another scenario, it seems very odd.
1) I created a package in my account ([email protected]), the package has 2 signers, both email is '[email protected]' which is the sender UI account in OSS, and I get 'error.validation.userAddition.duplicateEmailUsage' error, which is expected as
https://community.onespan.com/documentation/onespan-sign/guides/admin-guides/user/account-level-features
2) I created a package in my account ([email protected]), the package has 2 signers, both email is my account '[email protected]' , in this case, the package is successful created and sent, the only unexpected is there supposed to have 2 signers, now it became 1 signer.
any idea for 2nd scenario?
thanks,
Cindy
Reply to: Missing signature required 2nd signer to sign
Tuesday, January 31, 2023 at 01:29pmHi Cindy,
I can reproduce the same that with the second scenario, instead of returning an error, the package was created unexpectedly.
From my test, I believe this occurs when the duplicated email refers to the transaction sender (specifying sender with account owner's API Key also triggers this issue). I think it's more of an inconsistence that in this scenario, the API should also return the error like the first scenario does. If you preferred, we can report this to support and R&D team.
As a temporary workaround, you can add an additional check in your local that if the sender's email appears in multiple times, throw the duplicateEmailUsage error.
Duo
Duo Liang OneSpan Evangelism and Partner Integrations Developer