Embedded signing in CFR Part 11 accounts
DocuSign has recently announced a new feature that enables embedded signing with CFR Part 11-compliant accounts. This move is a significant development for organizations that operate in regulated industries and need to implement embedded signing while complying with the Code of Federal Regulations (CFR) Part 11 guidelines.
This new feature allows customers to leverage DocuSign e-signature technology while adhering to the stringent requirements of CFR Part 11. This feature includes robust security controls, electronic signature verification, and the ability to create and maintain an audit trail of all document-related activities.
Creating an embedded signing session
Provided below is a sample code in Python to send a document using DocuSign in compliance with CFR Part 11, provided you have already obtained your oAuth token:
## Create Envelope Definition ##
@classmethod
def make_envelope(cls, args):
"""
Creates envelope
args -- parameters for the envelope:
signer_email, signer_name, signer_client_id
returns an envelope definition
"""
# document 1 (pdf) has tag /sn1/
#
# The envelope has one recipient.
# recipient 1 - signer
with open(path.join(demo_docs_path, DS_CONFIG["doc_pdf"]), "rb") as file:
content_bytes = file.read()
base64_file_content = base64.b64encode(content_bytes).decode("ascii")
# Create the document model
document = Document( # create the DocuSign document object
document_base64=base64_file_content,
name="Example document", # can be different from actual file name
file_extension="pdf", # many different document types are accepted
document_id=1 # a label used to reference the doc
)
# Create the signer recipient model
signer = Signer(
# The signer
email=args["signer_email"],
name=args["signer_name"],
recipient_id="1",
routing_order="1",
identity_verification={ "workflowId": session['workflow_id'], "steps": "null", "inputOptions":[{"name":"phone_number_list","valueType":"PhoneNumberList","phoneNumberList":[{"countryCode":args["country_code"],"code":"1","number":args["phone_number"]}]}], "idCheckConfigurationName":""},
# Setting the client_user_id marks the signer as embedded
client_user_id=args["signer_client_id"]
)
# Create a sign_here tab (field on the document)
sign_here = SignHere(
# DocuSign SignHere field/tab
anchor_string="/sn1/",
anchor_units="pixels",
anchor_y_offset="-30",
anchor_x_offset="20"
)
# Add the tabs model (including the sign_here tab) to the signer
# The Tabs object wants arrays of the different field/tab types
signer.tabs = Tabs(sign_here_tabs=[sign_here])
# Next, create the top level envelope definition and populate it.
envelope_definition = EnvelopeDefinition(
email_subject="Please sign this document sent from the Python SDK",
documents=[document],
# The Recipients object wants arrays for each recipient type
recipients=Recipients(signers=[signer]),
status="sent" # requests that the envelope be created and sent.
)
return envelope_definition
## Create Envelope ##
envelope_args = args["envelope_args"]
# 1. Create the envelope request object
envelope_definition = cls.make_envelope(envelope_args)
# 2. call Envelopes::create API method
# Exceptions will be caught by the calling function
api_client = create_api_client(base_path=args["base_path"], access_token=args["access_token"])
envelope_api = EnvelopesApi(api_client)
results = envelope_api.create_envelope(account_id=args["account_id"], envelope_definition=envelope_definition)
envelope_id = results.envelope_id
## Create Recipient View Definition ##
recipient_view_request = RecipientViewRequest(
authentication_method="None",
client_user_id=envelope_args["signer_client_id"],
recipient_id="1",
return_url=envelope_args["ds_return_url"],
user_name=envelope_args["signer_name"],
email=envelope_args["signer_email"]
)
## Initiate Embedded Signing ##
results = envelope_api.create_recipient_view(
account_id=args["account_id"],
envelope_id=envelope_id,
recipient_view_request=recipient_view_request
)
return {"envelope_id": envelope_id, "redirect_url": results.url}
This code sets the envelope to use CFR Part 11 settings. This means that the signer will be required to use a digital signature to sign the document, they will be required to enter an access code to view the document, and they will be required to specify the reason for their signature.
To run this code, you will need to have the DocuSign Python SDK installed. You can install the SDK by running the following command:
pip install docusign_esign
Once you have installed the SDK, you can run the code by saving it as a Python file and then running the file from the command line. For example, if you saved the code as send_document_for_signature_cfr_part_11.py, you would run the code by running the following command:
python send_document_for_signature_cfr_part_11.py
This will send the document for signature to the specified signer. The signer will receive an email with a link to the DocuSign signing page. The signer can then select the link and sign the document using their digital signature, enter their access code, and specify the reason for their signature.
DocuSign's CFR Part 11–compliant accounts provide organizations with a range of tools and controls that enable them to use electronic signatures while meeting the strict requirements of CFR Part 11. By using this embedded sending, organizations can streamline their document management processes, reduce the risk of errors and non-compliance, and improve overall efficiency and productivity.
