• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

Authentication Method for CRF Bio Pharma settings

New Here ,
Nov 04, 2021 Nov 04, 2021

Copy link to clipboard

Copied

Question, Does anyone use Adobe Sign without the the reautentication of their user ID (email) and password?  This is a CFR setting within Adobe Sign . We use Azure for the authentication and single sign on but I would like to know if anyone out there is only using the corporate single sign on and authentication methd and not the one for Adobe Sign.

 

Look forward to thoughts.

 

Ralph

TOPICS
Manage security and compliance

Views

544

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Employee ,
Nov 05, 2021 Nov 05, 2021

Copy link to clipboard

Copied

Can you clarify your query, I'm not sure what you are asking. For CFR21 purpose, the rules require a signer to be authenticated before viewing the agreement/signing and also when the signature is applied.

Sign supports 2 types of authentication,

-Adobe Sign auth and

- Phone One time Pin auth.

 

The former will ask a Signer to login their Sign account before and after, and the method of login is determined by that Signers Sign account. If that Sign account is configured for SSO, then which ever system and rules of SSO will be used for that Signer.

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
New Here ,
Nov 05, 2021 Nov 05, 2021

Copy link to clipboard

Copied

Thnaks Simon for he reply.

I undrstand the non repudetation with Part 11.  Currently we have the system settings so that the user logs into Adobe Sign.  When they an agreement is sent for approval, they either log in or if lready logged in they sign the agreement and authentication is required. A one time phone pin is sent or using authenticator you confrim.

The question is, if we use the Adobe Sign Authentication, is the phone one time PIN setting necessary? 

We do hve SSO set up. 

Best Ralph

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Adobe Employee ,
Nov 05, 2021 Nov 05, 2021

Copy link to clipboard

Copied

LATEST

With Adobe Sign, you either use the Adobe Sign authentication, or the OTP authentication for a given participant.

You can use both at in the saem agreement for the same participant.

 

Now Adobe Sign auth means that the signer needs to have an Adobe Sign account. Therefore this method works best when the sender is sending the agreement to signer who are in the same Adobe Sign account as the sender (aka internal signers)

 

For external signers the sender may not know if the signer has an Adobe Sign account, so it's better to use the OTP option.

 

As said the Adobe Sign login is governed by the overall SSO setting for that Sign account. If the SSO is configured to do a Phone OTP, then that's something that is controlled in the SSO Id provider. (though I've not heard of OTP being used for SSO, more common SSO is to login in compnaycertificates/smart cards)

 

Wether that's overkill or not will depending on your company policies and/or GXP./cfr21 audit person.

Also this article and link to Montrium Sign validaiton pack for cfr21 compliance may be useful if you haven't seen it already:

https://helpx.adobe.com/uk/sign/using/21-cfr-validation-pack.html

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines