Workflow Manager – v1.16.0-RC3
Introduction
Operation guide Integration guide API reference

Goodflag Signature Electronique

This is the official Goodflag Signature Electronique documentation. If you have any problems or requests, please contact us.

The Workflow Manager is a product from the Goodflag product line that lets you create electronic signature workflows. Here are the different components that the solution relies on:

Users

The Users section shows the different types of users in Goodflag:

  • Business application: application that calls the Workflow Manager API.

  • Portal user: person who accesses the Workflow Manager portal via his web browser.

  • Signer: person who signs documents in his web browser via the consent page. The certificate used by the signer to sign the documents can be either a long-term certificate issued by a trusted Certification Authority, or a short-term certificate issued by the Trust Service Provider through the Goodflag platform.

Service Provider

The Service Provider section shows the legal entity that hosts and operates the Workflow Manager:

  • Portal: HTML5 application served by the Workflow Manager to let the portal users create and manage workflows.

  • Workflow Manager: Goodflag component that hosts and orchestrates signature and approbation workflows.

  • Relying parties:

    • Identity Provider: authenticates the portal users.
    • Email Provider: sends notification emails.
    • Timestamp Authority: produces timestamps to make the signatures AdES compliant.

Trust Service Provider

The Trust Service Provider section shows the legal entity that operates the services that issue short-term certificates and generates electronic signatures:

  • Consent page: HTML5 application that drives the signer through the consent process and the signature creation. The signed documents can either be part of one or several workflows.

  • Certification Authority: issues short-term certificates for the signers.

  • Evidence Manager: Server component that collects the signature evidences and produces the evidence files.

  • Relying parties:

    • Identity Provider: can be used to authenticate the signers in the consent page, before the signatures.
    • Email Provider: sends one-time passwords by email to the signers before the signatures.
    • SMS Provider: sends one-time passwords by SMS to the signers before the signatures.
    • Timestamp Authority: produces the timestamps of the evidence files.

Note that the Service Provider can be either a third party, that is in this case a client of the Trust Service Provider, or in some other cases, the Trust Service Provider itself.

©