Elena Fedianova

Nikita Kalinin

Digital signature for Bitrix24

Bitrix24 is a robust system with tools to help you manage every aspect of your business. With Bitrix24 documents, you can create document templates (contracts, deeds, invoices), save them, use them in tasks, document approval processes and more.
However, there is no feature that allows placing digital signatures on documents in Bitrix24 - docx, pdf. 

One of our clients wanted to be able to use digital signatures in with Bitrix24 documents. Due to the size of the company, it has huge document circulation.

We developed and implemented digital signature for Bitrix24.


Our implementation comprised of the following tasks:

  1. Placing a digital signature button on the page where it can be used in Bitrix24 CRM.

  2. Creating a feature to paste digital signature signet into PDF file within Bitrix24. A signet is an image with the digital Signature.

  3. Creating a map of users with digital signatures in Bitrix24. A user can have multiple digital signatures, and choose which one to use from the drop down menu.

  4. Developing a function that enables the CRM admin create a self-signed digital signature for internal use. This digital signature isn't legally binding. It can only be used for signing internal documents.

  5. Giving the Bitrix24 administrator the right to match digital signatures to Bitrix24 users.


If your company organizes document approval processes regularly, we developed a module to automate this process.
It will reduce physical documents in circulation, reduce the cost of, and optimize document approval processes.



How does our digital signature for Bitrix24 work?


A SignService Daemon authenticates users through OTP-based* authentication.

*OTP -- one-time password

Each “sign” request is authenticated with a time-based OTP. Every user who needs to sign documents should set up an OTP generator on his mobile phone and synchronize it with the SignService. This is a one-time act.

We used FreeOTP. It works completely offline and generates a new password every 30 seconds. Password sequences are different for all users, and passwords are never sent via network which makes them secure.

Employees can use the same set of digital certificates. More than one certificate can be installed onto a USB token, but it is always clear who clicked the ‘sign’ button in Bitrix24, because it is recorded in the deal history. Additionally, the SignService logs all sign operations.

Mapping users' digital signature certificates allows assigning Bitrix24 users to self-signed certificates. The Administrator specifies what certificates each user can use.


How to use digital signatures for Bitrix24 documents

For example:

We have an employee, Mary, who needs to sign documents in Bitrix24.

Given:

1. Mary, employee;

2. Mary uses her login “mary” to log in to Bitrix24

The system administrator needs to follow the steps below:

1.    Log in to SignService Control Panel.

2.    Create an account for Mary by filling in three fields

1.    Login = Mary (must match with Mary’s Bitrix24 login)

2.    Description — any information about Mary. This is to help the administrator know exactly which Mary in cases where there are other users with the same names.

3.    Disable OTP (ensure deactivated) — allows any user who says “I’m mary, but can’t prove it” to sign documents without entering a one-time password.

3.    Generate a link for setting up an OTP(The link is valid for 1 hour).

4.    Send the link to Mary by e-mail.


To sign a document using any of her available digital signatures, Mary needs to:

  1. Install FreeOTP mobile application.

  2. Open the link she received via e-mail. A QR code will appear.

  3. Scan the QR code with FreeOTP app. A new generator will be created and configured.

  4. Open the Bitrix24 document where she wants to place the digital signature - For example, a CRM Deal with an attached PDF.

  5. Click  the ‘Sign’ button.


6. In the window that appears:

1.    Choose a certificate from USB eToken (you should be able to store at least 10 certificates per eToken)

2.    Enter the OTP from the FreeOTP app. 

3.    Check the "visual signature" box to have a visual representation of signature placement

4.    Specify what page to place the digital signature. For example; on first / last page.

5.   Choose the signature position on the page. Six clickable fields represent relative positions: top / bottom and left / center / right. A Blue signature icon indicates the selected position. Also, a text description of the selected position is displayed on the right.



7. Click ‘Sign’ button and wait for 10-30 seconds for the digital signature to be placed on the document.



8. When the signing process is completed, the original PDF will be replaced with the signed version.




Digital signatures for internal use

For signing internal documents, we don’t only use USB tokens but also generic certificates. 

Users can have their own Certificate Authority (CA) issue certificates for internal use. CA allows installing just one root certificate on every employee’s workstation and all certificates issued with his CA are considered trusted.

This signature has no legal power, but is convenient for signing internal documents.



Results of the project

We successfully implemented digital signature for Bitrix24 documents.  A Bitrix24 administrator can map digital signature to the users, and users can sign documents in Bitrix24.

It is easy to use and has a lot of advantages:

  • It’s time-saving,

  • Employees can sign documents during out-of-office work or while on vacation, 

  • Signed documents can’t get lost,

  • Every document signed with a token is legally binding.

  • It is secure.


Do you want to move all your business processes online and automate them? 

Send us a message!



  • 09.08.2022