eSign for Jira 2024 Q1 Updates Status: RELEASED Release Date: 2024-01-20

Index

#1 Pending Signature Placeholders

This update introduces Pending Signatures as placeholders for required signatures. These can be added to Issues via the Invite dialog or via the new workflow post-function.

Use Pending Signatures to indicate what Signatures Types are required for an issue, before any specific people are assigned/invited.

Creating Pending Signatures

Pending Signatures may be created via the Invite Signatures dialog or via a workflow post-function.

In the dialog select the “Pending” checkbox to create an Unassigned Pending signature instead of Inviting a specific person. It is supported to mix Invited users and Pending.

Notes

• Unassigned Pending Signatures are enforced by the Required Signature workflow validator.

• Pending Signatures will be automatically replaced by any Executed Signature or Invited User for the same Signature Type. (e.g. if Indira signs an issue for QA Approval, that will close off the Pending Signature for QA Approval.

• Only one Pending Signature of any Signature Type is permitted at one time. Duplicates will not be created by the Invite Dialog or Post Function, even if they run multiple times.

• Users with Invite privilege on Signatures can both create and cancel Pending Signatures.

• Customers with workflows requiring signatures on read-only issue states are supported. Initializing the Issue Signature Panel with 1 or more Pending Signatures will cause it to be displayed for all users (including read-only users), allowing them to sign.

#2 Signature Audit Events

Go forward Signature Audit Events are now collected and displayed in a separate Signature Audit tab in the Issue Active panel.

The legacy eSign Signature comments will still be added to issues if enabled in Project Settings, but may be disabled to reduce comments and the user notifications.

Audit Events in the PDF Archive Report

The PDF Archive Report has been updated and can display Audit Events if enabled in Project Settings. (Option is disabled by default).

Notes

• The new Audit Activity tab will only display after Signatures are initialized for an issue.

• Audit data is persistent, the administrator action to remove Signature data will not modify the audit data.

#3 One-Time Signature Pins

It is now possible to switch the eSign Signature Pins from the default Persistent mode to a One-Time Pin.

When One-Time Pin is enabled, for each Signature users will receive a new Pin via email that must be used to execute the next signature. As soon as it is used the One-Time becomes invalid.

For customers using Persistent Pins there is a new option to configure the maximum age of Persistent Pins (default is 180 days).

Enabling One Time Pins

Administrators can enable One-Time Pin mode in eSign App Settings. This setting will apply to all site users.

Notes

• One-Time Pins are valid for 30 minutes from time of issue or until used for a signature.

• The One-Time Pin is bound to the user, but not the issue. It can be used to sign any single issue.

• Users can use the Pin Request link to ask for a new pin to be generated and emailed. Doing so will invalidate the previous Pin.

• Users may not manually change One-Time Pins.

• Bulk Signature Executions use a single One-Time Pin.

#4 Webhooks expanded for Slack/Teams Notifications

The eSign Webhooks have been expanded to send additional event data that Jira Automation can use for advanced and custom notifications to Slack, Teams, email and any other action supported by Jira Automation.

Notes

• Webhooks can be configured on Signature (Execute), Invite, and Finalize.

• More examples are available in online documentation.

#5 Data Processing Residency available for Europe

eSign for Jira has added a new EU processing location. Customers now have the option to “Pin” their eSign app location to European Union, Germany or USA. Once pinned, the eSign server(s) in that location will perform all signature processing for that cloud site.

Note that eSign does not permanently store any end-user data outside of the Atlassian cloud. This change will have 2 key benefits:

1. For customers with EU compliance requirements, pinning the location to EU will ensure that signature data processing occurs with the EU.

2. Customers with Atlassian cloud sites located “closer” to the EU will notice faster response time when working with eSign as compared to the US hosted location.

Administrators can access and Pin apps within admin.atlassian.com. See this Atlassian article for more information on Data Residency. https://www.atlassian.com/software/data-residency

Application Residency and Diagnostics

To improve visibility, the eSign App Settings page now displays the current host location and measured client browser latency.

Access from Apps > Manage Apps > eSign Electronic Signatures > eSign App Settings

#6 Additional Items

• The PDF Archive report layout was streamlined and the Comments and (new) Signature Audit sections aligned.

• Added new email troubleshooting guide: How to Resolve Email Delivery Issues

• Changed display rule to hide the Issue toolbars (Add) Signatures button for users with read-only access if the Signature panel is not already initialized. This is being done to reduce confusion as Jira will silently block a read-only user from opening a new app panel. Recommendation is to use the Create Pending Signatures post-function to initialize the signatures before any read-only users need to sign so the button will be available (and functional).

• 2024-03-11 Improved display of Signature and Invite dialog on small screens to reduce user scrolling.

• 2024-03-11 Raised the Signature Type limit on the Invite dialog from 8 to 10.

• 2024-03-18 Add Project admin email notification for post function errors due to project security and permission issues

#7 Issues Resolved

• 2024-01-20 Resolved - The Show Void menu item could be clicked multiple times in the Issue Signature panel

• 2024-01-23 Resolved - Bulk operations screen opened with error for customers with no eSign App Settings configured

• 2024-01-27 Data Integrity - Added warning message when issues containing linked signatures were moved or cloned with third party apps.

• 2024-03-25 Signature Import - Update import routine to request Jira token refresh for long running imports

eSign for Jira 2023 Q4 Updates Status: RELEASED Released: 2023-10-08

Index

Signature Types (New) OCT 8, 2023

This update upgrades the Signature Meanings into a more flexible and configurable Signature Type. This provides the following benefits:

• Signature Types by default are available project wide for all issues. This is the default.

• Signature Types can be restricted to specific combinations of issue types and states. (e.g. Only Enhancements and Defects that are In Progress.

• Configure Signature Types to restrict what project role a user requires to execute the signature. A project role can be assigned to group(s) and/or user(s).

• Signature Types can be individually enabled/disabled. The sort order of signature types (e.g. in the signature meaning picklist) can be adjusted by editing the position. (Hint: Set position to 4.5 to sort between position 4 and 5.)

• Signature Types rules are also applicable to bulk operations (invites and signatures).

Restriction Rule Timing

1. Issue Type rules are enforced at Invite time. (e.g. If Compliance Review is only applicable to New Feature issue types, Compliance Review will not show on the invite dialog for other issue types).

2. All Signature Type rules are enforced at signature execution time.

   

Project Settings Automatically Upgraded

eSign will automatically convert existing project settings to the new signature type model. All signatures that are available today will continue to be available after the upgrade:

• Standard signature meanings will become open (unrestricted) Signature Types.

• Issue Type specific meanings will be mapped to issue type restricted Signature Types.

• Project wide status restrictions will be applied to all signature types.

It is recommended to review eSign Project settings after the upgrade if the team is considering using the new configuration options.

Signature Execution Usability OCT 8, 2023

a) For improved compliance, the Signature Meaning field now requires the user to explicitly select the Meaning if there is more than one available choice. Note if the user was invited to sign for a specific meaning that will be pre-selected.

b) The Meaning (if necessary) or Signature Pin field is automatically in focus when the dialog is opened to improve usability and keyboard navigation.

c) Errors encountered during signing now display inline within the the dialog.

Signature Invite Improvements NOV 4, 2023

Improvements to Signature Invites including:

• Unused Signature Invites are automatically cleaned up on Finalize of Signatures.

• The Invite dialog has been expanded to support up to 8 signature types.

• The Signature panel now shows how long each invite has been waiting.

  

Support for Multi-Role Signees NOV 4, 2023

For organizations that require the same person to sign for multiple roles in the same issue, it is now possible to configure eSign to allow this. Note that existing behavior is unchanged in that projects by default can only have One Signature per User (per issue status).

Embedded Image Rendering in Signature Archive PDF Report NOV 4, 2023

With this new enhancement (attached) images embedded into issue Description fields or Wiki formatted customer fields can now be rendered into the PDF Signature Archive reports.

Images of gif, jpg, and png up to 1 MB in size are supported. Larger images will be replaced with a thumbnail.

Email Notify on Invite OCT 8, 2023

It is now possible to configure whether eSign will send an email to invited users. By default email notification is enabled.

Voiding individual Signatures and Cancelling individual Invites DEC 21, 2023

New options to Void individual Signatures and Cancel Invites are available from the row menu (…) in the signature panel.

Void Signature

Void Signature is available to the signee, owner and admins. Note that only signature captured within the current Jira issue status can be voided. Finalized signatures can not be modified.

Cancel Invite

Cancel Invite is available to Signature owners and admins.

New Signature Admin Post Function - Cancel Pending Signatures DEC 21, 2023

A new workflow post function is available to Cancel Pending Signatures during a transition.

Additional Items

• Invite dialog - Prevent accidental submission with Enter key

• API Security improvements

• 2023-10-22 Address wrapping of custom fields with very long names in PDF archive

• 2023-10-22 Correct background color theming of signature panel table header

eSign for Jira 2023 Q3 Updates Status: RELEASED Released: 2023-07-21

Support the new Jira Dark Theme

eSign for Jira now supports both the traditional Light theme and new Jira Dark theme. Screens will adapt to the theme to align with the current Jira mode.

The option to switch Jira between Light and Dark themes is under the “Your Profile and Settings” menu > Theme..

Dark Theme

Light Theme

Workflow Post Function - Signature Invite by Group

Released 2023-06-18

The Signature Invite post function can now be configured to Invite By Group. With this option, all members of the Atlassian Group named will be invited to sign.

Workflow Validator - Required Signatures Group Search

Released 2023-06-18

The Signature Validator group selector was upgraded to provide a search function. This will allow customers with many groups (e.g. 100+) to attach them to the validator.

PDF Signature Archive

Released 2023-06-04

• Display of wiki rendered tables enabled for description and custom text areas.

• Custom field rendering added for “float”.

• Additional protection added for unsupported custom field rendering errors.

• JUNE 25 Notify user and project lead via email if the PDF signature archive report could not be attached to the issue.

Additional Items

2023-06-04 Content Security Policy enforcement enabled for eSign.

2023-06-04 Improved error messaging when Atlassian API requests time out (after 30 seconds).

2023-07-04 Fix issue with required signatures workflow validator expression not allowing a pass with empty group list configured.

2023-08-04 Fix issue with excessive notification emails when signature archives were not enabled for a project.

2023-09-05 Improve messages when eSign is not enabled for a project.

2023-09-14 Improve error message when eSign access is blocked by Jira project security settings.

eSign Document Management - New in 2023

In 2023 the eSign team released eSign Document Management for Confluence. If your team needs a comprehensive document review, approval, release workflow plus an integrated training module, powered by the eSign electronic signature engine.

View a 5 minute demo here: https://www.youtube.com/watch?v=kWjAzZRy2Wo&t=1s

eSign for Jira 2023 Q2 Updates Status: RELEASED Released: 2023-04-01

Contents

eSign Document Management

The eSign team has released a NEW app, eSign Document Management for Confluence. Take a look if your team needs a comprehensive document control solution that features the eSign electronic signature engine.

View a 5 minute demo here: https://www.youtube.com/watch?v=kWjAzZRy2Wo&t=1s

Added Integration with Jira Automation

With this update it is now possible to trigger Jira Automation rules via webhooks configured against eSign events. This will make it possible to automatically transition issues to a new status after signing, for example.

Enable the webhooks in eSign Project Settings. See the eSign Guide - JIra Automation Integration for more information and examples

New PDF Signature Archive customization options

As requested by a few customers, the PDF Signature Archive report can now be customized to show or hide Attachments and or Comments.

Default behavior is still to include all attachments and comments (unchanged). Adjust this in eSign Project Settings.

PDF Signature Archive - Improved Compliance Options

To assist with compliance to internal quality and regulatory departments, the following updates have been made to the PDF Signature Archive report:

1. The dates and time formats for all Jira standard and custom fields are now aligned with the regional and timezone context of the signature page. Previously custom Jira date and date/time fields sometimes were presented in different formats.

2. Standard and custom fields configured to display in the Archive report are now displayed as N/A if they are empty.

3. There is a new project setting to override all the date/time formats to be displayed in ISO 8601 format to address customers who require a full numeric and standards based date format in their formal documentation.

User Profile - Account Type added for JSM clarity.

The eSign User Profile now shows the Account Type field to assist with visibility and diagnosing issues on the Jira Service Management portal. The Account Type (Atlassian or Customer) determines how signatures operate within the portal.

Atlassian accounts have full signatures; the Execute Signature dialog operates the same way whether signing in the portal or within the Jira environment. These signatures are restricted by eSign Security settings (standard or advanced).

Customer accounts have limited signatures, they do not have a Pin and cannot choose a signature meaning. Customers accounts can sign any service request they have access to see.

Additional Items

• Improvements to some error dialog handling and formatting

• Security updates

• Technical library updates

• 2023-05-02 Minor layout adjustments to PDF Signature Archive report

eSign for Jira 2023 Q1 Updates Status: RELEASED Released: 2023-01-14

Contents

Signature Issue Type Restrictions and Meanings

It is now possible to choose which Issue Types (e.g. Epic, Enhancement, Task) in a project can have Signatures, and for each of those Issue Types configure an individual list of signature meanings (e.g. Dev Approval, QA Approval, Compliance Review).

Combining this option with Jira Issue Type specific workflows and eSign validators and post functions can allow customers to have very different approval paths for each issue type.

The Issue Type specific meanings are displayed in the Execute Signature , Invite Pages, as well as the bulk Sign/Invite options.

Configure the Issue Type restrictions in the eSign Project Settings page.

Extended Signature Verification for Built-in and Custom Issue Fields

In response to customer requests, we are please to announce that eSign for Jira has added support for Extended Signature Verification. With this enhancement, eSign can be configured to verify additional Jira built-in and/or custom fields have not been modified since signing.

In default field verification mode, captured signatures are checked against the issue Summary, Description, and Attachments. Now additional fields can be included with the signature verification. The issue history is searched for changes to any additional fields after a signature.

Globally Enable or Disable Signatures for all projects

For customers that have many Jira projects it is now possible to disable eSign for all projects, and selectively enable it for projects that require Signatures. Find this new option under Apps | eSign App Settings.

The eSign Project Settings page has been updated to make it clear what global setting is in place.

1. Resolved issue with workflow required signatures validator unable to access/verify group memberships for certain users.

1. The Verify Signatures feature now opens within a dialog to maintain issue context and improve usability. Ability to save and print verification reports remains. Note that Bulk Verification Reports, available from Advanced Search, still generates full page reports for up to 50 issues at a time.
   

   

2. CDN Consolidation - external app resources that are loaded from content delivery networks have been streamlined to use a single primary CDN.

3. Security Updates - A content security policy and other security improvements were applied.

1. Signature Execution - Email Capture

For additional traceability the user email address is now captured with every executed signature.  The email is displayed with the User name on hover in the Signature Panel, and on both the Verification Certificate and PDF Signature Archive.

Example: Signature Panel in Jira Issue

Example: Verification Certificate

Example: PDF Signature Archive

1. Workflow Enhancements

The Invite and Reset workflow post functions were updated to handle concurrency to allow both workflow functions to be attached to the same transition.

TIP - As the invite post function references the current issue fields, ensure the it is added after the “Update change history for an issue and the issue in the database” step so that the current value of the invitees field set during the transition is sent to eSign.

2. Security Enhancements

Various hardening and security improvements were applied.

1. Workflow Enhancements - Void Signatures by Status

For customers that have complex/mult-stage signature workflows, the Void post function has been enhanced to allow selecting for which Status the signatures should be voided. This can be useful where the issue workflow is being reverted back to a previous state and some (but not all) of the signatures need to be voided and re-executed.

Pre-Existing Void post functions will continue to void All signatures as before.

2. Service Management Portal

For customers that require Signatures within a service management project, but do not require external help desk users to sign, eSign can now be disabled only for the Service Mgmt Portal. A new setting in the eSign Project Settings page will control the display of signatures and the signature profile within the Portal

As part of this change the Signature Profile page (used to set Signature Pin and review language and timezone settigns) has been moved into the request links area for better visibility.

3. Other Updates

• Minor update to the eSign Invitation email format to support Jira project keys that match reserved words and improve escaping for certain email clients.

• Static resources max cache age have been extended to reduce reload frequency.

• Switch certain resources to an alternate CDN to improve international support.

1. Service Management Portal - additional enhancements for internal Jira users.

With this update Internal Jira users (e.g for an internal help desk) can now view signatures on their raised service requests without requiring project level browse access.

Note that permission to Execute signatures requires either Edit issue OR use the Advanced Security option to grant eSign Execute Signature to a specific group. See Project Settings for more information on Advanced Security.

2. Support Documentation Moved

eSign online support documentation has moved to https://support.esign-app.com.

3. Security Updates

• Security update in workflow administration

1. Service Management Portal now supports internal user signatures

The eSign functionality has been extended within Jira Service Management to allow full Atlassian user accounts to sign service requests within the portal, in addition to external customer users.

This enhancement introduces the following changes.

• As before, customer accounts (customers) may sign service requests with an assertion checkbox.

• Atlassian User accounts (users) may now view and sign requests within portal.

• Users will be required to enter a Signature Pin and Meaning to sign.

• Users/Customers with access to a Service Request will see all signatures on that request.

• The eSign User Profile page is now available in the JSM Portal to allow Users to set or reset their Pin.

• Users/Customers may only sign each request once within the Portal.

See https://support.atlassian.com/atlassian-account/docs/what-is-an-atlassian-account/ for more information on the difference between Atlassian accounts and Service Management customers.

2. Signature Meanings Extended

The limits on Signature Meanings have been raised.

• Each project can configure up to 15 distinct signature Meanings

• Each Meaning having a maximum length of 24 characters.

• The length of the Meaning pick lists in the Execute Signature (sign single issue) and Bulk Execute (sign multiple issues at once) have been extended to show the longer meanings.

3. Faster Finalize with PDF Archiving

PDF Signature Archiving has been moved to background processing so that users do not have to wait for the PDF archive during the Finalize. Now after the Finalize is complete the Signature Archive process will start. Archiving will usually complete in less than 30 seconds.

4. Other Items

• eSign User Settings page renamed to eSign User Profile to align with Atlassian User Profile conventions.

• Minor UX updates for branding