View Products Overview

Collect information to use in contracts and agreements.

Create contracts swiftly through templates, AI, or create and edit your own.

Route contracts seamlessly for editing, review, and approval.

Easily work with internal and external participants to edit and redline contracts in real-time

Capture secure, compliant, and legally binding signatures on any device.

Connect to the systems you use daily, or build into your application with our APIs.

Knowledge Based Authentication (KBA) Configuration

View our Pricing & Plans for a detailed list and comparison of features available in each plan.

KBA is a security measure to identify and authenticate a user before giving access to information or documents. KBA transactions are tracked on the Billing page (in Settings).

In this article:

  • Configure KBA
  • Prepare and send a document for signing with the KBA
  • Your signer’s experience

Before you Begin

You need to prepare the workspace and follow some general guidelines:

  • Organization plan – Your organization must be on a plan that supports KBA.
    • Our Sales or Customer Success teams will assign the KBA flag.
  • Workspace Required Token Permission – The workspace (belonging to the above organization) must have one or more API access tokens generated that have the following permissions:
    • Start Quick Sign
  • KBA is only currently available for the Signature API.

Configure KBA

The Signature API has a new security option, KBA, that can be configured for each signer.

You can add the configuration option in the `signers[n].security` object to enable KBA for signer ‘n’ (For details, see securityObject and kbaObject under Start Signature Process.):

  "kba": {
    "maxAttempts"?: 3,
    "firstName"?: "John",
    "middleName"?: "Fitzgerald",
    "lastName": "Doe",
    "suffix"?: "JR",
    "email": ""

This will return the existing standard Signature process response.

Prepare and Send a Document for Signing with KBA

After you have configured your organization for KBA, you can include/use it when sending a document for signing to verify your signer before giving them access to sign your document. Use the following as guidelines to perform this using the API:

  1. Upload the document you want to send for signing. 
  2. Place the fields on your document. 
  3. Start the signature process.

If an originator wants to use custom fields (instead of the default page appended to the end of the document with signature and date fields) they will need to provide the same `formDefinitionId` to the fields and signatures API calls.

Your Signer’s Experience

The signer will:

  1. Receive an email informing them they have a document awaiting signature.
  2. Fill a form to identify themself.
    • The intended signer (as indicated in the `signers[n].contactMethod`, NOT in the `signers[n].security` object) will first see the following prior to signing:
      Screenshot of KBA identity verification
  3. After their information is identified / matched, they can answer a timed five question quiz of their history to get authenticated.
    Note: If a match is not found, they are prompted for more identifying information about themself, such as their phone, address, and SSN. Once they are identified, they can answer a timed five question quiz.
    KBA Identity Quiz

    • If they successfully complete the quiz in the set time, they are authenticated and the document is provided to them for signing.
      Sample of a document to sign with the signature field at the top right:
      KBA Sample Document
    • If they are unsuccessful in completing the quiz in the allotted time or fail to answer the questions accurately, they can retake the quiz till they succeed or exhaust the maximum number of attempts.

Related Information

Additional Resources

Need more help getting set up? Contact us for assistance from our customer support team.