Hi,

I think you should check in the Settings menu >>>> Security settings >>> Authentication Settings

>>>Recipient Authentication Settings

If the option "Any recipient must authenticate on every envelope sent from this account" is set, each time you are sending the envelope, you have to choose any of three authentication method (sms, phone call, knowledge base).

more info here: https://support.docusign.com/guides/ndse-admin-guide-security-settings

Regards

Thank you very much Tomasz. That solved it! Your help is much appreciated. Cathy

Tomasz, I want to use the setting as you specified but do not get any option to choose any of the three authentication methods. When I add a recipient, I can add name, email address, and an optional Access Code but there is no interface for authentication method, I just get the error when I click Next. Please advise.

Hi Michael,

according to DocuSign, an Access Code is not a method of identity verification and then you get the error.

On envelope creating screen, on recipient tab you should can see "customize" dropdown (upright of the recipient tab) and "Add Identity verification" under it. After clicking it you should can see the ID verification dropdown under recipient tab with 3 methods of verification. Can you see it?

It might be you cannot see the "Add identity verification" option under the mentioned dropdown, but it probably means you have no feature enabled. But in this case you shouldn't get the error and/or be able to set option "Any recipient must authenticate on every envelope sent from this account". Have you got this option in Settings menu?

Please let me know how it looks like - I will try to help.

Regards

I'm not this option under the customize drop down.

Tomasz, thanks for the reply. I do not see "Add Identity verification" as an option in the recipient customize screen. I see "Add an access code" and "Delete Recipient". Perhaps it is because I am not using a business account.

I am testing this specific feature because by default, DocuSign uses link-based authentication, meaning whoever has the link is automatically considered to be the person it was emailed to, even if it is not that person. Emails with links to sign can be forwarded, intercepted, the link can be exposed to other persons who can use it to sign the document. We can't require login, which is the optimal authentication method. Using the access code is better than nothing, but requires an additional step of sending the access code to each recipient separately. I was hoping that the Authentication setting could be used, but the docs say the only methods are SMS, phone, or knowledge-based ID. If it allowed for email authentication it would be better, and make more sense.

HI Michael,

If you use dev or test account there is no authentication methods unless you request it in DocuSign.

Regarding your statement about link-based auth - you are right. For most of the business life processes it is enough. Corporate rules regarding email boxes access are quite strict now and for my customers it doesn't bring any legal issues. For B2C relations I always recommend SMS or Phone authentication to make the process safer.

There are some more authentication methods like ID verification that uses national ID scan for authentication (that brings some more costs and GDPR questions). If the process is very important you may use QES (if its EU). But in general SMS authentication works fine. Email authentication that you mentioned is not a case - If the link is being sent via email, then the process IS email-based, isn't it?

Tomasz, agreed that SMS authentication is more reliable, but rarely would my staff have the mobile numbers of document signers. If we could force email authentication, at least it would prevent false signing by someone who got the link but does not have access to the mailbox. Thanks for your time, and take care!

I have the Authentication requirement enabled under Security Settings, but I still get the error message “Each recipient must have an authentication type specified.” and there’s no drop down menu under Customize to select an Authentication Method. 

I don’t know if my account supports this feature, but if it doesn’t, why does DocuSign allow me to select the Authentication requirement under Security Settings in the first place? 

I am running into the same issue as described above. I currently have in my setting checked “The sender can require that a recipient must authenticate on any envelope sent from this account” however when i send an envelope there is no option for me to require a signer to authenticate.