ConversaLabs Help Center
en
Language
pt_BR Portuguese (Brazil) en English es Spanish

Internal and external signing

Open in
View as Markdown Open in ChatGPT Open in Claude
Conversa Labs

Conversa Labs

Last updated on Jun 27, 2026

Overview

A contract usually has two sides: the contracted party (your issuing company) and the external signers (the customer and other parties). In ConversaLabs:

  • Internal signing is the contracted party's auto-signature β€” performed server-side, using the issuing company's details (and, for qualified signing, its A1 certificate).
  • External signing is done by the signers through a secure public page, with no need to sign up or log in.

You choose the signature's legal level based on the document's risk: simple (consent with IP and device record), advanced (with OTP by email/WhatsApp and a visual signature) or qualified (an ICP-Brasil A1 digital certificate, PAdES standard).

Prerequisites

  • Contracts module enabled and a contract generated from a template.
  • A registered issuing company (for the auto-signature). For the qualified level, it needs a valid A1 certificate.
  • To send the link to external signers, a native channel (WhatsApp or email) and the signers' contact details.

Step by step

  1. On the contract, define the signers (the contracted party and the external signers).
  2. Choose the signature level (simple, advanced or qualified).
  3. Send for signature: the link is delivered through native channels as a card with a button in the conversation.
  4. The contracted party signs automatically (server-side auto-signature).
  5. Each external signer opens the public page, reviews the document and signs.
  6. At the advanced level, the signer validates an OTP code and records a visual signature (drawn, typed or uploaded as an image).
  7. Once all signatures are complete, the final signed PDF is generated and the status becomes completed.

Settings & options

  • Signature levels:
    • Simple β€” consent with capture of IP, date/time and device.
    • Advanced β€” OTP by email/WhatsApp + visual signature (drawn, typed or uploaded).
    • Qualified β€” A1 digital certificate (ICP-Brasil), PAdES standard.
  • Auto-signature: the contracted party signs automatically with the issuing company.
  • Order and multiple signers: define who needs to sign.
  • Time-stamp (TSA): when configured, it strengthens the signature's legal validity.
  • Audit trail: each signature records IP, device, consent and timestamp (SHA-256).

Use cases

  • A customer signs over WhatsApp with OTP in a few taps, installing nothing.
  • A higher-value contract requires a qualified signature with an A1 certificate.
  • The contracted party signs automatically and just waits for the counterparty.

Tips, limits & best practices

  • Use the advanced (OTP) or qualified level for higher-value or higher-risk documents.
  • Make sure the signers' contact details are correct so the link is delivered.
  • For the qualified level, keep the A1 certificate valid and, if applicable, an accredited TSA configured.
  • Track the contract's status β€” it shows who has signed and what's still pending.

Troubleshooting

  • The signer didn't get the link: confirm the channel and contact details; resend if needed.
  • The OTP code doesn't arrive: check the signer's email/WhatsApp and try resending the code.
  • The qualified auto-signature failed: make sure the issuing company has a valid, in-date A1 certificate.
  • The contract won't complete: check that all signers have signed.

See also