Overriding Transition Authentication Options

You can set transitions to require that users provide their login ID and password for specific transitions. The transition will fail if users do not provide the correct login ID and password or if they attempt to provide the login ID and password of another user.

This setting can be defined for the workflow in SBM Composer, but you can override it in Application Administrator for transitions in projects.

You can also associate a Date/Time field to this authentication method to record the time each user performed the transition. This record is stored in the transition section of each item’s Change History section. Consider the following information when selecting a Date/Time field for transition authentication:

Consider naming the Date/Time field so that it is clear that is used for transition authentication. Examples include "Authentication Time" or "Electronic Signature recorded at:".
Only custom Date/Time fields that are set to display the date and time or date only are available for this option.
System fields and deleted fields cannot be used for transition authentication.
The Date/Time field specified for transition authentication is always populated when the transition is executed. To prevent users from changing the date and time, consider moving the field to the Hidden Fields section or another section controlled by privileges. You can also set the field as read-only.
Change history for transition authentication is not recorded on Submit, Copy, or Delete transitions.

The authentication methods used by your system impact how transition authentication options are applied. Your administrator can provide information about system authentication methods, but you should consider the following information when setting authentication options for transitions:

If your system uses NT Challenge/Response or Single Sign-On (SSO), passwords are checked against internal SBM passwords. Users should synchronize their SBM passwords and their network passwords, unless they choose to specify a unique password for authenticating transitions.
If your system uses LDAP authentication, LDAP handles password verification.
Authentication settings apply only to transitions that are executed manually by users. Automatic transitions that require authentication will fail. Use care when setting authentication options for transitions that are executed as part of actions, by e-mail submission, or by API programs.
Smart Card users log in by selecting a certificate with their PIN rather than their SBM password. However, if SBM is configured to authenticate transitions, Smart Card users need to establish an SBM password to complete transition authentication requests.
The password that is sent in response to the transition authentication request is not encrypted. Consider setting up SSL in Internet Information Services (IIS) to encrypt user passwords.

To override transition authentication options:

From the Projects view, select a project, and then click Details.
Select the States/Transitions tab.
Select a transition, and then click Details.
In the Authentication area, select the Override check box.
Select the Required check box to require users to authenticate for this transition; clear the check box to remove this requirement.
From the Date/Time Field to Update list, select the field that will be used to record the authentication in the Change History section.
Note: You are not required to select a Date/Time field for transition authentication, but the action is not recorded in the Change History section unless you do so.
Save your changes.