Field Control with Electronic Signatures in D365FO – No Security Roles Required

Field Control with Electronic Signatures in D365FO – No Security Roles Required

Mallesh Deshapaga Mallesh Deshapaga

Mallesh Deshapaga

MS Dynamics 365 F&O || Functional Consultant || SCM | AWMS | MFG | Power Platform

Published Jul 29, 2025
+ Follow

Overview

Microsoft Dynamics 365 Finance and Operations (D365FO) supports Electronic Signatures as a built-in feature that enables secure authorization of critical changes or actions within the system. Traditionally, security roles are used to manage access and control edits, but electronic signatures provide an alternative layer of control—especially for regulated industries or audit-sensitive environments.

What Are Electronic Signatures in D365FO?

Electronic signatures in D365FO are used to:

  • Verify user identity
  • Authorize changes to key data fields or processes
  • Maintain an audit trail for compliance and governance

They're not digital certificates, but secure confirmations tied to user credentials (passwords) within the system.

Enable Electronic Signature functionality in Dynamics 365 Finance and Operations.

Navigation: System Administration > Workspaces >Feature Management

Article content

Enable the Electronic Signature Configuration Key To enable Electronic Signatures in D365F&O:

  1. Navigate to System administration > Setup > License configuration.
  2. In the tree, expand Administration and ensure the Electronic signature checkbox is selected.
  3. If the checkbox is not selectable, enable maintenance mode first.
  4. Maintenance mode can be activated via a maintenance job in Microsoft Dynamics 365 Lifecycle Services (LCS) or by using the Deployment Setup tool locally.
  5. Once the checkbox is selected, turn off maintenance mode.
  6. Close the License Configuration page.

Article content

Obtain Certificate for Email Signature

The Electronic Signatures in D365F&O is to obtain a certificate from Microsoft Key Vault. Users must configure the electronic signature certificate and set up their security password.

Navigation Path: Settings > User options > Account > Electronic signature > Get certificate

Article content

As soon as the certificate is obtained and the password is set up, the 'Reset Certificate' option becomes enabled

Article content

Configure Electronic Signature Parameters in D365F&O

  1. Navigation Path: Go to Organization administration > Setup > Electronic signature > Electronic signature parameters.
  2. Select Edit.
  3. Set the following fields as needed:
  4. Notice: Enter a message to be displayed on the Sign Document page. This should explain the meaning and legal implications of signing electronically. Use the Translations button to add notice text in multiple languages.
  5. Require comments: Set to Yes if users must enter a comment when signing.
  6. Signature timeout: Enter the timeout duration (in seconds). If no signature is provided within this time, the process fails.
  7. Key expiry: Define how many days the digital key remains valid after creation.
  8. Signature alert recipient: Choose a user who will receive an email alert if signature validation fails (e.g., due to certificate tampering).
  9. Minimum length: Specify the minimum number of characters required in the passphrase (recommended: at least 8 characters).
  10. Minimum alpha: Set the minimum number of alphabetical characters required.
  11. Minimum numerals: Set the minimum number of numeric digits required.
  12. Minimum special: Set the required count of special characters.
  13. Save your changes.
  14. Close the page.

Article content

Set up reason codes for electronic signatures

Before electronic signatures can be used, you must set up reason codes. A valid reason code is required whenever a document is signed. The reason code indicates the purpose of the electronic signature. For example, a reason code can indicate legal approval.

  1. Go to Organization administration > Setup > Electronic signature > Electronic signature reason codes.
  2. Select New.
  3. In the Reason code field, enter a value.
  4. In the Description field, enter a value.
  5. Repeat these steps to add more reason codes as required.
  6. Select Save.
  7. Close the page.

Article content

Require electronic signatures for existing processes

  1. Go to Organization administration > Setup > Electronic signature > Electronic signature requirements.
  2. In the list, find and select the desired record.
  3. Select a process that requires electronic signatures.
  4. Select or clear the Signature required checkbox.
  5. Repeat these steps for every other process that requires electronic signatures.
  6. Select Save.

Article content

Create a custom requirement for electronic signatures

  1. Go to Organization administration > Setup > Electronic signature > Electronic signature requirements.
  2. Select New.
  3. Select or clear the Signature required check box.
  4. In the Name field, enter a name for the process that requires electronic signatures.
  5. In the Table name field, select the dropdown button to open the lookup. Find and select the table that store the data that must be signed. Then select the link in the selected row.
  6. In the Field name field, select the dropdown button to open the lookup. Find and select the table field that you want to monitor. Then select the link in the selected row.
  7. Select one of the following values to specify when a signature is required:
  8. Select Save.
  9. Close the page.

Article content

Let’s review with a simple example.

In the screenshot above, I selected the table name 'CustTable' and the field 'CreditLimit', then enabled the 'Signature required' toggle. If this toggle is not enabled, the system will not trigger the electronic signature validation.

Article content

The Credit Limit was initially set to '500,000.00'. I changed it to '500,001.00' and clicked the Save button, which triggered the Electronic Signature window. Both the Reason Code and Comments fields were mandatory, and after entering the required information, I clicked OK to complete the action.

Article content


The password entered must match the one created during the certificate generation process. Additionally, the system will display the printed name of the user as part of the electronic signature.

Article content

Once the electronic signature is set up, only authorized users who have the digital signature credentials can make changes to the Credit Limit. Other users, without the electronic signature password, will not be allowed to update it. This is just one example using the 'Credit Limit' field—there are many other tables and fields where electronic signatures can be applied, and you are encouraged to explore further.

Database Log Records:

The Database Log provides a comprehensive audit trail of system changes. It records the table and specific record that was modified, along with the company in which the change occurred. It also captures details about the user who made the change, as well as the date and time the modification was performed. Additionally, the log displays the previous and updated values of the modified data. When electronic signatures are used, the log includes the signer information, ensuring full traceability and compliance with validation requirements

Navigation Path: System administration > Inquiries > Database > Database log

Article content


Aswini Jena

Dynamic 365 F&O technical consultant

3w

💡 Great insight

Like
Reply
1 Reaction
Mallesh Deshapaga

MS Dynamics 365 F&O || Functional Consultant || SCM | AWMS | MFG | Power Platform

3w

Microsoft Dynamics 365 Finance and Operations (D365FO) now supports Electronic Signatures—offering a secure, built-in way to authorize critical changes. Beyond traditional security roles, this feature adds an extra layer of control, perfect for regulated industries and audit-sensitive environments. Enhancing compliance and accountability has never been easier!

Like
Reply
3 Reactions
See more comments

To view or add a comment, sign in

More articles by this author

See all

Others also viewed

Explore topics