Microsoft Word - TECH WHITE PAPER

SimpliGov–Government

forms with Workflow

Automation Platform

Technical White Paper

Table of Contents

Introduction .................................................................................................................................... 3

What makes SimpliGov a platform? ........................................................................................................ 3

What does automating something with SimpliGov mean? .................................................................... 3

Building Your Workflow ................................................................................................................. 4

Designing Your Forms............................................................................................................................... 4

Basic Form Fields ................................................................................................................................... 5

Form Field Blocks .................................................................................................................................. 6

ESignature Fields ................................................................................................................................... 6

Designing Your Workflow ..................................................................................................................... 7

Workflow Modules ................................................................................................................................... 9

Document Builder ................................................................................................................................. 9

Collaboration Stage ............................................................................................................................. 11

Data Sources ....................................................................................................................................... 11

Deploying a Workflow............................................................................................................................ 12

Accessing a Workflow (Front-end user experience) ............................................................................. 13

Web Forms .......................................................................................................................................... 13

Mobile ................................................................................................................................................. 14

Workflow Dashboard and Analytics ............................................................................................ 16

Workflow Dashboard ............................................................................................................................. 16

Analytics ................................................................................................................................................. 19

Out of Box Integrations ................................................................................................................ 21

Salesforce ............................................................................................................................................... 21

eSignature............................................................................................................................................... 22

Office 365/SharePoint ............................................................................................................................ 23

Custom Integrations ..................................................................................................................... 23

Make Calls to 3

Party APIs ................................................................................................................... 23

External Data Sources ............................................................................................................................ 24

SimpliGov API ......................................................................................................................................... 25

FTP .......................................................................................................................................................... 25

User Management ........................................................................................................................ 26

Manual User Management ................................................................................................................. 26

Single Sign-On ..................................................................................................................................... 27

SAML 2.0 ............................................................................................................................................. 28

SFTP ..................................................................................................................................................... 28

API-managed Users ............................................................................................................................. 29

Roles and Permissions......................................................................................................................... 29

Trust and Security......................................................................................................................... 30

User Authentication ............................................................................................................................... 30

Protocols ................................................................................................................................................. 30

Azure Government ................................................................................................................................. 31

Certifications .......................................................................................................................................... 31

Introduction

SimpliGov is an easy-to-use, drag-and-drop government forms with workflow automation platform that

allows government analysts and process owners to rapidly build and deploy forms with workflows.

SimpliGov is a robust platform that can handle everything from complex operational processes to

prototyping to intake form management. Accordingly, in order to discuss the platform’s functionality we

must consider SimpliGov from a number of different angles. We will begin by discussing the role and

responsibility of the enterprise owner, and the ways in which he or she will interact with the simple

Designer Interface. Then, this white paper will cover the various integrations that are either out-of-the-

box or made possible by SimpliGov’s readily accessible API. Finally, we will pan out to consider how end

users will use SimpliGov’s analytics and Dashboard to keep track of the hundreds of workflows they

launch and access from one place.

What makes SimpliGov a platform?

SimpliGov is an end-to-end Digital Transaction Management (DTM) platform. With SimpliGov, process

owners are able to easily build digital, automated workflows around the manual, repetitive, and paper-

based tasks that consume their time. When we say that SimpliGov is a platform, we mean that it works

for everyone involved in those processes – from the process owners who design the forms, to the

approvers and reviewers involved in the process – even to the public, if constituents or consumers are

requesting information through a workflow-enhanced webform.

It’s a platform for the users, who can launch and manage workflows from one comprehensive space. It’s

also a platform for the process owners and designers, who can use the straightforward interface to

build demanding processes. The Dashboard interface, drag-and-drop design tools, Visio-like

diagramming tool, integration-capabilities, and analytics all work together to make SimpliGov truly an

end-to-end platform. With this in mind, we must ask, “How do business process owners leverage the

SimpliGov Platform to automate processes?”

What does automating something with SimpliGov mean?

Workflow automation solves your bottleneck problems, your auditing issues, and your inefficiency woes.

Anything that can be whiteboarded can become a workflow. One of the great things about SimpliGov is

that you don’t need one thousand pages of requirements in order to start building your workflow – we

know that workflows, just like your organization, are constantly growing, expanding, and changing. Our

platform allows and encourages an agile, iterative approach.

The ability to build workflows easily and without IT (except for support with integrations and SSO)

democratizes and scales your ability to get things done quickly. SimpliGov enables IT to put the

processes in the hands of the process owners.

Building Your Workflow

There are two components to any SimpliGov workflow. There are the forms themselves – the form fields

that end users must populate with information – and there is the logic that drives the form from one

person to another. The workflow designer must take both into consideration when he or she designs the

end-to-end process.

Designing Your Forms

Designing the forms themselves is incredibly easy in SimpliGov. When your business process owners opt

to create a new workflow, they land on the Form Builder page. Here, they can use drag-and-drop tools

to pull form fields on to the screen. We offer three different sets of form fields: basic form fields, form

field blocks, and eSignature form fields.

Basic Form Fields

Basic form fields constitute the bulk of the form fields used in our workflows: most forms are made from

a combination of text boxes, area boxes, dropdowns and radio buttons. By clicking one of these form

fields from the form field menu as shown above, the form field will populate onto your screen. Our Form

Builder is a WYSIWYG interface, meaning that after you drag a text box onto the page, you will see the

text box itself.

Each form field is entirely customizable. After dragging one onto the page and selecting it, you can edit

and configure according to its specific properties. All form fields share certain properties, but some

properties are specific to the type of form field that has been selected. For example, the end user can

configure any form field to be “required,” to have a certain name, and to be accompanied by a hover tip

or placeholder text.

However, some form fields have more specific functionality. A text box, for example, can also be

validated to only take in a certain syntax: we can validate text boxes as currencies, phone numbers,

social security numbers, alphabetic, numeric, numeric decimals, alphanumeric, custom regex etc...

Custom HTML allows designers to incorporate logos, images, and even video into the form – which is

made even more powerful by the ability to include pop-up text. We can include links throughout a

webform with specific instructions in them by leveraging the Custom HTML form fields.

Some form fields connect the designer to additional SimpliGov functionality. The Address field, for

example, can be used to pull information through the Google places API into a webform. A Salesforce

Records field pulls information from the end customers Salesforce account, meaning that you could

create a dropdown that populates with information from your Salesforce account - such as Account

Names or Opportunities. The Workflow Records field allows you to pull information from previously

submitted workflows – so if you want to search through the organizations that have already

submitted an “application”, you can do that by configuring this form field.

Dropdown fields in SimpliGov are particularly powerful too. Designers can configure and customize the

“options” within the dropdown. Such options can be set manually, but they can also be automatically

populated with a list of registered users or information that has been input into a CSV file and loaded

into the SimpliGov Data Sources library.

This is not unlike setting up Salesforce Records and Workflow Records. However, the dropdown field can

pull data from an external data source, as well. Not only does SimpliGov have out of the box integrations

with Salesforce that allows you to pull information from your site, but SimpliGov also enables you to

customize an integration with any external web service, and pull that information into a dropdown field.

You can learn more about how we might also use SimpliGov to push information from our webforms

back into the external data source in the Integrations section of this white paper.

For all form fields, we’ve added multi-language support. This allows a designer to define different field

names and placeholder text for different languages. When the end user chooses a certain language

option, all the form fields on the webform, if so configured, will conform to that choice. This feature

supports anything in UTF-8, including international characters.

Form Field Blocks

Form Field Blocks allow workflow designers to quickly build forms. A form field “block” consists of a

group of form fields that have been pre-configured into a reusable template. An example of a form field

block can include the “Approval Form Block” which allows someone to easily drag-and-drop a group of

form fields that allow the end user to approve, deny and/or add comments in an approval.

ESignature Fields

These form fields enable additional SimpliSign functionality. Text input into these fields will in some

cases configure the way a document is sent out for signature (how often there is a reminder concerning

the eSignature document, for example), and in other cases it is within the eSignature setting itself that

text will get pushed into these fields. If someone declines to sign a document in SimpliSign,

for example, but gives his or her reason for rejecting – that information can be mapped back into

SimpliGov with the Rejection Reason field.

Designing your forms is incredibly intuitive. All you need to do is drag and drop the appropriate form

fields onto your screen, and then edit them to read the correct information. After building your forms,

you toggle into our Workflow Builder - this is the second side of the SimpliGov Workflow Designer.

Designing Your Workflow

Webforms and Workflows work together to provide logic driven forms and powerful applications to

your end users. We talk a lot about how easy it is to build the workflow with Visio-like diagramming

tools. It’s true – SimpliGov workflows look a lot like Visios, but with power behind them. We use two

different object types, “stages” and “relationships” to mark the trajectory and template of the workflow.

Each workflow is comprised of these two different object types. When people are looking at and

completing tasks and webforms, they are operating within a workflow stage. After such a person

submits the webform, the relationship triggers and executes logic.

We can imagine a workflow as a Choose Your Own Adventure Story, where the author of the story is the

workflow designer, and the person reading the book is initiating a new “workflow instance.” As

someone reads a page of the story, they are prompted to make some decisions which then will

determine which page to go to next. The page in the story with the description of the circumstance and

the possible choices would map onto the “stage” of the workflow. When we discuss workflows, it is at

the stage level that an end user fills out a webform. Depending on how an end user fills out the form, he

or she will push the workflow down a different path, or relationship.

Just like in the Form Builder, you have different properties available to you depending on what object

type is selected. When a stage is selected, you can create stage level conditions, automatically populate

forms from external sets of data, apply CSS to the webform, pre-define file attachments, turn the stage

into an unstructured space where multiple people can collaborate in real-time, and more.

Relationships, as you might expect, deal with what happens after an end user hits “submit.” Within the

relationship, it’s simple and straightforward to set the conditions under which you go down one path

rather than another. Knowledge of coding or Javascript is not required, you simply select the

relationship which you would like to make subject to a conditional rule and then define the rule.

We define the movement of information in the relationship. This movement pushes data from the

workflow to some other place, be it another workflow, an email, an FTP, an external data source, or

more.

At any point in a workflow, we are able to launch a child workflow. This means that in addition to the

request that is already in progress, SimpliGov can automatically initiate another request, and pass

information over to it. Maybe there’s an employee onboarding workflow, and after the employee gets

to a certain point, it automatically starts a workflow by which IT sets that new employee up in all their

systems. The idea of a child workflow can be useful for distinct but related processes.

Time-based logic can be implemented at the relationship level. Auto Submits and Auto Skips enable the

designer to incorporate time-based escalations into a process. For example, an Auto Skip can push a

workflow forward with tacit approval if a stage has not been completed within a certain time span.

After each webform is submitted, an email may be sent to anyone involved in the process. Most often

an email is sent to the next participant in the workflow, allowing him or her to access the workflow by

simply clicking a link from the email. Workflow designers can use the simple email design interface to

build HTML email templates, without any background in HTML. The emails can include quick submit

buttons like “Approve” or “Deny.” The designers can also build in rules to remind people if they have

forgotten to take action. We can automatically remind people if they forget to take action.

Workflow Modules | Document Builder

SimpliGov leverages the same conditional logic and data that drives workflow in the Document Builder

module. This is powerful functionality that clients are utilizing for contract generation and document

output.

With our document builder, you can use conditions and answers from the form to dynamically generate

a PDF or Word document. Just as a workflow acts as a master template, or Choose Your Own Adventure

Story from which readers can initiate new adventures (workflow instances), so too does the Built

Document act as a master template from which actual documents are generated.

In the Document Builder, designers display all of the possible content that any end user might see,

depending on what he or she had previously submitted into the form. Then, as the end user actually

submits answers, the Built Document shows or hides the appropriate clauses and pieces of text.

Document Builder dynamically generates documents subject to conditional logic.

The conditions and document can all be written out with our non-coding interface, so there is no need

to learn complex JavaScript or a proprietary syntax for the conditions.

Collaboration Stage

The ‘Collaboration Stage’ is a new SimpliGov workflow concept, allowing unstructured components to

be embedded within your structured business process. The collaboration stage allows for a workflow

stage to be updated indefinitely, and by a variable set of users until the stage owner decides to push the

workflow forward.

The collaboration stage plays with our typical understanding of a stage in a workflow. Instead of one

webform assigned to one person, a group of people are asked to look at the same workflow and provide

comments or updates to the form fields.

In order to support fluid aspects as part of a larger workflow, the collaboration stage is flexible in how

the group of users interacting with it are defined. For example, new users can be invited to interact with

the collaboration stage through another user mentioning them through a comment (@user syntax), just

as in an application like Facebook. Notifications can be configured such that users are notified of all

comments, notified when they are mentioned specifically, or notified when the form fields are updated.

If notifications for a particular workflow instance become too cumbersome or distracting, they can

unsubscribe or change their notification settings.

There are multiple different role types within the collaboration stage environment: Members, Editors,

and Administrators:

• Members can simply view the record data, and add participants in the comment thread.

• Editors can edit the values of the workflow.

• Administrators can do all of the above, as well as manage the collaboration stage’s member list,

change role types of other users, and officially push the workflow forward and past the

collaboration stage.

All working changes made to a collaboration stage (files, comments, form updates) are tracked in a

second layer of the audit trail, allowing for full visibility into the details of the process.

Data Sources

Data Sources are a standalone module within SimpliGov, separate from the Workflow Builder by design.

Data sources allow a user to manage lists or full tables of data. Data sources can be updated in real-time

and integrated with workflows – as a data source changes the workflow will automatically pull the most

recent values. Data sources can derive their values and stay updated in a number of different ways, see

details below:

• Simple Data Sources: Simple data sources are just a one column list of values – think Countries,

Currencies, Attorneys, etc. Simple data sources can be updated manually through the Web UI,

by API, or through a .csv upload.

• Conditional Data Sources: Conditional data sources allow users to tie two different lists of

values together. Based on the selection in the parent field, the child list will filter. The most

obvious example for a conditional data sources is a Countries – States relationship, where the

list of states filters is dependent upon the selected Country. Conditional data sources can be

updated manually through the Web UI, by API, or through a .csv upload.

• Grid Data Sources: Grid data sources are similar to a VLOOKUP in Excel - based on the key value

selected by the user in the data source, the data source pulls all related columns of data for that

row. For example, if you wish to map different attributes to countries, you can upload a data

source with Country names in column A, Language in column B, Currency in column C, Lead

Analyst in column D, and Risk in column E. Grid data sources are extremely useful in workflows

- all related data to the key value can be pre-populated into form fields or used to drive

workflow logic. Grid data sources can be updated manually through the Web UI, by API, or

through a .csv upload.

• External Data Sources: Simple Data Sources and Grid Data sources can be dynamically pulled

from an external web service / API endpoint. Each time a user accesses the data source from a

workflow, the values will be pulled in real-time from the web service and presented to the user.

It is easy for admins to configure these API calls and make changes quickly if the API changes.

Deploying a Workflow

When a workflow designer finishes designing his or her workflow, the workflow is easy to deploy.

SimpliGov requires no deployment by IT as it is a SaaS application. SimpliGov provides Production,

Training, Pre- production and Staging environments to each of its clients. The designer will build and

edit his or her workflow in the Pre-production environment. Workflows and appendages can be

exported from Pre- production and imported to Production.

It is very easy to test workflows as a user builds them. There is a “Preview” button in the Workflow

Designer. This allows a user to launch the workflow and start to complete the form in a live setting.

From there, a user can follow the workflow path to test the different relationships, test the form

conditions to make sure that everything was set up correctly, and generally test the workflow. It’s also

easy to share it with other people in an organization so others can preview and test the workflow as

well.

Pre-production and Production have different databases to ensure that there is no contamination of

Production data with test/dummy data from Pre-production. Production is used for day to day

operations by our client base with live production data. The code-base for this environment is stable and

only changes with previously communicated release notes. Pre-Production contains the same code-base

as Production but only holds dummy/test data. This enables our workflow designers to build, edit, and

test their workflows on a stable production style environment without confusing live workflows with

ones being tested.

Staging is a UAT (User Acceptance Testing) environment for new features to be rolled out in upcoming

releases. Staging runs a different codebase to that of Production and Pre-production and is upgraded

more-frequently than Production or Pre-production. This environment only holds test/dummy data and

should be considered as a beta feature testing environment for our clients.

When a workflow is deployed, end users can run and respond to workflows easily and with no training.

Workflows can be initiated from the Workflow Dashboard, but they can also be embedded in an

external site. No one who is using a SimpliGov webform needs to know that he or she is using such a

form – or that the form he or she fills out is tied to a complex workflow. Instead, a SimpliGov user can

fill out a form from a public site, and the person who responds to that form might simply get an email

about it, from which he or she can simply click “approve” or “deny”.

Should an end user be faced with a SimpliGov webform, he or she will need no training whatsoever to

fill it out. Each form field can be customized to include hover tips and placeholder text, and with Custom

HTML field pop-ups are possible too. In a “Turbo-Tax-like” experience, end users will conditionally see

only form fields that are relevant to them. When they submit a particular answer to one question, the

form will adjust to that response and ask the next appropriate question. The user on the front end will

never see questions that are irrelevant to his or her purpose. On the back-end, this is a function of stage

level conditions.

For the process owners and managers whose jobs are made easier by the trackability of each business

process and workflow stage, the Workflow Dashboard can be used to store data and take quick actions

on workflows that are in progress.

Accessing a Workflow (Front-end user experience)

Web Forms

Workflows can be accessed and executed upon in a number of different ways – through a web UI, by

API, or through an embedded UI in another application. The main goal of the front end user experience

is to abstract the complexity away from the end user, and provide a streamlined, no-training-needed

experience for the user. Our goal is for your entire business to be able to interact with SimpliGov

workflows in some way, and with this in mind the UI must be self-explanatory.

SimpliGov web forms can be permissioned in such a way that they are available to only certain groups of

registered users, or public accessible to anyone with the link. Whether a registered or anonymous user

accesses the form, the experience is seamless and simple. Forms can include HTML instructions,

conditional fields, hover tips, file upload controls, numerous field types, and more to make the form

easy to fill out, and to ensure data captured is validated and in the correct format. See an example

below:

Mobile

SimpliGov forms are automatically responsive, which means they can be viewed on any screen and will

automatically resize to fit the view. This means that forms can be easily filled in on-the-go. This is true

while visiting the form in the browser, so there’s no need to download an app, or change your

experience. A user can simply click a link on the phone, tablet, or desktop to visit the form.

Workflow Dashboard and Analytics

Workflow Dashboard

SimpliGov has a queue area (the SimpliGov Dashboard) in which all requests are listed in an interactive

grid. From there, senders may track the progress of their transactions, filter or search through the

workflows, view the audit trail, or cancel a request. The SimpliGov Dashboard reports on both metadata

and form-specific data. Data included in the dashboard may then be exported for offline use.

The actions an end user can take from the Dashboard and the workflows the end user can see in the

Dashboard are subject to workflow and administration permissions, to the status of the workflow, and

to the particular filter or view that is applied to the interactive grid.

Each request has an “Actions” menu, and there are multiple actions that a user can take:

• One of those is to view the audit trail. The audit trail is a complete list of every action that was

taken in the workflow. Each time any piece of data changes, SimpliGov automatically logs who

changed it and when. This way, it’s always easy to look back and figure out what happened

during a process.

• A user can also reassign a request to someone else in the system, or cancel/remove a request.

• Finally, a user can take action on a request from the dashboard by clicking “Edit Request” from

the menu. This means that requests don’t have to be email based. A user can always see what is

waiting for them, and then they can take action from the dashboard.

There are three “out of the box” filters that toggle the Dashboard view between All Records, My

Records, and My Action Required. These filters are located in the collapsible side menu of the

Dashboard:

• All Records allows you to see any workflow that you have permission to access. This means you

can check up on workflows that are not currently assigned to you, and that you yourself did not

initiate.

• My Records lets you filter the Dashboard contents to show only those workflows that you

initiated. These workflows may or may not currently be in flight. This filter is helpful for viewing

workflows that you initiated – you might want to check up on their progress and see who they

are assigned to or check out the Audit Trail.

• My Action Required is your “to-do” list. This filter shows you all the workflows that are in flight

and currently waiting for your action.

You can further customize the view of the Dashboard by adding additional columns and filtering through

them. In SimpliGov, there are two different types of columns that we can add to the Dashboard: main

fields and dynamic fields.

• Main Fields represent pieces of information that are meta to a workflow. They include fields like

Workflow Name, Status, Description, and Current Assignee. Main fields represent information

about the workflow – pieces of information that are generically relevant to any workflow. Every

workflow, whether it’s a Self-Service NDA or an Onboarding workflow, will have a name, a

description, and status. The pieces of information you are interested in will determine main

fields that you add.

• Dynamic Fields represent pieces of information that are found within a workflow. For example,

if one form field in a particular workflow asks that someone fills in a certain geographic region,

SGAP can pull this geographic region into it’s own column, titled, Geographic Region.

After defining the columns that populate your Dashboard, you can filter from within the columns as

well. It’s easy to select the filtering icon next to each column and define the logic by which you wish to

filter the view.

After creating a view of the Dashboard that is relevant to you, it’s easy to save the Dashboard view as a

Filter you can return to in the future. You can also export your view to excel, or simply refresh the page

to return to the basic configurations that have been pre-defined.

Analytics

The ability to gain insights into an organization’s data is a game-changer for those automating and

centralizing their business processes into a workflow automation system. Using SimpliGov’s Analytics

Dashboards, you can splice your data in any way you wish in order to gain insight into your business. For

example, you can build a chart showing the average amount of time various different approval steps

take as a percentage of the average workflow completion time, and then refine your workflow to

improve time to completion.

With our Analytics dashboards, users can see data from requests in addition to metadata about the

requests. The number of requests that are pending or complete is an example of the metadata we can

track, as would be the time that it takes from request initiation to completion. We can also report on

information that users have entered into the form. We can display that information in tables or in

charts. We can additionally integrate with other sources to include data from other systems in the

analytics dashboards.

• Use a wide variety of chart types: Users have a wide variety of chart types to choose from when

building dashboards – anything from pie charts to bar graphs to tables to indicators to maps to

pivot tables!

• Use any data from the workflow: Any data from the workflow can be used to build charts –

custom fields, system timestamps, user data, uploaded files, and more.

• Cross chart filtering: All the charts are interactive – meaning click on a segment or a data point

and the rest of the dashboard will filter accordingly. For example, if you click on the ‘United

States’ segment of the Geography pie chart above, the other charts on the dashboard will filter

to show only data from the United States.

• Drill down: Drill down logic can be configured. As a user clicks on a segment or data point of a

chart, they can get to the actual record level detail and view data in a table for example.

• Create multiple dashboards: Clients can create as many dashboards as needed, for example a

high level overview for management, a specific in-flight contracts dashboard, and an onboarding

progress tracker. Dashboards can be segmented out by user group-based permissions, and only

presented to users who have access to that data.

Out of Box Integrations

Numerous integrations with third party systems are pre-built within SimpliGov, meaning the user

configuration the integration need only interact through a simplified UI and not manually determine

request body format or response parsing. These pre-built integrations include robust Salesforce

integrations, extensive eSignature integrations (Adobe Sign, DocuSign), OneDrive integrations used for

previewing documents and editing via one-time links, and UiPath.

Salesforce

SimpliGov has a fully out-of-the box integration with Salesforce (SFDC), allowing workflow designers to

create connection points in seconds. Whether the goal is to push data into SFDC objects, or pull data

from SFDC, there’s a configuration UI in SimpliGov to get the job done.

Map values

dynamically from

SGAP form

results

Optionally hard-

code values

It’s easy to send information to Salesforce or pull information from Salesforce to make changes to an

opportunity, and account, or whatever you need. When we send information to Salesforce, we have the

opportunity to create objects or modify them. End users use the UI to map SimpliGov data to SFDC

object fields. We can map SimpliGov form fields, SimpliGov attachments, signed eSignature documents,

and user data into SFDC object fields.

Not all Salesforce objects are created equally – an Admin in Salesforce can determine what an account

object in Salesforce looks like. Regardless of the way the object has been configured by the Admin, that

object is available in its entirety in SimpliGov. When Admins make changes in Salesforce to object types,

those changes are made in real time in SimpliGov.

Object Type

We can also pull information from existing objects in Salesforce, and then prepopulate other form fields

with relevant information that has been stored in Salesforce. First, the designer in SimpliGov decides

which type of object is being pulled, and then the designer configures which attribute the object is being

searched against. For example, one might wish to pull up a list of different accounts (objects) and search

through based off of its name (attribute).

eSignature

SimpliSign is our own esignature solution that is included with SimpliGov. There is no additional cost

for obtaining esignatures. For organizations that have standardized on Adobe Sign or Docusign,

SimpliGov has an out-of-the- box integration for either product. This is set up in the initial

provisioning of the tenant. SimpliGov’s out of out-of-the-box eSignature integrations make workflows

even more powerful – workflows can push contracts out to be signed, and then signatures can take

place within the same space.

There are three different sources from which you might send a document for signature. In the

eSignature Support dialog, you can select Upload File, Add dynamic template or Add built document.

These three different types of documents are outlined below.

1. Upload File

a. When you select Upload file, you are prompted to upload a file from your computer. If

you upload a file from your computer, this document will become your eSignature

document. If you wish to learn more about tagging documents such that they populate

with information submitted into the webform, please see the article, “Text Tagging and

Pre-Merge.”

2. Add dynamic template

a. Add dynamic template makes it possible for the end user to receive a different

e-Signature document, depending on what has occurred previously in the workflow.

b. File upload form fields can become dynamic templates. For example, if Legal Counsel

drafts a document that they upload into a workflow, SimpliGov can send out that

document for signature with the dynamic template option.

c. Data Sources can also be leveraged in dynamic templates. For example, a user might

select from a data source dropdown that he or she is from a particular region. There

might be a different document associated with each region. By mapping each dropdown

value to a document, the workflow is leveraging a dynamic template.

3. Add built document

a. Built documents are created in Workflow Templates as part of the Document Builder

functionality.

Documents sent out for signature can leverage SimpliSign’s, Adobe Sign’s or DocuSign’s “Signer”

functionality. When setting documents up to be sent for signature, workflow designers can determine

any number of signers, approvers, and people to be cc’d on the document. These people can sign in

parallel or in an order that the workflow designer sets; SimpliGov also allows groups of users to be

assigned to sign, and considers the document signed by that role as soon as one person from the group

signs the document. SimpliGov even allows the workflow designer to set up personal, private messages

to each of the signers.

Office 365/SharePoint

SimpliGov has built an integration with SharePoint that allows for an easy to set up, out-of-the- box

integration. This functionality lets people use SharePoint to initiate a workflow, use lists as the options

for a dropdown, and then those selections can be used to route the request.

We can also send files to specific file locations within SharePoint, which is helpful for anyone who wants

to send files from a request in SimpliGov into SharePoint automatically.

Custom Integrations

There are a wide range of low impact strategies to integrate SimpliGov with your existing systems. The

goal is to augment your current IT stack – not to rip and replace all legacy systems.

Make Calls to 3

Party APIs

Most of our customers have variable and various other third party applications and services with which

they want to push and pull data. Many of these other applications have APIs that are open and can be

used to accomplish this. In this way, really anything can connect with SimpliGov.

An Application Programming Interface (API) is basically a just a way that organizations say “Hey! If you

want to get to information that we have with a program that you’re writing, you can get to it through

here.” It is a way that two applications can talk directly to each other. Each time one system talks to

another, it is called a request. Even sending data to another system is still a request. There are lots of

services out there for creating and testing API calls. When we build workflows in SimpliGov that include

API calls, we usually use cURL, Postman, and RequestB.in to help set it up.

There are a number of different locations within the Webform and Workflow Builders in which designers

can set up API calls to other web services. Users can configure the API to make a variety of types of

requests, including GET, POST, and PUT requests. The request headers can also be edited to account for

variable content-types, or other headers that the user may want to include. Answers from the form or

document content can be included in the request body, as well as the headers, so they can be variable

and be dependent upon the answers in the form.

The SimpliGov API configuration allows for authentication, including Basic Authorization and OAuth 2. It

also includes the ability to preserve the authentication. This allows for two scenarios:

• Users can be presented with an OAuth window while they are filling out the form, which would

make sense if they should be using their own account for the integration to work.

• The OAuth window can also be filled out during configuration, and the system can continue to

refresh the token to allow an invisible integration with that third party endpoint. This method

would be more appropriate for use with system accounts, essentially one account that should

be used all the time.

SimpliGov can validate the responses of the API to make sure that the request is correct. If the request is

incorrect according to the rules that have been set up, the system can prevent the user from submitting

the form, or it can yield an error on a specific field. The rules that are set up can reference a certain

piece of the response, like if the response contains an error field, or the HTTP status code, like 404.

There are two main ways to use the API, and two main reasons for doing so:

• SimpliGov allows for API calls to be made at the stage level, which means that the API calls can

go out and get information based on a form answer as someone is editing it. This can be useful

to fill information into the form while a user is editing the form.

• The API calls can also be made at the relationship level, which is useful for POSTing data to a

database after the form has been filled out, or integrating with a payment processor. The

responses from the system can be mapped into the form at this point as well. With either of

these methods, both at the stage or relationship level, the responses can be used to drive

workflow logic.

External Data Sources

External data sources are very similar to the External API module in terms of configuration concepts, but

are built for a different use case. External Data Source and External Grid Data Source allow users to

dynamically load an array of values from a third party web service, whether it’s a simple list or a lookup

table.

SimpliGov API

SimpliGov offers a REST API which can be used for integrations. Workflows can be initialized and even

continued programmatically.

SimpliGov’s API enables end users to leverage SimpliGov’s functionality even outside of SimpliGov. Using

the SimpliGov API, users can programmatically access information about users and workflows that have

been run. Users can also initiate requests via API, or they can set up other systems to do so. Requests

that have been created, programmatically or otherwise, can be continued via API. Some clients use

SimpliGov as a rules engine, and users never see the GUI. Others use the API to initiate thousands of

requests at once, so that everyone receives a notification at once.

At a higher level, the ability to make API calls from a workflow, or have another system call SimpliGov’s

API, means that SimpliGov can drive actions in other systems, and other systems can initiate or be a part

of workflows. We can start a process in SimpliGov, and then send information to another system to

finish it. Or instead of finishing it, the other system can take some action or store information and send

an API call to SimpliGov to continue. This opens up a lot of possibility around working with systems that

are already in place instead of replacing them.

For a human-written guide to our REST API documentation, please visit this link:

https://simpligov.docs.apiary.io/# .

FTP

SimpliGov also has the ability to push information via (S)FTP to a folder of a client’s choice, making it

easy to develop a custom integration if an API endpoint is not available. A user could set up a watched

folder to take the information that is passed there and put it into a database or other location of their

choice. The data is passed over in .csv form, and files associated with the workflow are passed with a

standard naming convention so that the files can be mapped to the appropriate request.

Powershell Scripts

In scenarios in which the customer cannot directly use the SimpliGov API, or in which there are

transformations necessary to make to the data, SFTP and Powershell scripts can be used to accomplish

the integration. For example, this method is commonly used to sync users between a customer’s Active

Directory and SimpliGov’s user database. On a pre-defined frequency, for instance nightly, the customer

will drop a new user .csv file into an SFTP folder. Upon receiving the file, a cron job will trigger a

Powershell script to process the file and provision users accordingly through the SimpliGov API. This

integration method has also been used to update data sources, and in other select scenarios.

User Management

SimpliGov has its own user database which holds user login information, permissions and groups, and

custom fields. There are a number of different methods in which user information can be added or

updated, automatically or manually, to the SimpliGov user database.

Manual User Management

Users can be added or updated manually through the SimpliGov web UI by administrators with the

requisite permissions. For smaller implementations this can be a suitable way for administrators to

manage the user database; for larger implementations manual user management is likely only used to

tweak small issues or update individual users.

In the Users Administration section in SimpliGov, administrators can create new users, search or filter

through existing user records, or edit existing user records (roles, permissions, custom fields).

Additionally, Export/Import functionality from/to csv is available through the web UI, allowing

administrators to perform heavier manipulations in Excel and bulk-update many users at one time.

Single Sign-On

SimpliGov supports Single Sign-On through the SAML 2.0 protocol. As described above, SSO can be used

for authentication, to add users, or to update fields (including custom fields). Set-up is generally a very

painless and quick process, see below for further set-up details:

General Info

• SimpliGov supports Single Sign On using SAML 2.0 protocol, with a preference for the "Service

Provider Initiated" variety.

• SimpliGov has two main environments for clients – Staging and Production.

o SSO is normally set up on both environments for clients.

o The usual protocol will be to first set up SSO on Staging for testing, before setting up on

Production.

Required Files for Setup

• To begin SSO setup, two files need to be exchanged between the client and SimpliGov:

o From SimpliGov: an sp.xml file containing certificates, entity ID, and protocol

o From the Client: an IdP.xml file containing metadata from the client identity provider -

certificate, identity provider information, etc.

SSO Setup Requirements (Client Side)

• The following requirements must be adhered to when setting up SSO on the client side:

o The SAML assertion must contain the user’s unique login ID (generally this will be an

email address) in a parameter called ‘email’

o Other parameters may also be included

o RelayState should ideally be configured on client side

• Once setup has occurred on the client side, we will configure our environment using your IdP

file, and testing may begin on Staging. Once the SSO setup on Staging has been passed, we can

configure the SSO setup on Production.

SAML 2.0

The most common method of user authentication in larger, Enterprise implementations is through

Single Sign-On (SSO), using the SAML 2.0 protocol. SGAP supports both identity provider (IdP) and

service provider (SP) initiated SSO.

The SAML assertion sent to SimpliGov must, at a minimum, include the following parameters:

‘firstName’, ‘lastName’, and ‘email’. The ‘email’ value is generally an email address, but can also be an

alphanumeric id string - in this case the email address must separately be provided in an attribute called

‘DomainAddress’. Any custom field can be included within the SAML assertion as well, e.g. include a field

called ‘OfficeLocation’ that maps to a custom SimpliGov field which holds Office Location data.

SimpliGov’s SSO support has inherent add or update behavior – meaning users are created as new

automatically if a new login is supplied in the assertion, if the login matches an existing user, any user

fields will be updated with the newly supplied data.

SSO set-up is a quick and painless process for the customer – all that needs to occur is an exchange of

metadata XML files between SimpliGov and the customer, and after basic configurations it should be

good to go.

SFTP

There are many workflow use cases in which user information should be in SimpliGov before said user

logs in for the first time through SSO. For example, in a contract request intake form, you may have a

lookup field into the user database that allows a user to select an approver or signer, but you want to

search through all users – not just users that have logged in at least once. For this reason, among others,

SSO is generally paired with a user integration that more or less syncs the customer’s AD to SimpliGov’s

user database.

The most common user integration method is accomplished by dumping CSV files to an intermediary

SFTP folder. The .csv files would contain any users that have been added or updated since the last run.

SimpliGov will automatically pull any .csv from the SFTP folder, and add or update the users in

SimpliGov. This method is low impact on the customer’s IT department, and easy for SimpliGov

to consume.

By using SFTP or SimpliGov’s API (described below) in addition to SSO, user information is always up to

date in SimpliGov and supports use cases that require user lookups, filtering, or assignment.

API-managed Users

SimpliGov’s API can also be used to provision users. This method is generally higher impact on the

customer’s IT department, but can be more real-time than the SFTP method.

There is an API endpoint available to add or modify users, as well as an endpoint to remove users. User

data is transmitted in csv format in the body of the HTTP request. See below API documentation links for

details:

Add or Modify: https://simpligov.docs.apiary.io/#reference/0/users-api-root/add-or-modify-users

Remove: https://simpligov.docs.apiary.io/#reference/0/users-api-root/remove-users

Roles and Permissions

SimpliGov is a Workflow Automation Platform for building and delivering content across workflows;

access to SimpliGov therefore, needs to be built along two different axes: access at the Platform level,

and access within the level of a particular workflow. Many Users will have access at both levels; they will

be able to assign and track work from the Dashboard, edit workflows on the fly from the back-end

Designer tool, and also complete their own tasks within individual processes. Setting up Users is

incredibly easy -- Users are generally provisioned through an AD integration or directly through SAML

(SSO integration). Users are assigned roles and departments, which are different groupings that

determine what a user can see in the application, and what they can do with the data they see. Our

incredibly robust provisioning of User Roles and Departments allows us to give individuals very granular

permissions regarding what they can see and/or do.

Roles and Departments are entirely customizable, and we assign Roles and Departments to our Users to

determine their granular permissions. We set some of these Permissions at the Platform level, giving, for

example, a particular Role the ability to see and use Data Sources functionality. We set other

Permissions at the Workflow level, ensuring that the appropriate people can initiate or access a given

workflow.

We can ensure that everyone has the appropriate access to information -- even if they are not

registered SimpliGov users! We must point out here that not everyone one who “uses” SimpliGov must

be a registered User. This distinction should further highlight the difference between Platform

permissions and Workflow Permissions. Platform permissions will be given only to those who are using

SimpliGov’s platform to build and deploy workflows. However, our workflows can pull individuals into a

workflow who are otherwise outside of the given SimpliGov system. These Users will likely not even

know that they are part of a workflow: their task within a workflow will appear to them as an email, and

the administrators within SimpliGov will be able to see the bigger picture of the “workflow.”

Trust and Security

SimpliGov is committed to providing customers with the highest levels of security. SimpliGov follows

strict security protocols and has passed extremely rigorous certifications. SimpliGov is a multi-tenant

SaaS application and so there is shared tenancy among all clients/tenants i.e. shared databases, web

servers etc; despite this, SimpliGov infrastructure practices physical and logical separation practices as

much as possible.

User Authentication

There are various methods by which users can authenticate into the system. There is a default login

screen where users can log in using SimpliGov specific credentials. This is always available as an option.

If a client would like us to, we can integrate with any Single Sign-On provider using SAML 2.0. This allows

users that have been credentialed by the client to use those credentials on our site as well, meaning that

they don’t have to remember yet another password.

This also makes it easier for a client to manage access to the SimpliGov system in the event someone’s

role changes or they leave the organization. If the user’s profile is disabled from the central location,

they will not be able to log into SimpliGov. Additionally, the SSO provider can pass attributes like

department and manager to SimpliGov in addition to simply authenticating user, and this can be helpful

for workflow logic as well. For all of these reasons, SSO integrations can be very useful.

Protocols

We use the Microsoft Azure Government Cloud to provide physical data center security. These data

centers have fire suppression systems, uninterruptible power supplies, surveillance systems and access

control to ensure protection. All physical data is subject to rigorous security measures: all media is

securely destroyed according to NIST and DoD standards, with a CCTV monitored and certified vendor. A

secure document removal and destruction policy destroys all sensitive information once it is no longer

required.

SimpliGov employees undergo extensive security training, and we enforce and audit a clean desk policy,

acceptable use, and VPN usage. SimpliGov employees are not allowed to access private data. All

employee actions are logged and audited. They also undergo annual OWASP training. Role-based access

control is also employed to minimize vulnerabilities. SimpliGov ensures that end users who fill out

webforms are verified by email –256bit SSL protects a viewing session, and SSO support is also available.

SimpliGov’s network, servers, and applications are also subject to security measures. Commercial grade

firewalls and border routers, combined with automated vulnerability testing, secure the system from

outside intrusion, and it is built for protection against DoS (Including DDoS) attacks, as well as MiTM

attacks, IP spoofing, port scanning, and packet sniffing. This monitored 24/7 by a worldwide team. All

administrative traffic is encrypted, using HTTPS, SFTP, and SSH rather than their insecure counterparts

(HTTP, FTP, telnet).

The network is also hosted in a virtual private cloud to further restrict unauthorized access. Servers are

included in automated vulnerability testing, and have patches applied to counter the latest threats. They

also have enterprise-grade malware protection. Applications have been tested with automated code

vulnerability scanners. Third parties have conducted formal code reviews and vulnerability mitigation on

the applications.

SimpliGov is currently hosted in the Microsoft Azure Government Cloud. This allows scalability,

redundancy, and availability while minimizing cost. SimpliGov is an ASP.NET application with

a MSSQL Server backend.

Azure Government

Only US federal, state, local, and tribal governments and their partners have access to Azure

Government. Azure Government offers strict validation program to determine eligibility before

organizations can move their workloads; Complete data, applications, and hardware residency in the

continental United States; Geo-replication between datacenters 500 miles apart supporting business

continuity; Specially constructed datacenters with 24x7 monitoring; and physical separation within the

continental US, operated by screened US citizens.

All government-only datacenters are DoD Impact Level 5 Provisional Authorization (PA), including two

dedicated regions for US Department of Defense workloads. Azure Government offers the most

certifications of any cloud provider to simplify critical government compliance requirements: FedRAMP

High Compliance, CJIS, DFARS, DoD, FIPS 140-2, IRS 1075, ITAR, NIST 800-171, Section 508, and HIPAA.

Certifications

SimpliGov currently is SOC 2 Type II SSAE 16 and PCI-DSS 3.2 Service Provider Level 1 certified, ISACA PII,

HIPAA-HITECH, ISO 27001 compliant.

SOC 2 covers validation of operational controls over 5 trust principals: Security, Availability, Processing

Integrity, Confidentiality, and Privacy. DiSanto & Priest, an AICPA approved firm has audited SimpliGov

and certified that we are compliant. SOC 2 is the appropriate certification for our business type and size.

Compass IT Compliance, a qualified PCI-QSA, audited and certificated SimpliGov with PCI-DSS, for the

safe handling and operational procedures regarding credit card information. PCI-DSS 3.2 is the

appropriate certification for our business type and size.