Overview
This integration helps SafeBase customers who want to leverage Ironclad for the NDA signing process configure their Ironclad workflow to be compatible with the SafeBase Ironclad integration.
The Ironclad integration is available for customers on the Advanced or Enterprise plans.
Note: Currently, SafeBase only supports connecting to Ironclad's North America (NA) region. If your Ironclad account is hosted in their EU region (you will see eu1 at the beginning of the URL when logged into Ironclad), you will not be able to integrate with SafeBase.
Ironclad Workflow Requirements
Before setting up the integration, take note of the following requirements:
Customers must have the API add-on package enabled in Ironclad. This integration will not work if that package is not enabled.
You can check if your Ironclad environment has this package enabled by navigating to the Company Settings page and checking to see if you have a navigation item called “API”. If you do, then you have the correct package. If you do not have the correct package, you must upgrade your Ironclad license to use this integration.
The SafeBase Ironclad integration supports many variations of Ironclad workflows. Still, there are a small number of Ironclad workflow requirements that must be met to ensure that the integration will work. These requirements are:
The workflow must be an Internal Workflow (i.e. launched by a member of your team from within Ironclad) and cannot be a Public Workflow (i.e. able to be launched from a public URL).
The Launch Form (under the "Create" step) must contain the following three required fields:
Counterparty Name
Counterparty Signer Email
Counterparty Signer Name
Other than these three required fields, the Launch Form cannot have any other required fields. If there is other information that you need to collect from the counterparty, you can use an Additional Form to collect it.
The SafeBase user configuring the integration in SafeBase must be the workflow owner for the Ironclad workflow with which you want to integrate.
Recommended Ironclad Workflow Configuration
SafeBase’s integration with Ironclad is built to work with the vast majority of Ironclad workflow configurations, provided they meet the requirements for Ironclad workflows listed above.
To help you get started, please follow the below instructions on configuring the recommended Ironclad workflow. This workflow will:
Automatically send an NDA to the counterparty
Collect their signature
Archive the contract in Ironclad
Provide the counterparty with post-NDA access to the Trust Center.
If you need to create a new workflow, or intend to use an existing workflow, with different settings, please reach out to our Support team to help ensure it is appropriately configured and test it before going live.
Configure Ironclad Workflow
In Ironclad, navigate to Workflow Designer > Create new or Edit existing workflow
1a. Ensure required fields are set
The following fields are required to be present in the workflow. Drag these tags into the document itself to prepopulate their values. SafeBase will collect these values on the Access Request form.
Counterparty Name
Counterparty Signer Email
Counterparty Signer Name
Ensure only one paper source is chosen (from the three dot icon at the far upper right -> Manage paper source)
Choosing both paper sources will force paper source as a required field, and it cannot be made optional. This will not allow SafeBase to trigger the workflow.
Note: There can be additional fields in the launch form but they cannot be required.
1b. Configure Launch Form
Ensure that the three required fields are listed on the launch form.
The field (display) names must match the tag names exactly.
You may include additional fields, but they cannot be required for launching the workflow. If you need more required fields, use the "Additional Forms" option in the "Create" step.
1c. Configure Approval steps
Adding an approver will require manual approval before the NDA document is sent to the recipient.
If you want the NDA to be sent automatically when someone requests access to your Trust Center, this step will need to be removed.
1d. Configure Signature Steps
To enable automatic sending of the NDA, navigate to:
Sign > Settings > eSignature > More Settings > eSignature request trigger
Select "Automatically sent after last approval"
Optional: If you want the person requesting access to the Trust Center to be able to forward the NDA to another user within their company, toggle the "Allow reassignment" setting on.
1e. Archive Steps
SafeBase requires the workflow to be completed and archived in order to satisfy the NDA requirement and grant access to the account member. In order to auto-archive the contract and trigger the workflow completion step, set "Auto-Archive" to "Always" and remove the "Archiver."
1f. Save and Publish
Save the workflow. Ensure all errors are resolved - this most often requires removing fields (tags) that are not being used from the Document and Create steps. You may also need to remove tags from the workflow's settings (gear icon to the right of the workflow name).
Publish the workflow. SafeBase cannot trigger unpublished workflows.
Connect SafeBase & Ironclad
In SafeBase, navigate to Settings > NDA > Ironclad > Connect. You will be redirected to Ironclad’s authentication page, which will prompt you to sign in to connect SafeBase to Ironclad and select the Ironclad environment.
Note: The person setting up the connection must be the Ironclad Workflow Owner. To ensure this is the case, you can add the SafeBase administrator as a workflow owner in Ironclad, or you can add the Ironclad workflow owner as an administrator in SafeBase.
If you choose the latter of these options, you can remove them as a SafeBase administrator user after the connection has been made.
Configure settings in SafeBase
Set the workflow owner's email. This is a user within Ironclad who has permission to launch the given workflow. The email will default to the currently logged-in SafeBase user, but it does not have to be the same email address, per the note above. Ensure this email is the Ironclad workflow owner.
Select the workflow using the dropdown.
Optionally set the toggle for "Choose workflow per account" if you need to send different workflows to different access requesters.
Optionally check the box for "Set this Ironclad as the default NDA." You can always change your organization's default NDA provider in Settings -> NDA > "Default NDA option" dropdown.
SafeBase will check the Ironclad workflow settings to ensure the three required fields are set, and that the display names for those fields match the tag names exactly. An error message will show if one of the required fields is missing or incorrectly named. After the workflow's required fields are adjusted and the workflow is republished, SafeBase will check again and the error message will disappear.
Access Request Flow
When an access request is submitted on your Trust Center, you can approve it through manual review or automated rules. As part of that approval step, you will assign the requester to an Account. You can choose an existing Account, or create a new one. When creating the Account, set the NDA provider to Ironclad.
When setting up the integration, you may have chosen to toggle the "Choose workflow per account" setting on. If so, choose the specific workflow for this Account. Then, click "Create account & approve request."
You will be returned to the Accounts page. Click into this new Account, which will be the first row in the Accounts table. You will see that SafeBase has triggered the Ironclad workflow. The status will move from "Creating" to "Launched."
You can click the "Refresh" button to ensure SafeBase is getting the latest workflow status from Ironclad. You can also click the "Open Ironclad" button to view the current state of the workflow.
The Account Member will receive an email from Ironclad indicating they must sign the NDA. When the Account Member submits their signature, SafeBase will check that the workflow has been completed and archived. Depending on your Ironclad workflow settings, you may need to complete additional review and/or archiving steps. Once the workflow is archived, the Account status will move to "Complete."
Troubleshooting
If SafeBase is unable to trigger the workflow, an error message will show, saying, "Something went wrong." Common causes include, but are not limited to:
additional required fields beyond the three mentioned above are included on the launch form
the workflow is unpublished or deleted
other fields or settings are misconfigured
the integration user in SafeBase is not the workflow owner in Ironclad
Inspect and remediate these issues in Ironclad if necessary. You can then click the "Try Again" button in SafeBase to retrigger the workflow.
It may also be necessary to disconnect the integration in SafeBase and remove the OAuth app from Ironclad, so you can start over.
Note: You must choose a different default NDA provider before you can disconnect Ironclad.
In SafeBase, go to Settings -> NDA, and click the small three-dot icon to the far right of the Ironclad integration row. Click the "Disconnect integration" button.
In Ironclad, click your avatar in the upper right corner of any screen, and choose "Manage my account."
In the Personal section in the left sidebar, choose "MyIntegrations."
Find the "SafeBase NDA Integration" listing. Click "Remove access." Click "Remove access" again in the modal.
NDA Bypass
If you are an Enterprise customer, you can work with SafeBase team members to write custom rules against your Ironclad account that will allow visitors to your Trust Center to bypass the NDA requirement. Please contact the SafeBase Technical Support team to start your request.