Signatory Client Portal in the Public Sector: A Practical Guide

The dematerialization of administrative procedures is accelerating in French local authorities and administrations. Since the entry into force of the "Public Action 2022" plan and the obligations arising from the eIDAS regulation, public organizations must offer smooth, secure and binding digital pathways. At the heart of this system: the signatory client portal, a dedicated portal allowing each user or partner to receive, view, sign and archive official documents online. This article details the concrete steps to create such a space in the public sector, the regulatory requirements to respect and best practices from the field.

Why the signatory client portal has become strategic for the public sector

The regulatory context and user expectations

In France, Ordinance No. 2014-1330 of November 6, 2014 regarding the right of users to contact the administration electronically laid the first foundations for a dematerialization obligation. Since then, the ESSOC law (2018), the 3DS law (2022) and successive inter-ministerial circulars have strengthened this dynamic. According to the dematerialization barometer published by DINUM in 2025, more than 87% of first-level administrative procedures are now available online, but only 54% integrate a legally valid electronic signature mechanism.

Users, for their part, no longer tolerate paper back-and-forth. An OpinionWay study from 2024 indicates that 72% of French citizens prefer to sign an administrative document online rather than travel, provided the system is simple and reassuring. The signatory client portal responds exactly to this expectation by offering a single point of access, secure and traceable for all dematerialized acts.

Differences from the private sector

Unlike the private sector, public organizations are subject to additional constraints: public procurement governed by the Public Procurement Code, deliberations subject to prefectoral legality control, civil status acts governed by the Civil Code. The level of electronic signature required varies depending on the nature of the document: a simple partnership agreement may settle for an advanced electronic signature (AES), while a notarial act or municipal council deliberation may in some cases require a qualified signature (QS) as defined in Article 26 of the eIDAS regulation.

To properly choose the appropriate level for each type of act, consult our comprehensive guide to electronic signature which details the three eIDAS levels and their conditions of use in the public sphere.

Steps to create a signatory client portal in a local authority or administration

Step 1 — Map document flows and stakeholders

Before deploying any tool, it is imperative to carry out a flow mapping. This phase consists of identifying:

• The types of documents involved (deliberations, public procurement, agreements, building permits, HR acts, etc.);
• Internal signatories (elected officials, managing directors, department heads) and external (contractors, associations, citizens, agents from other public entities);
• Annual volumes and contractual or regulatory deadlines associated with them;
• Existing information systems (specialty software such as SEDIT, CIVIL NET, CIRIL, Berger-Levrault) with which the client portal will need to interface.

This mapping allows you to define the functional scope of the platform and avoid duplication with tools already in place. It also determines the level of security and authentication to implement for each category of users.

Step 2 — Choose the technical solution adapted to public sector requirements

Choosing an electronic signature solution for the public sector responds to specific criteria that the private sector does not always impose with the same rigor:

1. Sovereign hosting: the public organization's data must be hosted in France or the European Union, on infrastructures certified HDS (if health data) or SecNumCloud (if sensitive data). ANSSI's SecNumCloud qualification has become a differentiating criterion since the Prime Minister's circular of July 5, 2021.
2. Interoperability: the solution must expose documented REST APIs compatible with RGI (General Interoperability Repository) and RGS (General Security Repository) benchmarks.
3. RGAA accessibility: by virtue of Law No. 2005-102 of February 11, 2005 and implementing decrees, public portals accessible to citizens must comply with the General Repository for Accessibility Improvement (RGAA 4.1) at a minimum AA level.
4. eIDAS compliance: signatures certificates must be issued by a qualified Trust Service Provider (TSP) listed on the European Trusted List published by the European Commission.

To compare the solutions available on the market according to these criteria, our comparison of electronic signature solutions offers an evaluation grid adapted to public buyers.

Step 3 — Configure the signatory client portal: authentication and user journey

The configuration of the signatory client portal rests on three technical pillars:

The authentication of signatories: the public sector has a structural advantage with FranceConnect+, the national digital identity system managed by DINUM. FranceConnect+ enables substantial or high authentication within the meaning of eIDAS, making signed acts binding without ambiguity. For external contractors (companies, associations), enhanced email authentication (OTP) coupled with documentary identity verification may be sufficient for intermediate-level acts.

The signature journey should be designed to minimize friction: email or SMS notification, direct access to the document from the dedicated space, content preview before signing, signature affixing in one or two clicks depending on the level required, and confirmation by timestamped certificate. Qualified timestamping (RFC 3161) guarantees document integrity and the certain date of signature, essential elements in case of dispute.

The management of delegations and validation circuits: in a local authority, an act often bears only a single final signature, but is preceded by an internal visa circuit. The signatory client portal must allow for the configuration of multi-step workflows (electronic parapheur) with delegation rules compliant with the organization's signature delegation order.

Step 4 — Ensure conservation and probative archiving

A signatory client portal is not just about signing: it must guarantee the evidential value of documents over time. The Heritage Code (Articles L. 211-1 et seq.) imposes on public organizations specific retention periods depending on the nature of acts (10 years for public procurement, unlimited duration for deliberations, etc.).

The standard NF Z 42-020 defines the requirements for an electronic archiving system with probative value (SAE). The signatory client portal must interface with the organization's SAE or natively offer a digital safe in compliance. The use of a certified third-party archiver allows you to externalize this obligation while maintaining the traceability required by the CNIL and administrative courts.

Note that signed documents remain accessible to each signatory from their personal space, in accordance with access rights provided for by GDPR and the CADA law.

Governance, training and change management in the public sector

Structure project governance

The deployment of a signatory client portal is a change and organizational transformation project as much as a technical one. Governance must involve:

• General management (DGS/DGA) for political sponsorship and validation of acts involved;
• The Information Systems Department (DSI) for technical integration and security;
• The Data Protection Officer (DPO), mandatory in public organizations since Article 37 of GDPR, to validate the impact analysis (DPIA);
• The legal department to map risks and validate the legal value of each category of dematerialized acts.

A quarterly steering committee, bringing together these stakeholders, allows you to adjust the deployment and prioritize document flows to dematerialize based on operational gains observed.

Train agents and external signatories

Adoption of a signatory client portal depends largely on the quality of change management. Public servants, accustomed to paper processes or heterogeneous tools, need short but targeted training: understanding the legal value of electronic signature, knowing how to identify a forged document, mastering the signature circuit in their area of responsibility.

For external signatories (service provider companies, subsidized associations), a simple user guide, accessible from the client portal itself, significantly reduces support requests. Modern platforms now integrate contextual tutorials and dynamic FAQs directly into the signature journey. The Certyneo Help Center offers, for example, educational resources adaptable to your internal communications.

Measure benefits and drive by data

The return on investment of a signatory client portal in the public sector is measured on several dimensions:

• Average signature time: dematerialization reduces the signature cycle on average from 7 to 14 days to less than 48 hours according to feedback from pioneering local authorities;
• Rate of lost or poorly archived documents: trending toward zero with an interfaced SAE;
• Direct costs: printing, postage, courier delays, reprocessing of non-compliant documents;
• Satisfaction of external signatories: measurable via an NPS integrated at the end of the signature journey.

These indicators feed the steering committee's dashboard and justify the progressive expansion of the dematerialized scope. To precisely estimate potential gains for your organization, our electronic signature ROI calculator allows for personalized projection in less than 5 minutes.

Legal framework applicable to the signatory client portal in the public sector

Implementing a signatory client portal in a French local authority or administration is part of a dense legal corpus, structured at several levels.

The eIDAS Regulation No. 910/2014 of the European Parliament and Council is the European foundation. It distinguishes three levels of electronic signature (simple, advanced, qualified) and requires that only qualified signature benefits from a presumption of reliability equivalent to handwritten signature in all Member States. For sensitive public acts, the use of a qualified certificate issued by a Trust Service Provider (TSP) registered on the European Trusted List is mandatory. eIDAS Regulation 2.0 (EU Regulation 2024/1183), in force since May 2024, strengthens these requirements by introducing the European Digital Identity Wallet (EUDIW), whose integration into public portals must be operational by 2026-2027 according to the Commission's schedule.

The Civil Code, in Articles 1366 and 1367, sets the conditions for validity of electronic writing in French law: reliable identification of the author and guarantee of document integrity. These conditions are fulfilled by the cryptographic mechanisms of advanced and qualified signatures.

GDPR No. 2016/679 requires any organization processing personal data (name, email, FranceConnect identifier of signatories) to conduct a Data Protection Impact Assessment (DPIA) prior to deploying the client portal, in accordance with Article 35 of the regulation. This obligation is reinforced for public organizations. The designation of a DPO (Article 37) is mandatory for all public authorities.

The General Security Repository (RGS v2.0), published by ANSSI, sets the security levels required for the State's and local authorities' online services. Signature platforms deployed in this context must be audited and, depending on the level of data sensitivity, qualified or certified by ANSSI.

ETSI standards technically frame signature formats: ETSI EN 319 132 (XAdES), ETSI EN 319 122 (CAdES) and ETSI EN 319 162 (PAdES for PDFs). PAdES format is recommended for public documents due to its native readability in standard PDF viewers.

The NIS2 Directive (EU 2022/2555), transposed into French law by Law No. 2024-449 of May 21, 2024, extends cybersecurity obligations to essential and important entities, including many public organizations (municipalities with more than 30,000 inhabitants, departments, regions, healthcare facilities). Signature platforms must be part of the organization's information systems security policy (PSSI) and be subject to incident reporting to ANSSI in case of breach.

Finally, the Public Procurement Code (Articles R. 2132-1 et seq.) requires dematerialization of public procurement above €40,000 excluding tax and requires electronic signature of commitment acts. Failure to comply with this obligation exposes the organization to a risk of nullity of acts and sanctions during prefectoral legality control.

Use cases: the signatory client portal in action in the public sector

Scenario 1 — An urban agglomeration community dematerializes its partnership agreements

An urban agglomeration community comprising about twenty municipalities manages over 350 partnership agreements annually with local associations, schools and private contractors. Before implementing a signatory client portal, each agreement required on average 18 days between internal validation and signature by both parties, with a document loss rate estimated at 4% (documents poorly archived or unsigned versions incorrectly kept).

After deploying a signatory client portal integrated with the existing business information system, the average signature time dropped to 3.5 days. Partner associations access their space via FranceConnect, receive an email notification as soon as a document is ready to sign, and find all their agreements archived in their personal space. The document loss rate has been zero since deployment. The estimated annual saving on printing costs, postage and administrative reprocessing exceeds €15,000, not counting the gain in agent time.

Scenario 2 — A department dematerializes public procurement orders from its departments

A county council processing over 1,200 public contracts per year (all thresholds included) faced signature deadlines incompatible with the operational constraints of its business departments. The paper circuit involved up to 7 internal stakeholders (instruction, legal visa, financial visa, signature by the president or delegated vice-president) before transmission to the contractor.

The implementation of an electronic parapheur integrated into the signatory client portal made it possible to configure multi-step workflows with automatic delegations in case of absence. The average internal circuit time dropped from 11 days to 2.8 days. The department also saw a 60% reduction in phone follow-ups to departments to find out the status of signatures. The client portal offered to external contractors allows them to sign the commitment acts directly from their interface, with a timestamped signature certificate automatically archived in the county's SAE.

Scenario 3 — A public health facility secures HR acts for its practitioners

A hospital group of approximately 1,200 employees (including 180 practitioners) managed its engagement contracts, amendments and temporary recruitment acts by mail or mandatory physical presence, creating delays incompatible with recruitment needs (guard replacements, medical temporary work).

The signatory client portal deployed for human resources now allows each practitioner or employee to receive, view and sign their contract from a secure portal, accessible from any terminal. Authentication is based on FranceConnect+ for permanent employees and documentary identity verification for temporary workers. The average time to position after verbal agreement dropped from 8 days (paper file processing time) to less than 24 hours. The facility also reduced HR file completeness errors by 40% thanks to guided forms integrated into the signature journey, in line with public hospital function recommendations.

Conclusion

Creating a signatory client portal in the public sector is no longer optional: it is a progressive regulatory obligation and a growing expectation of users and institutional partners alike. The approach rests on four inseparable pillars — flow mapping, choice of a sovereign and eIDAS-compliant solution, configuration of a fluid user journey, and probative archiving — supported by solid governance and rigorous change management.

Local authorities and administrations that have crossed this threshold observe measurable gains: signature times divided by five on average, reduced administrative costs and impeccable archiving quality. Certyneo supports public organizations at each stage of this project, from initial audit to operational deployment.

Ready to take the step? Contact our Certyneo experts for a free audit of your document flows and a personalized demonstration tailored to public sector constraints.