Back to projects

Enterprise platform

Enterprise Digital Stamping & Verification

React & Django External Identity Provider (SSO) PDF pipeline Document authenticity verification

A full-stack platform that digitises contract stamping and signing: drag-and-drop stamp placement on multi-page PDFs, async bake jobs via a background job worker, embedded authenticity metadata, watermark footers, and a public verification endpoint — gated by SSO with local app access control.

Enterprise Digital Stamping and Verification
PDF stamping editor mockup Async PDF bake pipeline mockup Public verification mockup

Contract execution relied on printing hundred-page documents, physically stamping every page, and scanning them back into records. The process was slow, and tracking signature authenticity — especially when multiple signers applied stamps sequentially — was error-prone and difficult to audit.

Engineering PDFs often exceeded standard page sizes and page counts, requiring smart grouping by dimensions and asynchronous processing so the editor remained responsive while bakes ran in the background.

Authentication is delegated to the External Identity Provider (SSO) with a local access table — a valid SSO token alone is insufficient; users must be provisioned with active app roles. The React editor loads pages lazily; placements store percentage coordinates with apply-to modes (all pages, ranges, size groups).

  • Bake pipeline: A background job worker merges stamp overlays, optional content layers, footer watermarks, and embedded authenticity metadata into output PDFs; progress is polled from the API.
  • Tamper evidence: Each baked document carries a visible footer, embedded authenticity metadata JSON, and a SHA-256 hash stored against the job record.
  • Verification: A public page reads metadata first (fast path), falls back to footer text scan, and cross-checks the hash — no login required; no visitor IP stored (PDPA-friendly).
  • Governance: Audit logs, soft-delete with scheduled purge, folder organisation, and sys-admin user provisioning synced from the corporate directory.
Digital stamping platform architecture diagram

Click diagram to zoom

The platform eliminated the print-stamp-scan bottleneck. Users place resizable stamps and signatures on grouped page tabs, trigger async bakes for large documents, and download tamper-evident outputs. A separate verification portal lets anyone confirm document authenticity without accessing the editor.

Composite stamp-plus-signature mode and per-page geometry overrides support complex contract layouts while preserving prior signer metadata chains when subsequent signers add their stamps — a critical compliance requirement for multi-party agreements.

Synthetic demonstration

Place a stamp on a sample contract page and run a fake async bake job. Responses mirror the production editor and bake pipeline contracts — no PDF worker or storage service is contacted.

Raw middleware response


                

              


              

                Case study describes architecture patterns; production deployments connect to governed enterprise identity and document storage services.
              

            

          

        

      

    


    

    

    

      
      Enlarged view