Workspace Tabs Reference
Detailed reference for every tab in the VaultLifecycle workspace: search and filters, Timeline, Signing, Delivery, Workflow, and Configuration.
The VaultLifecycle workspace is organised into a document list view with search and filters, plus a detail panel that opens when you select a document. The detail panel contains the following tabs.
Search & Filters
The search bar and filter panel appear above the document list and apply across all records loaded from the SharePoint Activity List.
Search
Full-text search runs substringof across the following indexed SharePoint columns:
| Column | Description |
|---|---|
Title | Document name / display title |
CorrelationId | Unique render correlation ID |
DocumentId | Business document identifier (e.g. invoice number, contract ID) |
ReferenceID | Batch ID — links child documents back to their parent batch |
RecipientEmail | Recipient email address for eSign and delivery documents |
Filters
| Filter | Description |
|---|---|
| Status | Filters by the document's current VPDFStatus value (e.g. Success, pending-approval, signed). |
| Activity Type | Filters by VPDFActivityType (e.g. Delivery, Workflow, eSignature). |
| Source System | Filters by the SourceSystem column — the identifier of the system that submitted the render request (e.g. D365_FO, BC, PowerAutomate). |
| Date From / To | Filters by the document's Created date in the Activity List. |
Saved Searches
Filter combinations can be saved and recalled by name. Saved searches persist across sessions per user. Use the save icon in the filter bar to store a filter set and load it from the saved searches menu.
Deep Links
VaultLifecycle supports deep links — SharePoint page URLs with query parameters that pre-populate the search and automatically open the workspace. This is useful for source systems (Dynamics 365, Business Central, Power Automate) to provide one-click navigation to a specific document's lifecycle view.
| Parameter | Effect |
|---|---|
?correlationId=<guid> | Pre-populates search with the Correlation ID — opens workspace directly to that document |
?batchId=<guid> | Pre-populates search with the Batch ID (searches the ReferenceID column) |
?q=<text> | Pre-populates the search field with arbitrary text |
?sourceSystem=<value> | Pre-populates the Source System filter (e.g. ?sourceSystem=D365_FO) |
Parameters can be combined: ?batchId=<guid>&sourceSystem=D365_FO
Supported entry points:
- Home.aspx (dashboard web part):
https://your-site/SitePages/Home.aspx?batchId=082ab853-... - List-view pages with the VaultLifecycle command set extension installed
CorrelationId and BatchId are globally unique UUIDs — no sourceSystem qualifier is needed to identify a specific record via GUID.
Deep links do not bypass access control
SharePoint authentication, list permissions, admin role resolution, and item-level visibility (VPDFRestrictionMap) all apply identically whether the workspace opens via a button click or a deep link. A user who cannot see a document normally will see zero results from a deep link for that document. See the Security page for the full enforcement model.
Timeline Tab
The Timeline tab shows a chronological, expandable event log for the selected document. Events are loaded from the immutable VaultAudit JSONL blob for the document's correlationId.
Timeline Views
The timeline supports four filtered views based on event severity. Select a view from the toolbar above the event list.
| View | Severities Shown | Audience |
|---|---|---|
| Executive | information, compliance | Senior leadership, document owners |
| Compliance | compliance, security | Compliance officers, auditors |
| Security | security, failure | Security teams, risk reviewers |
| Full | All severities | Administrators, support |
Level 1 Timeline Events
Level 1 events are the business and compliance milestones shown in the timeline. Each event displays a product label, severity badge, and timestamp. Only Level 1 events appear in the filtered views above.
Render Events — VaultPDF
| Event Type | Display Title | Severity |
|---|---|---|
generated | Document Generated | information |
failed | Render Failed | failure |
Audit Events — VaultAudit
| Event Type | Display Title | Severity |
|---|---|---|
integrity-validated | Integrity Verified | compliance |
accessibility-checked | Accessibility Verified | compliance |
archived | Archived to Immutable Storage | compliance |
verified | Integrity Re-verified | compliance |
reproduced | Document Reproduced | compliance |
evidence-exported | Evidence Exported | compliance |
revoked | Access Revoked | security |
Workflow Events — VaultWorkflow
| Event Type | Display Title | Severity |
|---|---|---|
workflow-initiated | Submitted for Review | governance |
workflow-approval-requested | Sent for Approval | governance |
workflow-changes-requested | Changes Requested | governance |
workflow-resubmitted | Resubmitted | governance |
workflow-approved | Approved | governance |
workflow-rejected | Workflow Rejected | failure |
workflow-cancelled | Workflow Cancelled | governance |
workflow-sealed | Document Sealed | compliance |
Signing Events — VaultESign
| Event Type | Display Title | Severity |
|---|---|---|
sent-for-signature | Sent for Signature | information |
otp-verified | Identity Verified | security |
document-signed | Document Signed | compliance |
Delivery Events — VaultDelivery
| Event Type | Display Title | Severity |
|---|---|---|
delivery-created | Document Delivered | information |
Redact Events — VaultRedact
| Event Type | Display Title | Severity |
|---|---|---|
document-protected | Document Protected | compliance |
Level 2 Sub-Event Trails
Two Level 1 events carry expandable sub-event trails that surface the full operational detail of the underlying session. Sub-events are always written to the audit log but do not appear in Executive or Compliance filtered views — they are accessible only by expanding the parent event.
Document Signed — eSign trail
Expanding a document-signed event reveals the complete eSign session trail for that signer slot:
| Step | Sub-Event |
|---|---|
| 1 | Session Created |
| 2 | Invitation Sent |
| 3 | Signer Opened Portal |
| 4 | OTP Challenge Issued |
| 5 | OTP Verified |
| 6 | Document Signed |
| 7 | Evidence Package Generated |
| 8 | Session Closed |
Document Delivered — Delivery trail
Expanding a delivery-created event reveals the complete delivery session trail for the recipient:
| Step | Sub-Event |
|---|---|
| 1 | Session Created |
| 2 | Notification Sent |
| 3 | Delivery Link Opened |
| 4 | Identity Verified |
| 5 | Document Downloaded |
| 6 | Session Completed |
Workflow detail
Workflow operational events (Step Submitted, Step Advanced, Approver Opened Task, Seal Initiated) appear as sub-events of the preceding workflow milestone in the Full view rather than as standalone Level 1 entries.
Expanding Event Details
Every Level 1 event can be expanded to show extendedDetails — a key-value panel with additional context such as file size, hash values, engine version, hashed IP addresses, slot index, and signing mode. Sub-event trails expand within the same panel.
Signing Tab
The Signing tab shows the VaultESign session for the selected document, if one exists.
Session Overview Panel
| Field | Description |
|---|---|
Session ID (groupId) | Unique signing group identifier. |
| Signing Mode | single, sequential, or parallel. |
| State | Current session state (see Session States). |
| Total Signers | Number of signing slots in the session. |
| Completed Signers | Number of slots in signed state. |
| Created | Session creation timestamp. |
| Expires | Session expiry timestamp. |
| Sealed At | Timestamp when the final signed PDF was produced (if complete). |
Signer Slot Table
Each slot in the session is shown as a row:
| Column | Description |
|---|---|
| Slot | Zero-based slot index. |
| Role | Slot role from the PDF template (e.g. vendor, manager). |
| State | Current slot state. |
| Activated | When the signer first opened the portal. |
| Signed | When the signer completed their slot. |
| IP | Hashed signer IP (shown as last 4 chars for identification only). |
Actions
- Resend Invitation: Resends the signing invitation email to a pending slot. Subject to rate limiting (one resend per slot per 10 minutes).
- Revoke Session: Cancels the entire signing session. Pending slots become inaccessible.
Delivery Tab
The Delivery tab shows all VaultDelivery sessions associated with the selected document.
Session List
Each delivery session is shown as a card with:
| Field | Description |
|---|---|
| Delivery ID | Unique session identifier. |
| Recipient | Recipient display name and role. Email is not displayed (privacy). |
| Mode | secure-email, sharepoint, or both. |
| State | Current session state (pending, opened, downloaded, expired, revoked). |
| Created | Session creation timestamp. |
| Expires | Session expiry timestamp. |
| Opened At | When the recipient first opened the delivery portal. |
| Downloaded At | When the recipient first downloaded the document. |
Actions
- Revoke Session: Immediately revokes a delivery session. The recipient's access link becomes invalid.
- New Delivery: Opens a form to create a new delivery session for the current document. Requires the document's
pdfBlobPath.
Workflow Tab
The Workflow tab shows the VaultWorkflow instance associated with the selected document, if one exists.
Instance Overview
| Field | Description |
|---|---|
| Workflow ID | Unique workflow instance identifier. |
| Title | Workflow title (e.g. document or reference number). |
| State | Current workflow state (see Workflow Lifecycle States). |
| Steps | {completedSteps} / {totalSteps} steps submitted. |
| Approval Stage | {currentStage} / {totalStages} approval stages completed (multi-stage routing). |
| Validation | Outcome of the most recent validation run (passed / failed). |
| Created | Workflow creation timestamp. |
| Last Updated | Timestamp of the most recent state change. |
| Completed At | Timestamp when the workflow reached complete or was cancelled. |
Validation Results Panel
When validation has run, the Workflow tab shows each rule result:
| Column | Description |
|---|---|
| Rule ID | Stable identifier from the schema. |
| Description | Human-readable rule description. |
| Status | passed or failed. |
| Severity | error or warning. |
| Message | Failure message shown to participant/approver. |
| Field | Associated field key (if declared in the schema). |
For numericTolerance rules with expandableDetails: true, the panel shows an expandable comparison row with left/right values, variance, and tolerance threshold.
Change Requests Panel
When the workflow is in changes-requested state, each change request raised by the reviewer is listed:
| Column | Description |
|---|---|
| Message | Correction instruction from the reviewer. |
| Field | Associated field key (for portal highlighting). |
| Severity | info, warning, or error. |
| Category | Optional grouping label. |
| Due Date | Optional date by which the correction should be made. |
| Resolved At | Timestamp when the participant addressed this item. |
Configuration Tab
The Configuration tab provides technical metadata and operational configuration for the selected document.
Technical Details Panel
| Field | Description |
|---|---|
| Correlation ID | Unique render correlation ID. |
| Engine Version | VaultPDF engine version used to render the document. |
| Template Path | Blob Storage path of the .vpdf template. |
| Payload Path | Blob Storage path of the JSON render payload. |
| Render Queue | Queue used for this render (priority, standard, or low). |
| Render Mode | real-time or async. |
Trust Status
The Trust panel shows the computed trust posture for the document:
| Status | Description |
|---|---|
trusted | SHA-256 hash verified, no tamper indicators, immutable archive present. |
verified | Hash verified but immutable archive not enabled. |
unverified | Hash not yet verified since last status update. |
tampered | Hash verification failed; document content does not match the stored hash. |
pending | Verification in progress. |
Related Files Panel
Links to all artefacts associated with the document:
| File Type | Description |
|---|---|
final-pdf | The rendered (and optionally signed) PDF document. |
certificate | VaultESign evidence certificate (if signing completed). |
accessibility-report | Section 508 accessibility trace report (if enabled). |
evidence-bundle | VaultAudit .vpdf immutable archive package. |
reproduced-original | Re-rendered PDF from the .vpdf archive (if a reproduction has been run). |
Operational Actions
| Action | Description |
|---|---|
| Verify Integrity | Triggers an on-demand SHA-256 verification against the stored hash. |
| Archive Document | Appends an archived event to the audit log for this document. |
| Export Evidence | Exports the full audit JSONL event stream as a downloadable JSON file. |
| Reproduce Document | Re-renders the document from the .vpdf archive and compares the output hash to the original. |
Back to VaultLifecycle Overview
Learn about data sources, document status values, and the SharePoint Activity List.
VaultLifecycle
VaultLifecycle is a SharePoint-hosted workspace that provides a unified operational view of every document generated by Vault Platform, with search, filters, timeline, signing, delivery, workflow, and configuration in a single interface.
VaultAudit
VaultAudit is the cross-product audit intelligence layer of Vault Platform. Every lifecycle event across VaultPDF, VaultESign, VaultDelivery, VaultWorkflow, and VaultRedact is recorded in an immutable, tamper-evident timeline that answers compliance and governance questions in a single view.