Developer Features in 23R1

We are pleased to bring you the following additions and enhancements to Developer Portal features in 23R1. REST API features added in 23R1 only affect API v23.1, unless otherwise noted.

Service Announcements

SAML/Spark Certificate Rollover

Release Dates:

Vault is scheduled to rollover the signing certificate used to sign SAML Single Sign-on requests and Spark messaging connections. There is no expected downtime.

Your IT organization must ensure that the new certificate is configured on your Enterprise Identity Provider system prior to the New Certificate Rollover Event on March 3, 2023. Please ensure that your Spark messaging integrations do not cache the old certificate. Failure to utilize the new certificate by this date may cause login issues for SAML users, and Spark messaging integrations may fail.

Learn more about the action required for the certificate rollover process in Vault Help.

Vault Java SDK Service Account

Release Date: 23R1.0; April 21, 2023

In 23R1, Vault will permanently enable the Run Custom Code as Java SDK Service Account feature with the following expected behavior:

This feature is auto-on and cannot be disabled.


Release Date: 23R2; August 2023

In 23R2, Vault will enable support for the HTTP/2 protocol. Developers can choose to use HTTP/2, but upgrading is not required.

Before Vault begins supporting HTTP/2, developers should evaluate existing integrations that might be designed to auto-upgrade their HTTP protocol for compatibility with HTTP/2. For example, HTTP/2 returns all API headers as lowercase, which may be an issue if an existing integration is expecting case-sensitive header values.

REST API v23.1

New Endpoints

Sandbox Sizes

Release Date: December 15, 2022

This feature introduces two new sandbox sizes, “Small” and “Full”. Existing Sandboxes will be categorized as “Large”. The size of a sandbox determines the amount of data a sandbox can store. Admins can interact with sandboxes using new endpoints.

The new Recheck Sandbox Usage Limit endpoint allows Admins to recalculate data usage of a sandbox Vault.

POST /api/{version}/objects/sandbox/actions/recheckusage

The new Change Sandbox Size endpoint allows Admins to change the size of a sandbox Vault.

POST /api/{version}/objects/sandbox/batch/changesize

Sandbox Snapshots

Release Date: December 15, 2022

A sandbox snapshot is a copy of a sandbox Vault that can store configuration and optionally data at a given point in time. Snapshots can be used to create or refresh sandbox Vaults. Admins are able to interact with snapshots using the following new REST API endpoints:

The Create Snapshot endpoint creates a snapshot for a sandbox by providing a source sandbox.

POST /api/{version}/objects/sandbox/snapshot

The Retrieve Snapshots endpoint retrieves information about snapshots managed by the authenticated Vault.

GET /api/{version}/objects/sandbox/snapshot

The Delete Snapshot endpoint deletes a snapshot for an active sandbox.

DELETE /api/{version}/objects/sandbox/snapshot/{api_name}

The Upgrade Sandbox Snapshot endpoint upgrades a snapshot to match the release version of the source sandbox Vault.

POST /api/{version}/objects/sandbox/snapshot/{api_name}/actions/upgrade

The Update Snapshot endpoint recreates a new snapshot for the same sandbox Vault. This action replaces the existing snapshot with the newly created one.

POST /api/{version}/objects/sandbox/snapshot/{api_name}/actions/update

The existing Create or Refresh Sandbox endpoint can create a sandbox from the available snapshots with the new source_snapshot parameter.

POST /api/{version}/objects/sandbox

The Refresh Sandbox from Snapshot endpoint refreshes a sandbox from a snapshot.

POST /api/{version}/objects/sandbox/{vault_id}/actions/refresh

Existing Endpoints

Event Filter for Document Audit API

Release Date: February 10, 2023

To provide parity with document audit trails generated in the Vault UI, the Retrieve Audit Details API now supports filtering based on events when retrieving document_audit_trail details. Add the events parameter and provide a list of the events you want to filter on. For example, to retrieve audit details for documents where either a single version or all versions have been deleted:

GET /api/{version}/audittrail/document_audit_trail?events=DocSingleVersionDeleted,DocAllVersionsDeleted

You can find a list of supported document audit events in Vault Help.

Object Record Support for Picklist as idParam

Release Date: December 15, 2022

This enhancement allows developers to use a picklist field as the idParam when upserting, updating, or deleting object records through the Vault Loader API or the Vault Objects API.

Assign Users & Groups to Roles on a Single Document

Release Date: March 9, 2023

In API v23.1+, the Assign Users & Groups to Roles on a Single Document API supports assigning users and groups to roles with Dynamic Access Control (DAC) enabled.

POST /api/{version}/objects/documents/{id}/roles

However, If you need to assign users and groups to roles on more than one document or binder, it is best practice to use the corresponding bulk API.

Single Document Publishing: Document Deletion API Validation

Release Date: February 10, 2023

With this release, the Delete Single Document and Delete Single Document Version APIs now perform validation when attempting to delete documents with Publish for Veeva CRM (CLM) set to Yes. This provides parity with the Vault UI and prevents deletion when the document is associated with one or more object reference.

Object Workflow API Requests for Field Prompts with Required Fields

Release Date: December 15, 2022

In API v23.1+, object workflows now require values for required field prompts when starting a workflow and completing a task.

Facetable Created By and Modified By Fields

Release Date: March 9, 2023

The created_by__v and modified_by__v fields are now facetable just like any other object reference fields that point to the user__sys object.

Migration Mode for Record Update and Upsert

Release Date: February 10, 2023

This enhancement allows API users to update and upsert object records to any lifecycle state, bypassing validation rules for migrating records into Vault from an external system.

Application-Specific Endpoints

Populate Site Fee Definitions

Release Date: February 10, 2023

Given an existing study with Site Fee Definitions or an eligible Site Fee Template, Vault Payments customers can now automatically generate Site Fee Definitions for a new study. Developers can also initiate this action with the new Populate Site Fee Definitions API:

POST /api/{version}/app/clinical/payments/populate-site-fee-definitions

Deprecated: New Submissions Archive Viewer

Release Date: February 10, 2023

With this release, we’re deprecating the Retrieve SubmissionsArchive Binder API endpoint. As of 22R3.4, the new Submissions Archive Viewer does not rely on the binder for the hierarchy structure, making this endpoint obsolete.

GET /api/{version}/vobjects/submission__v/{submission_id}/actions/viewer

Vault Loader

Vault Loader Support for Record Migration Mode Update and Upsert

Release Date: February 10, 2023

API users of Vault Loader can now leverage Record Migration Mode to update and upsert records in a non-initial state while bypassing reference constraints and validation rules.

Vault Loader Support for MAXROWS and SKIP

Release Date: December 15, 2022

With this release, Vault Loader users can now leverage the MAXROWS and SKIP VQL clauses to page through and retrieve large record sets. This feature is supported in the Vault UI, CLI, and API.


Query Governor: Timeout Rule

Release Date: February 10, 2023

To ensure Vault performance, Vault now enforces a new timeout rule. When VQL queries fail due to timeout, Vault will prevent the same query from being executed again for 24 hours. This change only applies to v23.1+ and does not affect existing integrations.

Learn more about query performance and VQL transaction limits.

Query Governor: Duplicate & Slow Unfiltered Rules

Release Date: March 9, 2023

For Vault stability, VQL now returns WARNING when the same query is executed more than once in a 5-minute fixed period. Integrations should avoid unnecessary VQL queries. Additionally, long-running queries without a WHERE clause now return WARNING with the recommendation of adding filters for better query performance. This change only applies to v23.1+ and does not affect existing integrations.

Learn more about query performance.

Query Governor: Manual Pagination Rules

Release Date: December 15, 2022

Query Governor now returns a response status of WARNING when it detects manual pagination and FAILURE when manually paginating more than 10k records. Manual pagination is the use of PAGEOFFSET in the query string. Instead of manual pagination, developers should use the next_page and previous_page URLs returned in the responseDetails of the query response. This change only applies to v23.1+ and does not affect existing integrations.

Vault Java SDK

System Managed Connections

Release Date: December 15, 2022

Standard Vault Connections will no longer be referenceable in custom Java SDK code because each is now set to “System Managed”.

Notifications SDK: Send In-App Notifications or Email Notifications Only

Release Date: February 10, 2023

Developers can now choose to send in-app notifications only or email notifications only by using the setNotificationMode() method in the NotificationParameters interface. The setNotifyByEmailOnly() method is deprecated in this release.

SDK Initiating User and Request Owner

Release Date: February 10, 2023

Developers have access to two new SDK Request Context Users: Initiating User and Request Owner. Initiating User will always return the “user-at-the-keyboard” unless the SDK request is initiated by Vault (scheduled job). Request Owner gives developers access to configured users such as Job and Message Processor Owners. Additionally, users can use HttpService and execute local API requests as these new users. Current User has been deprecated and is discouraged from use.

Learn more about Request Context User Types.

Workflow Request Execution Context

Release Date: February 10, 2023

Developers can now determine if the current SDK Request is taking place during a workflow, and if so, gain access to the Workflow ID, Workflow Name, and the Workflow Owner ID. Learn more about Request Execution Context.

External Inbound Connections

Release Date: December 15, 2022

Vault now supports tracking inbound REST API integrations using External Connections. The URL field is no longer required during configuration to accommodate inbound only connections. Vault Admins can configure Connection Client records that allow developers to identify REST API integration using a unique Client ID.

Jobs: Support DateTimes as Trigger Date

Release Date: December 15, 2022

With this release, developers can leverage DateTime fields as triggers for Date Based Document and Object Operation type Jobs.

Multi-Record Workflow System Action Step Support for RecordAction SDK

Release Date: December 15, 2022

Multi-record workflows now support the execution of Vault Java SDK RecordActions in system action steps.

Record Trigger: Migration Mode Detection

Release Date: December 15, 2022

This enhancement allows developers to detect when a record trigger is invoked while the request is in was triggered within migration mode either through API or Vault Loader. Developers can use this to build new conditions, such as skipping any operations that would not be needed for migrated records.


Tab Collection

Release Date: December 15, 2022 This feature adds the Tabcollection component type. Admins can group related tabs together in a Tab Collection, such as tabs for certain roles or tasks. Users can then access the tab collection through the new Tab Collections menu in the Vault UI.