Developer Features in 23R3

We are pleased to bring you the following additions and enhancements to Developer Portal features in 23R3. REST API features added in 23R3 only affect API v23.3, unless otherwise noted.


Release Date: September 22, 2023

REST API v23.3

Intelligent Document Update

Vault will now only update document metadata if any changes have been made. Prior to this release, if a record was saved without any changes being made, it would count as an update. As a result, all document update related transactions would occur, such as updating the Last Modified Date and creating an audit trail entry. In 23R1.2, these transactions will no longer occur for no-change saves.

With API v23.3 or later, if an API call to upsert or update documents results in no changes, the API response will include a warning of either No changes in values - document not updated (for single records) or No changes in values - one or more documents not updated (for multiple documents). In this case, the record’s Last Modified Date is not changed (v23.2 or later), and Vault does not create an event in the Document Audit History (all versions).

Additional Sandbox Sizes in Vault

We are further adjusting sandbox sizes as shown in the table below. These changes are in response to working with and listening to customers as they refine their environment management process.

Snadbox Size Use Object Record Support Document Version Support Snapshots Included
Small Personal
0 - 100 K 0 - 10 K 2 snapshots 4
Medium Shared Dev,
Test, UAT
100 K - 1 M 10 K - 100 K 2 snapshots 2
Large Migration
1 M - 10 M 100 K - 1 M 2 snapshots,
Limited size*
Very Large Migration
10 M - 100 M 1 M - 10 M 2 snapshots,
Limited size*
Extra Large Migration
100 M - 500 M 10 M - 50 M 2 snapshots,
Limited size*
Full Migration
No Limit No Limit 2 snapshots,
Limited size*

*Snapshots on Large, Very Large, Extra Large, and Full sandboxes are limited to 10 million records and 100,000 document versions.

With API v23.3, the Retrieve Sandboxes endpoint will now return new size values for “Medium”, “Very Large”, and “Extra Large” sandbox sizes.

    "responseStatus": "SUCCESS",
    "data": {
        "entitlements": [
                "size": "Extra Large",
                "available": 1,
                "allowed": 2,
                "temporary": 0

Configuration Data Attribute for Objects

Developers will now have the ability to confirm which objects will have object records copied when generating a sandbox vault. If configuration_data is true, object records of this type will be copied. If false, they will not.

This attribute will appear in responses from the following endpoints:

GET /api/{version}/metadata/vobjects/{object_name}

GET /api/mdl/components/{component_type_and_record_name}

EDL: Atomic Security for EDL Item Actions

In 23R2.3, Admins will now have the ability to leverage Atomic Security on EDL Item Actions and Controls. With this change, The following endpoints will require that the executing user has the appropriate permissions through Atomic Security, in addition to their Security Profile:

POST /api/{version}/objects/edl_matched_documents/batch/actions/add

POST /api/{version}/objects/edl_matched_documents/batch/actions/remove

POST /api/{version}/vobjects/edl_item__v/actions/createplaceholder

Workflow Due Date

Workflow date prompts in the start step can now be set as the workflow due date, enabling the workflow to track its own due date in addition to task due dates. This gives workflow owners better visibility into the timelines for active workflows. Task due dates that are configured with the workflow due date as their date can be updated in a single action from the Active Workflow actions and from the Retrieve and Initiate Workflow Action REST APIs, and Workflow Action Java SDK.

This feature is not applicable to legacy workflows.

Workflow Segregation of Duties

Workflows now provide the option to enforce policies that preclude certain users from completing tasks in the workflow based on their role membership or their task completion history in the same workflow. This can help mitigate non-compliance issues during one or two stage approval workflows on GxP content. To facilitate this, the Objectworkflow component type now has two new attributes that specify if these policies are enabled:


When querying document roles in VQL, developers may see a role of External Viewer. This is a system-managed role, with no assigned permissions, granted to non-Vault recipients via Send as Link. It is not available as a query target.

Learn more about Send as Link in Vault Help.

The 23R2 release introduced the ability for Admins to configure how text and number field values should be displayed in Vault using format masks. To support format masks in API v23.2, Query Describe in VQL includes a format_mask attribute for text and number fields. A new VQL function, TODISPLAYFORMAT(), returns the formatted value of text fields, number fields, formula fields (where the return type is Text or Number), and lookup fields (that are looking up text or number field values). With 23R3, Admins can now use the Display Format functionality to configure format masks on text fields to wrap any entered text as “mailto” hyperlinks using a new EmailFormat() function. In API v23.3, when querying fields are configured to use the EmailFormat() function, and the TODISPLAYFORMAT() function is leveraged, the returned values will be in the email format.


SELECT id, email__sys, TODISPLAYFORMAT(email__sys) AS email_formatted
FROM person__sys


    "responseStatus": "SUCCESS",
    "responseDetails": {
    "pagesize": 1000,
    "pageoffset": 0,
    "size": 1,
    "total": 1
    "data": [
            "id": "V0D000000001001",
            "email__sys": "",
            "email_formatted": "<a href=\"\"></a>"

This function is not supported in WHERE clauses. By default, queries that do not use this function return the raw field value. Learn more about TODISPLAYFORMAT().

The Vault Java SDK returns the raw field value.

Learn more about format masks in Vault Help.

Vault Java SDK

Object Attachments for SDK

Developers can now create, update, and delete object record attachments using SDK. Attachments can be created from existing document content, document attachments, document renditions from any SDK entry point, and from email content and email attachments inside email processors.

Object References in Field Rules

Field Rules can now be configured with a Target Field Lookup (target_field_lookup) that allows admins to configure object reference lookups to be used when evaluating field rules. For example, Admins can configure a field rule for a child object that uses parent__cr.name__v for an object reference instead of using IDs. This eliminates the need to maintain reference lookup values, and instead developers can code their integrations to dynamically resolve object references.

Annotation Service: Create, Edit, Delete

AnnotationService has been enhanced to allow developers to create, edit, and delete document annotations using Vault Java SDK. Previously, only read access was available. This improvement allows developers to solve complex business requirements and build automation for annotations.

Learn more about Annotation Service.

Email to Vault SDK: Inbound Email Address in EmailProcessorContext

With v23.2.3, the EmailProcessorContext interface has been enhanced to include a new method, getInboundEmailAddress(). This method allows developers to access the name of the inbound email address component in custom SDK code.

Learn more about Email Processors.


Document Reference: Latest Steady State Version

When configuring Document Reference fields on Objects, Admins will have a new version binding option called Latest Steady State Version. To support this functionality, Object field MDL now supports a third value option, latest_steady_state_version, for the document_version_reference attribute. This option behaves similarly to the latest option, except that it will only update its reference if the new version is in a steady state.

Prevent Custom Triggers

Developers will now see a new attribute called triggers_allowed, which allows them to see whether or not custom triggers are allowed on a given object. This attribute is read-only.


Release Date: August 25, 2023

REST API v23.3

Skip Object Lifecycle Event Actions in Record Migration Mode

With v23.3, Vault now skips Create Record object lifecycle event actions when objects are created via the Create Object Records API with the X-VaultAPI-MigrationMode header enabled. Create Record event actions will continue to execute in API v23.2 and below.

POST /api/{version}/vobjects/{object_name}

When migrating data, event actions are generally not applicable, and any required data should be included in the migration process. Skipping these via Record Migration Mode provides a consistent data migration process that matches Document Migration Mode.

Enhanced Document Role Assignment

With v23.3, the following endpoint now supports the removal of users from document roles that are controlled by Dynamic Access Control (DAC):



Previously, users could be manually added to a role that is controlled by DAC, but Vault would prevent the removal of those manual assignments. With this enhancement, we are simplifying this and making the behavior consistent.


FAVORITES and RECENT for Objects

VQL now supports additional query target options, FAVORITES and RECENT. These will allow developers to execute VQL queries on objects using the Vault REST API and filter the results to object records that have been marked as favorite (FAVORITES) or most recently viewed object records (RECENT).

Support for VQL queries on favorite and recent documents was added in a prior release; this extends the capability to allow developers to perform similar queries on objects.

Vault Java SDK

Evaluate Field Rules: Reference Lookups & Default Values

When evaluating field rules using IntegrationRuleService#evaluateFieldRules, if the field rule configures a reference lookup and a default value, Vault now returns the default value instead of an error when there is no match in the reference lookup.

This applies when:

This enhancement helps reduce unnecessary errors and user exception messages in Vault connections.

We encourage developers to review their code and configuration to ensure their field rules are evaluated properly.

Vault Java SDK: Object Type Metadata Service

Developers can now access object type and object type field metadata with the Vault Java SDK. This allows custom SDK code developers to write object type specific logic without using VQL or REST API to retrieve object type metadata.

This feature adds several new interfaces in the data package as well as the following new methods in ObjectMetadataService:

These new methods and interfaces mirror those already available for object and object field metadata.

Workflow & Lifecycle SDK Updates

The Vault Java SDK now supports execution of active workflow actions. You can view the available actions in the new WorkflowAction Enum, which include:

In addition, ObjectLifecycleStateUserActionService now supports execution of start workflow lifecycle user actions.

Language & Region for VaultInformationService

VaultInformation now supports retrieving the following Language & Region Settings from Vault: