TracegenceNever fear a document audit again
Create a tenantCustomer login
Supplier portal

Suppliers upload without ever signing in.

A tokenized URL emailed to your supplier - they click, drop the file, done. Race-safe, use-bounded, audit-logged. The DCN-style "no password required" flow, with our typical attention to security primitives.

Shipping today
Create a tenantCustomer login
Supplier representative handing over a compliance document folder
Friction-free onboarding

No accounts. No passwords. Just a link.

Email your supplier a single tokenised URL. They click, see your name and the document you asked for, drop the file, and you receive a fully classified, validated, audit-logged upload - pre-tagged with the supplier name and folder you preset.

No supplier signup, no SSO debt, no "lost my password" tickets. The token is a 192-bit URL-safe value; we store its sha256 hash, not the value itself, so even a leaked DB row cannot replay an upload.

One click from email

Send the URL however suits you - your inbox, ERP, Slack. We have the supplier covered the moment they tap.

Token sha256-hashed

Plaintext returned to the admin once at create time. The DB stores only the hash. Zero plaintext-token replay risk.

Race-safe consumption

select_for_update on redeem. Two browsers can't double-spend a single-use token.

Pre-tagged routing

Pick the folder, doc type, supplier name when you create the link. Uploads land where you expect.

acme.tracegence.local/u/<token> Upload your CoAHi Acme Dairy -drop your March CoAbelow.Tap to uploadSubmitNo login required
0
Logins required
< 14d
Default token TTL

A supplier with their March CoA in one tab and your tokenised link in another. Total time to closure: about a minute.

For your team

  • โœ“ Generate per-supplier links from /supplier-links
  • โœ“ Set TTL (1โ€“90 days) and max uses per link
  • โœ“ Revoke instantly - token dies that millisecond
  • โœ“ Every redeem written to the audit log
Upload your CoA
Hi Acme Dairy - drop your March CoA below.
โฌ†
Tap to upload
No login required ยท token expires in 14d
0
Passwords
90s
Avg time to upload

For the supplier

  • โœ“ No account, no password, no SSO
  • โœ“ Mobile-friendly upload page
  • โœ“ Clear copy of who's asking and what for
  • โœ“ Confirmation when the upload lands

How the no-login upload actually works

Token

Random 192-bit token, sha256-hashed in DB

The token is random URL-safe bytes. We store only the hash - a leaked DB row is not sufficient to replay an upload. Plaintext token returned to the admin once.

TTL

Time-bound + use-bound

Default 14-day TTL, max 90 days. Default 1 use, configurable. Once the limit is hit the link silently stops working - no error message that leaks the existence of the supplier.

Race-safe

select_for_update on redemption

Two browsers redeeming the same single-use token simultaneously? One wins, one gets "already used". The use_count cannot drift past max_uses.

Audit

Every redeem written to the audit log

Token ID, supplier email, use number, max uses, document ID. Reviewable in the audit log UI; exportable as CSV.

Routing

Pre-tagged folder + document type

When you generate the link, pick the folder and the expected document type. Uploads land tagged correctly - no cleanup later.

Revoke

Instant revoke

One click on the supplier-links admin page. The token is dead from that millisecond - even if the supplier already has the URL open in another tab.

The link lifecycle, clickable

Each stage is a real endpoint. Click through to see what runs at each point - and what we do to keep the token race-safe.

01

Generate

You enter supplier email, expected doc type, folder, optional note. We generate a 192-bit URL-safe token, sha256 the hash, store the row, return the plaintext URL once.

POST /supplier-upload-links
1 / 6

Detail: each stage in plain English

  1. 01

    Admin creates link

    You enter the supplier email, the expected doc type, the folder, optional note. We generate the token, sha256 the hash, store the row, return the URL once.

    POST /supplier-upload-links
  2. 02

    Email goes out

    You email the URL to your supplier. (We can also send it for you when SES inbound is wired in P1.)

    mailto: from your inbox
  3. 03

    Supplier clicks

    Public page (no auth) verifies the token is usable, shows your supplier their name and the expected document type, plus the note you wrote.

    GET /public/supplier-upload/<token>
  4. 04

    Supplier uploads

    They drop the PDF. The same upload pipeline as a logged-in user runs - OCR, classify, validate, score, audit-log.

    POST /public/supplier-upload/<token>
  5. 05

    Token consumed

    used_count incremented atomically. last_used_at stamped. If max_uses hit, the link silently stops resolving on the next visit.

    select_for_update
  6. 06

    Document lands in queue

    In your repository tagged with the supplier name, the folder, the doc type - pre-routed for your reviewer.

    /

Send one link, get clean uploads.

Try it: create a tenant, generate a supplier link, watch how the upload arrives pre-tagged.

Create a tenantCustomer login