← Shape library
Share it

Access-Controlled Recipient Delivery

Know exactly who saw your document and when.

Delivers a specific artefact to named recipients via a permissioned link or portal, then tracks who viewed, downloaded, or forwarded it. Expiry and revocation are built in — you stay in control after sending, replacing email-and-attachment with visible, revocable delivery.

Shape

ARTEFACTdocumentexpiry · permsPORTAL/share/7fa2/share/k83p/share/9qr1/share/v2nm/share/x4t9recipient 1viewedrecipient 2viewedrecipient 3openedrecipient 4pendingview · revoke · expire · audit

Operational dimensions

Requires approval

Each output waits on a human decision.

Event-triggered

Fires when an upstream condition occurs.

Low data gravity

Light state; replaceable any time.

Writes outbound

Emits to external systems; does not read them.

Inputs

  • artefact (document, deck, video, file, dataset)
  • named recipient list with permission level
  • expiry and revocation policy
  • optional watermarking or download restrictions

Outputs

  • recipient-scoped access grant (link / portal page)
  • per-recipient view / read / download event stream
  • revocation and expiry state
  • delivery audit log

Mechanism

Delivers a specific artefact to specific named recipients via an access-controlled link / portal, with permission, view/read tracking, expiry, and revocation — the delivery+access primitive distinct from publishing a surface.

Why this is a primitive

Cannot be decomposed — the operation is one act of point-to-named-recipient delivery with access control: identify recipients, grant scoped access (link / share / portal), track view / read / download events, expire and revoke. Strip access control and you have a public publishing surface; strip recipient targeting and you have a broadcast list; strip view tracking and you have a file dropbox. The combination of named-recipient + permissioned + tracked is what the buyer pays for.

Where it shows up

Sales team — sends a proposal deck to a prospect via a tracked link, gets notified when each stakeholder opens it, and revokes access after contract close
Investment firm — distributes a confidential data room to named LP recipients with per-recipient view tracking and automatic link expiry
Client services team — delivers a monthly performance report to each client via a secure portal page without a shared inbox or file server

Related primitives

Composes with
Classificatory InferenceTelemetry-Driven Refinement LoopMulti-Role Live Operational SurfacePublished Surface (Documentation / Knowledge Site)Collaborative Document WorkspaceWorkflow Routing & GatingLong-Form Prose AuthoringSlide / Deck Artefact GenerationScheduled Outbound Distribution
Alternative to
Published Surface (Documentation / Knowledge Site)

Tags

contentstructured-datareal-timeautonomous

See where it fits.

Primitives are configured into named solution shapes for each client’s domain. The fastest next step is a conversation about which shape fits your problem.

Start a conversation