Introduction
This guide is for agents and viewers who run and review workflows in Trustable Workflow Manager (TWM). It does not cover tenant setup, workflow design, or user administration — see the Admin Guide for those tasks.
What TWM does
Trustable Workflow Manager runs governed, multi-step business processes. Each workflow instance creates one parent Trustable on the Digital Trust Foundry platform. As the run progresses, steps such as artifact creation, approvals, notifications, and close-out append signed lifecycle events to that Trustable.
When a run finishes, you can open a trust report showing who signed what, when, and whether Foundry integrity checks passed.
Roles
| Role | What you can do |
|---|---|
| Agent | Create workflows, use the queue, monitor in-progress runs, and operate steps (where the workflow allows). |
| Viewer | Read-only access to Workflow history and individual run detail, including trust reports. |
Agents and viewers use the same login page. Your administrator assigns your role when your account is created.
Simple experience (assigned workflow)
Some users are assigned to a single workflow definition. If your account is set up this way, you see a simplified menu:
- My requests — list of your submitted requests
- New request (agents only) — submit a new request for that workflow
You do not see the full operations menu (Dashboard, New workflow, and so on). Everything else in this guide about filling in forms, signers, attachments, scheduling, and tracking applies — the screens are just tailored to one workflow.
Signing in
- Open your organisation’s TWM URL (for example
https://workflows.yourcompany.com). - Enter your username and password.
- After login:
- Agents and admins land on the Dashboard.
- Viewers land on Workflow history.
- The sidebar shows the pages available to your role.
Use Log out at the bottom of the sidebar when you finish.
Navigation (full experience)
| Sidebar item | Who sees it | Purpose |
|---|---|---|
| Dashboard | Agents and admins | Workflows in progress and workflows queue |
| New workflow | Agents and admins | Create or prepare a workflow run |
| Workflow history | Agents, admins, and viewers | Completed, failed, and cancelled runs |
Viewers only see Workflow history.
The main content areas use light blue rounded panels so each section is easy to scan.
Dashboard
The Dashboard is the home page for agents and admins. It has two sections:
| Section | Purpose |
|---|---|
| Workflows in progress | Active and scheduled workflow runs |
| Workflows queue | Prepared drafts waiting to be run or scheduled |
Open a run from Workflows in progress to track steps and signatures. Use Open on any row to go to the run detail page.
There is no separate header on the Dashboard — the two panels are the page.
Workflows queue
The Workflows queue panel on the Dashboard holds prepared runs: the form is filled in (and signers assigned where required), but the workflow has not started or been scheduled yet.
Use Add New Workflow to Queue in the panel header to open the New workflow page and save a draft without running it. When the queue is empty, there is no duplicate add button in the panel body — use the header control.
From each queue row you can:
| Action | Purpose |
|---|---|
| Run | Open New workflow with that draft loaded, ready to run or schedule |
| Edit | Open the queue compose screen to change payload, signers, attachments, and step selection |
| Export | Download a portable JSON bundle of this queue entry |
| Import | (Header button) Upload a queue export from another environment or colleague |
| Clone | Copy settings into a new queue item |
| Delete | Remove the draft from the queue permanently |
Export and import queue entries
Export saves a JSON file (kind: workflow_queue_entry) containing:
- The workflow definition slug (reference only — not the full definition)
- Title, payload, external reference
- Signer assignments (by step order, with signer email and role hints)
- Disabled steps for this run
- IPFS attachment metadata (file name, gateway URL, CID — no file re-upload on import)
Import creates a new draft in your queue from that file. The matching workflow definition must already exist in your tenant (same slug). Signers are matched by email where possible, or by counterparty name plus OOR role code.
After a successful import, TWM opens the new draft for review. You can adjust signers or payload before running.
This is useful when you need to prepare several requests in advance, move drafts between environments, or hand off a prepared request to a colleague.
New workflow
Go to New workflow in the sidebar, or use Add New Workflow to Queue on the Dashboard queue panel.
The page title is New Workflow. Complete the form, then choose one of three actions at the bottom:
| Action | What it does |
|---|---|
| Add to Queue | Saves a prepared draft to the Workflows queue on the Dashboard without starting |
| Run now | Starts the workflow immediately |
| Schedule for later | Requires a Schedule time (at least 5 minutes in the future); the run appears under Scheduled on the Dashboard until it starts automatically |
If something is wrong (missing signers, invalid step selection, incomplete form), TWM shows an error and does not continue.
1. Choose a workflow
Select an active workflow definition from the list. Each entry shows the workflow name and linked artifact template.
When you open a draft from the queue (Run or Edit), the definition is already set.
2. Fill in the request
Complete the structured form defined by the artifact template (JSON Schema fields such as title, dates, descriptions, and so on). Required fields must be filled before you can continue.
If the template defines a title field in the payload, the run title may be taken automatically from your answers.
3. Add attachments (optional)
When your administrator has configured Pinata IPFS, you can attach supporting files while preparing a run (queue draft, New workflow, or Edit):
- Up to 5 files per run
- PDF, PNG, JPEG, DOCX, or TXT, max 25 MB each
- Files are pinned on IPFS and linked on the Trustable when the run starts (file name and gateway URL)
Attachments can be added or removed while the run is in draft or scheduled status. After the workflow starts, attachments are read-only on the run detail page.
4. Assign signers (when required)
Some workflows require you to pick an authorized signer for one or more steps — for example business owner, IT director, or security reviewer. Every required slot must have a signer selected before you run or schedule.
5. Choose which steps to run (optional)
When a workflow has more than one step, a Steps for this run panel appears. Each step is checked by default.
- Uncheck a step to skip it for this run only.
- At least one step must remain enabled.
- TWM validates the remaining steps — for example, you cannot enable a sign step while disabling artifact creation.
Skipped steps appear as skipped on the run detail page and are not executed.
Workflows in progress
The Workflows in progress panel on the Dashboard monitors active work.
Tabs
- Scheduled — runs waiting for their start time.
- In progress — runs currently executing.
Select a run and choose Open, or click the run title. The run detail page refreshes automatically while steps are moving forward. Use Back to dashboard to return.
Run detail
Each run shows:
- Status — for example in progress, scheduled, completed, failed, or cancelled.
- Run ID — a short reference you can copy.
- Step stepper — visual progress through each step.
- Payload summary — the structured data submitted at the start.
- Supporting files — compact links to IPFS attachments (when present).
- Signer assignments — who was chosen for each slot (when applicable).
| Status | Meaning |
|---|---|
| Pending | Not reached yet |
| Active | Currently processing |
| Awaiting signature | Waiting for an authorized signer on Foundry |
| Completed | Step finished successfully |
| Failed | Step failed (see failure reason on the step) |
| Skipped | Step was disabled before start |
- Refresh — manually poll Foundry for signature updates (the page also polls automatically).
- Cancel schedule — for scheduled runs, cancel before the start time.
- Reschedule — change the planned start time.
When Foundry is not configured (demo / offline mode), admins may see a Mock sign action on steps awaiting signature. That is for local testing only — production runs use real Foundry signatures.
Notify steps and public verification
When a workflow includes a notify step, TWM emails recipients (for example an implementer) with context and a public verification link. If the run has attachments, the email also includes compact links to those files on IPFS.
Recipients do not need a TWM login. They open the verification link to review prior approvals, supporting files, and run Foundry checks before acting on the request.
Notify steps advance automatically after the email is sent.
Workflow history
Open Workflow history in the sidebar. This page lists completed, failed, and cancelled runs, newest first.
Agents see only runs they started; admins see all finished runs in the tenant.
Open a run to see:
- Full step audit trail
- Supporting files links (when attachments were uploaded)
- Trust report (for completed runs) — lifecycle events, signers, Foundry integrity checks
- Export JSON — download a bundle for records management
Agents can Clone to queue from history to start a similar run with the same payload, signers, and attachments pre-filled in the Workflows queue.
Trust reports
When a workflow completes successfully, the trust report summarizes:
- Instance title, definition, and template
- Lifecycle events — step name, event name, target state, signer, timestamp, and event SAID
- Foundry integrity checks — structure, SAID, schema, cryptography, KEL/TEL, and related checks
- Exportable JSON for audit and compliance use
Viewers and agents can both open trust reports from Workflow history or from a completed run’s detail page.
Tips and common issues
“Assign a signer for every slot before starting”
Every required signer slot on enabled steps must have a selection. Disable optional sign steps only if the workflow allows it and sequence rules still pass.
“At least one step must be enabled for this run”
You unchecked every step. Re-enable at least one.
Sign step stuck on awaiting signature
The assigned authority must complete signing on Foundry (mobile wallet, custodial signer, or your organisation’s signing channel). Ask them to sign, then use Refresh or wait for automatic polling.
Notify email not received
SendGrid and the public app URL must be configured by an administrator. Without email, notify steps may log only in development.
Attachments upload fails
An administrator must configure Pinata IPFS in Settings. Check file type and size limits.
Queue import fails — workflow definition not found
Import expects the same workflow definition slug to exist in your tenant. Ask an administrator to import or create the definition first.
Queue import — signers not pre-selected
Import matches signers by email or counterparty name + role. If no match is found, assign signers manually on the compose screen before running.
Cannot see Dashboard or New workflow
Your role may be viewer (Workflow history only) or you may be on the simple experience (use New request instead).
Cannot find another agent’s queue item or run
Agents only see their own prepared workflows, in-progress runs, and history. Admins see tenant-wide history.
Getting help
Contact your TWM administrator for:
- Account access or role changes
- New workflow definitions or template changes
- Counterparty / signer registration
- Foundry, email, or Pinata configuration
- Questions about what a specific workflow step expects
For platform-wide forensic investigation beyond a single run, your organisation may also use the Digital Trust Foundry Forensic Audit Console.