InvoiceKaroInvoiceKaro

Collect

Proof & Client Approval

Attach files, links and notes as proof, send a public client approval link, and capture an immutable acceptance certificate with a SHA-256 bundle hash.

Proof and approval are what make Collect different from ordinary invoicing. For each milestone you attach the evidence of what you delivered, then send the client a link to formally accept it — producing a tamper-proof certificate you can rely on if anything is ever disputed.

Attach proof to a milestone

Open a milestone and use + Proof to add any combination of:

  • Files — upload the actual deliverables: designs, documents, exports, screenshots, signed scope sheets.
  • Links — point to a Figma file, a staging URL, a Drive folder or a deployed build.
  • Notes — short written context, like a summary of what changed or what was agreed on a call.
Tip
Attach proof at the moment you mark a milestone delivered, while everything is fresh. The proof you attach is exactly what gets bundled into the evidence pack and hashed into the acceptance certificate.
  1. 1On the milestone, tap Copy approval link to generate a public approval link.
  2. 2Share the link (it lives at /approve/{token}) with your client by WhatsApp, email or however you normally talk to them.
  3. 3The client opens it in any browser — no login or InvoiceKaro account needed.

Each approval link is valid for about 30 days, giving the client a clear window to review and accept.

What the client sees

On the approval page, the client sees the milestone, the proof you attached (files, links and notes), and a simple way to approve. To accept, they confirm their name (email optional, plus an optional Notes field) and submit — that's all it takes for them, and all it takes to lock in your record.

Note
Because the page is public and read-only, you can send it to a client's procurement or finance contact without giving anyone access to your account or other projects.

The acceptance certificate

When the client approves, InvoiceKaro generates an immutable acceptance certificate — a permanent record that can't be edited after the fact. It captures:

RecordedWhy it matters
Approver name & emailIdentifies exactly who signed off on your behalf.
IP addressShows where the approval came from.
BrowserAdds device/agent context to the acceptance.
TimestampPins the exact date and time of acceptance.
SHA-256 bundle hashA cryptographic fingerprint of the exact deliverable bundle that was approved — so no one can later claim they approved something different.
Why the hash matters
The SHA-256 hash ties the approval to the precise set of deliverables shown at that moment. If even one file changed, the hash would change — which is what makes the certificate evidence rather than just a status update.

Approval links expire automatically after roughly 30 days. You can also revoke a link early — for example if you sent it to the wrong person or the scope changed. Once revoked or expired, the link shows the visitor a clear message and can no longer be used to approve.

Warning
Revoking an approval link only stops *future* approvals. Any acceptance certificate already produced stays valid and immutable — revoking never erases proof you've already captured.

The certificate and proof flow straight into the milestone's evidence pack, where they sit alongside the invoice and reminder history.