> ## Documentation Index > Fetch the complete documentation index at: https://docs.okrapdf.com/llms.txt > Use this file to discover all available pages before exploring further. # Secure Invoice Reviewer > Role-based invoice views with redaction and structured extraction workflows ## Why this demo exists Invoice review is where security and usability collide: operators need full fidelity, reviewers need masked fields, and shared links need strict limits. This showcase maps to the react-admin invoice reviewer demo and highlights how to evolve it into a production-grade secure PDF app. ## What it proves 1. Document pages can be rendered directly from URL builder paths. 2. Structured invoice outputs can drive admin-style table/detail workflows. 3. Role-based output policies can expose different views of the same source document. ## Current demo status The current runtime demo intentionally shows both what works and what is still mocked. | Capability | Current status | | -------------------------------------------------------- | ------------------- | | Session upload + PDF processing | Real | | Page image rendering via `doc(...).pages[n].image.url()` | Real | | Role policy enforcement + redacted output delivery | Prototype direction | | Structured output URLs (`o_`) for invoice entities | In progress | This page is a transparent blueprint, not a claim that all policy layers are fully productionized in that sample app today. ## Production hardening checklist 1. Move token-to-policy resolution fully server-side. 2. Materialize invoice output profiles (`o_invoice`) as cacheable artifacts. 3. Ensure redaction lens applies to page assets, structured JSON, and completion contexts. 4. Add audit logs for policy, model, and output lineage. ## Demo Source `runtime-demo/invoice-reviewer` ## Related Docs Server-side redaction patterns and role-scoped access. Materialize typed outputs with reproducible extraction recipes.