Circuit Schema Validation and Data Protection | Circuit Online Help | Example Scheme Validation in Circuit

Schema-Driven Data Validation and Protection

Circuit follows a schema-driven architecture to enforce structured validation and data protection at every stage of execution.

Using JSON Schema, Circuit defines:

  • Expected fields and data types

  • Validation rules and constraints

  • Input and output structure

  • Field-level data protection policies

This ensures consistent, secure, and compliant workflow processing.


Schema Validation Levels 

Schemas can be configured at two levels.

Circuit-Level Schema

  • Circuit Input Schema  : Validates incoming JSON before execution starts. If validation fails, the circuit does not start.

State-Level Schema

Each state supports:

  • State Input Schema  : Validates states input JSON before state execution

  • State Result Schema  : Validates state output before passing it to the next state

If validation fails, the state execution fails and the error is recorded in execution logs.

 

Data Protection Keywords (Core Security Feature)

Circuit extends standard JSON Schema with built-in privacy-focused keywords. These can be applied to any property, including deeply nested fields.

These controls operate at the field level and are enforced automatically during execution.

Available Data Protection Methods

hide: true  

  • Completely removes the field from the API response

  • Highest protection priority

  • Suitable for internal system fields or identifiers

encrypt: true  

  • Encrypts the value before database persistence

  • Decryption occurs only during Retry or Rerun

  • Protects sensitive identifiers, tokens, and regulated data

redact: true  

Replaces value with a fixed placeholder (e.g., [REDACT]). The original value is securely retained, and the audit log records the user who performed the unredaction.

  • Replaces the value with a fixed placeholder (e.g., [REDACTED])

  • The original value is securely retained

  • The audit log records the user who performed the unredaction

  • Suitable for strict PII and confidential data 

mask: true  

  • Partially hides the value (e.g., ****)

  • Allows controlled visibility while protecting sensitive data

If multiple protection rules are applied to the same field, they are enforced in the following order:

Hide → Encrypt → Redact → Mask

This ensures predictable and secure behaviour when multiple rules are configured.


Protection Priority Order 

If multiple data protection rules are applied to the same field, they are enforced in the following priority order:
Hide → Encrypt → Redact → Mask

Encryption At Rest (EAR)   

All execution context data is protected using Encryption At Rest.

  • Fields marked with "encrypt": true are encrypted before storage.

  • Decryption occurs only during Retry or Rerun.

  • Data remains protected during idle and normal execution states.

  • Execution context is isolated per workflow instance.

This architecture ensures sensitive data is never exposed unnecessarily.


Configuring Schema Properties in UI   

Step 1: Open Input Schema

Click the Action menu (⋮) next to the circuit name to apply validation to the whole circuit, or the Action menu (⋮) inside a state to apply it to that state only, then select Input Schema.


Step 2: Add Properties

Choose how you want to create the schema:
  • Add New Property (manual)
    1. Enter the Property Name.
    2. Select the Data Type (string, number, integer, boolean, object, array).
    3. Mark the property as Required, if applicable. 

  • Generate Schema from JSON Data (auto-generate)

    1. Paste your JSON payload on the left side of the converter, the equivalent JSON schema appears automatically on the right.
    2. If you already have a JSON schema, click Generate Empty Schema and paste it directly on the right side.
    3. Click Update Schema to auto-generate properties from schema.
    4. Review the auto-generated properties.
    5. Click Add Property to include additional fields if needed.

Step 3: Configure Validation Settings (Optional)

Click the expand icon next to a property name to configure additional validation settings:

  • Title and Description

  • Minimum / Maximum values

  • Format (e.g., email)

  • Enum values

  • Default value

  • Data Protection Method: hide, encrypt, redact, or mask

Default Values  

If a field is not provided in the input and a default value is defined in the schema, the system automatically assigns the default value to that field before execution proceeds.

This ensures that:

  • Missing optional fields are populated with predefined values

  • Workflows continue without interruption due to missing inputs

 

Step 4: Add Nested Properties (Optional)

If a property's data type is an object, you can add nested properties inside it. Nested properties support the same validation and data protection rules. Multiple levels of nesting are supported.


Step 5: Save Your Changes

  1. After adding properties, click Save to apply changes at the client level.

  2. To modify saved properties, make your edits and click Update.

  3. To discard all existing properties and start over, click Reset.

  4. Once finalized, click Save in the circuit to persist the schema to the database.

Notes

  • Clicking Save within the schema properties panel applies changes at the client level only. To permanently save your configuration, you must also click Save in the circuit.

  • Only properties marked as Required are considered mandatory during validation.


Schema Examples     

This example shows core employee fields with data protection applied at the top level.

Example 1 – Basic properties with data protection  

{
  "type": "object",
  "required": ["employeeId", "fullName", "email", "department"],
  "properties": {
    "employeeId": { "type": "integer", "title": "Employee ID",    "mask": true    },
    "fullName":   { "type": "string",  "title": "Full Name"                       },
    "email":      { "type": "string",  "title": "Work Email",    "encrypt": true  },
    "department": { "type": "string",  "title": "Department",    "redact": true   },
    "salary":     { "type": "number",  "title": "Annual Salary", "redact": true   }
  }
}


Sample Input
{
  "employeeId": “100423”,
  "fullName":   "Sarah Mitchell",
  "email":      "sarah.mitchell@company.com",
  "department": "Engineering",
  "salary":     “95000”
}

Output 
{
  "employeeId": "######",
  "fullName":   "Sarah Mitchell",
  "email":      "[ENCRYPTED]",
  "department": "[REDACTED]",
  "salary":     "[REDACTED]"
}


Example 2 – Nested properties   with data protection

This example shows personal details configured as a nested object inside the employee record, with data protection applied at both levels.

{
  "type": "object",
  "properties": {
    "fullName": { "type": "string", "title": "Full Name" },
    "email":    { "type": "string", "title": "Work Email", "encrypt": true },
    "personalDetails": {
      "type": "object",
      "title": "Personal Details",
      "properties": {
        "phone":   { "type": "string", "title": "Phone Number", "hide": true   },
        "address": { "type": "string", "title": "Home Address", "redact": true }
      }
    }
  }
}


Sample Input
{
  "fullName": "Sarah Mitchell",
  "email":    "sarah.mitchell@company.com",
  "personalDetails": {
    "phone":   "+1-555-987-6543",
    "address": "42 Maple Street, Austin, TX 78701"
  }
}

}


Output
{
  "fullName": "Sarah Mitchell",
  "email":    "[ENCRYPTED]",
  "personalDetails": {
    "phone":   "[HIDDEN]",
    "address": "[REDACTED]"
  }
}

    • Related Articles

    • Summary

      Introduction Circuit is a platform for integrating micro-services to build automated workflows for IT and business processes. With fine-grained flow controls, you can design low-code or no-code automation. Workflows in Circuit operate as state ...

    • Data Backup

      A complete backup of your organization’s data can be obtained using Data Backup. This helps you maintain a personal copy of the organization’s information. Access Privilege Data Backup can be initiated only by the Organization Owner. To take a backup ...

    • Business case 1: Use client scripts to perform mathematical calculations and validations on data

      While designing forms to replicate finance related documents like purchase order, invoice, or reimbursement bills, our workflows might require the calculation of total cost or sum of expenses incurred. To automate such mathematical calculations and ...

    • Business case 3: Use client scripts to fetch data from third party applications or websites

      While designing forms, we might sometimes want to display data from other websites or applications like stock rates, flight status, freight details, weather updates, and so on. To fetch such information from third party websites or applications and ...

    • Test/Execute a Circuit

      Once you configured your circuit, you have three options: Save: Stores your current configuration without executing or publishing the circuit. Save and Execute: Saves and immediately runs the circuit without publishing. This is typically used for ...

    You are currently viewing the help articles of Qntrl 3.0. If you are still using our older version and require guidance with it, Click here.