JSON with Tree-of-Trees (ToT)
This section provides an overview of the JSON with Tree-of-Trees (ToT) payload. The JSON ToT payload allows you to use the advantages offered by Tree of Trees to extract the JSON payload from the request and provide protection according to the data element defined. Profile Reference can also be used to process different elements of the JSON.
The following figure illustrates the JSON ToT fields.
The properties for the JSON ToT payload are explained in the following table:
| Properties | Sub-Field | Description | |
|---|---|---|---|
| Allow Empty String | Enable to pass values that are defined as only whitespaces, such as value: " “, that are part of the JSON payload and continue processing of the sequential rules. If this check box is disabled, then the Extract rule does not process values that are defined as only whitespaces. | ||
| JSON Paths with Profile Reference | JSON path and profile references must be selected. | ||
| JSON Path | JSON path representing the JSON field targeted for extraction. | ||
| Profile Name | Profile to be used to perform transform operations on the matched content. | ||
| User Comments | Additional information related to the action performed by the group processing. | ||
| Process Mode | Select to parse JSON data types. This field includes the following three options:
| ||
| Complex - Stringify | Select to process the complex JSON data type, such as, arrays and objects, to string values and serializing to JSON values before being passed to the child rule. This option is displayed by default. | ||
| Simple - Primitive | Select to process primitive data types, namely, string, int, float, and boolean. It does not support the processing of complex data types, such as, arrays and objects when it matches the JSON data type; the processing fails and an error message is displayed. | ||
| Complex - Recurse | Select to process the complex JSON data type and iterate through the JSON array or object recursively. | ||
| Preserve Element Order | Select to preserve the order of key-value pairs in the JSON response. This option is selected by default when you create the JSON ToT rule. | ||
| Fail Transaction | Select to fail transaction when an error is encountered during tokenization. The error might occur due to use of incorrect token element to protect input data. For example, when handling integer input data, the accurate token element would be an integer token element. The DSG uses tokenization logic to perform data protection. This logic can work to its optimum only if the correct token element is used to protect the input data. If you fail to perform careful analysis of your input data and identify the accurate token element that must be used, then it will result in issues when data is protected using the tokenization logic. To avoid this issue, it is recommended that before defining rules, analyze the input data and identify the accurate token element to be used to protect the data. This option is selected by default when you create the JSON ToT rule. For more information about identifying the token element that will best suit the input data, refer to Protegrity Protection Methods Reference Guide 9.0.0.0. | ||
| Minimize Output | Select to minify the JSON response. The JSON response is displayed in a compact form as opposed to the indented JSON response that the DSG sends. This option is deselected by default when you create the JSON ToT rule. Note: It is recommended that this option is selected when the JSON input includes deeply nested key-value pairs. |
The following table describes the additional configuration option for the Recurse mode.
| Options | Description | Default |
|---|---|---|
| recurseMaxDepth | Maximum recursion depth that can be set for iterating matched arrays or objects. CAUTION: This parameter comes in effect only when the Complex - Recurse mode is selected. It is not supported for the Complex - Stringify and the Simple - Primitive modes. | 25 |