Expressions
Reference action outputs, webhook payloads, secrets, and more.
Expressions is how you reference and manipulate data inline in action inputs, run-if conditions, loop expressions, and output schemas. Tracecat supports the following expression contexts:
Prefix | Expression syntax | Description |
---|---|---|
ACTIONS | ACTIONS.<action_slug>.result.<jsonpath> | Reference the result of an action |
TRIGGER | TRIGGER.<jsonpath> | Reference data passed via webhook or UI |
SECRETS | SECRETS.<name>.<key> | Reference a secret |
FN | FN.<fn_name>(<arg1>, <arg2>, ...) | Call an inline function |
To use an expression, you must use the ${{ <context>.<expression> }}
syntax:
Expressions are evaluated into values at the start of each action run.
ACTIONS
context
Tracecat uses JSONPath and dot notation to select outputs from previous actions. JSONPath can also be used to filter and transform nested JSONs.
Both ACTIONS
and TRIGGER
expression contexts support JSONPath syntax.
If you are new to JSONPath or need a refresher, check out our JSONPath syntax cheatsheet.
You can reference outputs from a previous action in the same workflow using the ACTIONS
context.
Actions are referenced by a sluggified version of their name.
TRIGGER
context
Check out the workflow triggers tutorial for a detailed guide setting up webhooks for workflows.
Workflows can be triggered via webhook, manual UI trigger, or the Execute Child Workflow
action.
Use the TRIGGER
context to reference the data from the trigger as a JSON object.
SECRETS
context
Tracecat comes with a built-in secrets manager. This allows you to store and retrieve sensitive data scoped to a workspace without exposing the value in plaintext. Secrets are encrypted at rest and stored in the database.
Secrets stored in the secrets manager can be accessed using the SECRETS
prefix:
Tracecat will automatically replace the expression with the secret value at runtime. Retrieved secrets are deleted from memory after the workflow run completes.
FN
context
Check out the full list of supported functions in the functions cheatsheet.
Tracecat supports inline functions in the FN
context.
Here are some examples of functions you can use with FN
:
For the following function examples, we’ll use the Example alert
JSON as sample data.
Feel free to copy and paste this into your own workflow to follow along.
Check out the docs on Data manipulation to learn more about the different data types and how to manipulate them.
Was this page helpful?