search
Community ChannelSponsorBlogGithubSupport and Contact

Message Encryption

Protect Messages using direct annotations

You can protect single message by using Data Protection attributes directly in your class.

Adding #[Sensitive] annotation to class will tell Ecotone to treat all attributes as sensitive.

use Ecotone\DataProtection\Attribute\Sensitive;
use Ecotone\DataProtection\Attribute\WithEncryptionKey;

#[Sensitive] // tells Ecotone that this message is sensitive
#[WithEncryptionKey('secondary-key')] // optional, tells Ecotone which key should be used. If not defined, Ecotone will use default key.
readonly class ChargeCreditCard
{
    public function __construct(
        // ...
    ) {
    }
}

With #[Sensitive] attribute you can annotate whole class or specific properties, which will make Ecotone to protect only those. Attribute can be used with any type: scalar, class or enum.

use Ecotone\DataProtection\Attribute\Sensitive;
use Ecotone\DataProtection\Attribute\WithEncryptionKey;

#[WithEncryptionKey('secondary-key')] // optional, tells Ecotone which key should be used. If not defined, Ecotone will use default key.
readonly class ChargeCreditCard
{
    public function __construct(
        public string $walletId,
        #[Sensitive] public IbanNumber $iban,// tells Ecotone that this property is sensitive
        // ...
    ) {
    }
}
circle-info

If you use #[Sensitive] with Event Sourcing Events, they will be persisted with encrypted data.

hashtag
Custom Converters

Data Protection extends standard conversion and uses actual property names. If you are using custom converters for your messages, you may change name of property you want to be protected. In that case, you can pass custom name with #[Sensitive] attribute to tell Ecotone how to handle data properly.

PreviousChannel EncryptionNextAI Integration

Last updated

Was this helpful?