Encryption rule actions An encryption rule maps fields in a client request to fields in a table on your instance and identifies fields marked for encryption. An encryption rule action only runs when the encryption rule condition returns true. An encryption rule identifies the data to be encrypted in your request payload. Because the rule iterates over the content in the request object, you must understand the form and structure of your request body and determine what in the request needs to be encrypted. The data to be encrypted might be located within: A POST or URL parameter. JSON or XML content within a POST or URL parameter. A JSON payload. An XML payload. Before writing an encryption rule action, be sure to: Inspect the client request. Identify where the sensitive data is located in the request object. Determine the field and table name to insert data into, or understand how to dynamically pull this from the request. Encryption rule objects and APIs are available to encryption rule actions and conditions.