Rules are used to automate workflows by reacting to events.



Whenever you make a change in Squidex, such as creating content or updating settings, an event is created. An event describes what happened in the past and has a unique name, for example ContentChanged. You can react to events by defining rules.
A rule has two parts:
  1. 1.
    A trigger that defines when to execute the rule. This is otherwise called If in the UI. The following triggers are currently available in rules:
    Triggers in rules
  2. 2.
    An action that defines what to do. This is otherwise called then in the UI. Following actions are currently available:
    Actions in rules
To create a rule go to Rules (1) and click + Add Rule (2) or + New Rule.
Creating a rule
The final list of rules would look something similar to the screenshot below.
A rule that creates a twitter update when content has changed


To execute a rule the following steps are performed:
  1. 1.
    Enrichment: The event is enriched with additional information.
  2. 2.
    Matching: The matching rules are determined by comparing the rule triggers with the enriched event.
  3. 3.
    Formatting: An rule job is created and stored. It contains all information to execute the rule for the current event.
  4. 4.
    Execution: The rule job is queried from the store and executed. If not succeeded it will be marked for a retry at a later point of time.

1. Enrichment

Events contain only the bare minimum of information. For the ContentPublished event we only need the if of the content that has been published. All other information can be derived. In addition to that we also store metadata, such as the timestamp and the id of the user who created the content. This is common for all events. But for the next steps we need additional information. Therefore we retrieve them from the system and create enriched events.
The enriched events have the following structure:

Content Events

"id": "123...", // Id of the content.
"actor": { "type": "subject", "id": "123..." }, // Id of the user
"appId": { "name": "my-app", "id": "123..." }, // App name and id
"created": "2018-01-01T12:00:00Z",
"createdBy": { "type": "subject", "id": "123..." },
"data": { // Content data
"city": {
"en": "Munich",
"de": "München"
"population": {
"iv": 123000
"lastModified": "2018-01-01T12:00:00Z",
"lastModifiedBy": { "type": "subject", "id": "123..." },
"schemaId": { "name": "my-schema", "id": "123..." }, // Schema id
"status": "Draft", // Status of the content: Draft, Archived, Published
"timestamp": "2018-01-01T12:00:00Z",
"type": "Created", // The type of the event.
"user": { // The user information.
"id": "123...",
"name": "John Doe",
"email": "[email protected]"
"version": 1 // Version of the content, increased with any operation
The content event type can be one of the following values:
  • Created: The content has been created.
  • Updated: The content has been updated.
  • Published: The status of the content has been changed to Published.
  • Unpublished: The status of the content has been changed from Published to another status.
  • StatusChanged: The status has been changed, e.g. Draft to Archived.
  • Deleted: The content has been deleted.

Asset Events

"id": "123...", // Id of the asset
"actor": { "type": "subject", "id": "123..." }, // Id of the user
"appId": { "name": "my-app", "id": "123..." }, // App name and id
"created": "2018-01-01T12:00:00Z",
"createdBy": "subject:123",
"fileName": "Avatar.png",
"fileSize:": 512000,
"fileVersion": 1,
"isImage": true,
"lastModified": "2018-01-01T12:00:00Z",
"lastModifiedBy": { "type": "subject", "id": "123..." },
"mimeType": "image/png",
"pixelHeight": 600,
"pixelWidth": 800,
"timestamp": "2018-01-01T12:00:00Z",
"type": "Created", // The type of the event.
"user": { // User information
"id": "123...",
"name": "John Doe",
"email": "[email protected]"
"version": 1 // Version of the asset, increased with any operation
The asset event type can be one of the following values:
  • Created: The asset has been uploaded.
  • Updated: The file of the asset has been replaced with a newer version.
  • Annotated: The metadata or slug has been changed.
  • Deleted: The asset has been deleted.
It is important to understand the structure because we use it in the matching step. Furthermore some actions just pass over the enriched events to other systems: For example, the webhook action adds the event to the request body in (almost) the same format.

2. Matching

Lets just have a look to a trigger definition first:
Triggers when a blog post is published or restored
In the matching process we check whether the action should be executed. There are several conditions:
  1. 1.
    The event type must be correct:
    • A rule with a AssetChanged trigger can only handle asset events.
    • A rule with a ContentChanged trigger can only handle content events.
  2. 2.
    If a condition is defined it must evaluate to true.
A condition is a javascript expression that must return true to execute the rule.
Here are some examples to demonstrate it:
Specific asset events:
event.type == 'Created' || event.type == 'Updated'
Large assets only:
event.fileSize > 100000000
Images only:
Of course it can be more complex if necessary.

3. Formatting

When you configure an action you have to define several settings. In our example above we create a twitter update and have to define the text we want to publish.
Almost all text settings for actions support placeholders that allow you to integrate information from the enriched event. Furthermore JavaScript expressions are used for complex use cases.
More information can be found at:

4. Execution

Squidex will make several attempts to execute an job:
  1. 1.
    First attempt, a few seconds after the event has happened.
  2. 2.
    The next attempt is after 5 minutes.
  3. 3.
    The next attempt after 1 hour.
  4. 4.
    Another attempt after 6 hours.
  5. 5.
    The next attempt after 12 hours.
Jobs expire after 2 days and will be deleted automatically.


Webhooks are the most flexible rule actions. You have to provide a HTTP endpoint to Squidex and each event will be sent to this endpoint as POST request.

Request Headers

  • X-Application and User-Agent
Used to identify the sender and has the static value: Squidex Webhook
  • X-Signature
The signature can be used to verify that a request is from Squidex and not from a potential attacker. The signature is calculated in the following way:
ToBase64String(Sha256(RequestBody + Secret))
Do not expose the secret to the public and keep it private.