You’ve adopted Temporal and you’re seeing real results. But as usage grows, so does a critical question: what happens to sensitive data moving through your workflows? PII, credentials, financial records – how do you keep them safe without sacrificing the durability and observability that make Temporal valuable? This session walks through three practical patterns for handling sensitive data in Temporal, including a live demo of the Claim-Check pattern.

Key takeaways:
- Understand why workflow history creates data exposure risk and what kinds of sensitive data are most vulnerable.
- Know when and how to apply the Claim-check pattern to keep sensitive data out of Temporal entirely.
- Walk away with a mental map of approaches to data security, as well as the tradeoffs between them.
- Leave with concrete implementation patterns, applicable to Temporal today.

---

Temporal is the simple, scalable, open source way to write and run reliable cloud applications. 

Learn more
Blog: https://temporal.io/blog
How Temporal Works: https://temporal.io/how-temporal-works
Community Slack: https://temporal.io/slack

Developer resources
Docs: https://docs.temporal.io
Courses: https://learn.temporal.io/courses
Support forum: https://community.temporal.io

Temporal's platform is a central hub for developers interested in distributed systems, workflow orchestration, and fault-tolerant computing. Through articles, tutorials, and documentation, Temporal offers insights into building resilient and scalable distributed applications. Developers can learn about workflow automation, state management, and handling failure scenarios using Temporal's workflow engine and coordination APIs.

Temporal

A developer advocate at Temporal walks through two patterns for keeping sensitive data out of Temporal's workflow history and UI. The first is payload encryption, where data is encrypted before being sent to Temporal and decrypted only by the worker, so Temporal never sees plaintext PII. A codec server browser plugin can be used for local debugging without exposing data to Temporal. The second is the claim check pattern for large payloads: instead of passing large files (images, video) through Temporal directly, they are uploaded to external storage (e.g., S3) and only a reference key is passed through the workflow. Combining both patterns keeps workflows lean and sensitive data protected. Demos use a pharmacy benefits management app written in C# with Python examples also referenced.

Keeping Sensitive Data Out of Workflow History