Business Cases
Node Policies from a business perspective — mapping real workflow requirements to the policy configuration that delivers them, without requiring knowledge of the underlying code.
What Node Policies Control
Visibility
Which workflow fields appear in your task inbox, and in what form.
Control
Which fields you can edit vs. which are locked as reference information.
Privacy
Which fields are automatically hidden or redacted (credentials, API keys).
Deadlines
When approval and form tasks expire and when reminders are sent.
Scenario 1 — Employee Onboarding Approval
Requirement: A new hire request must be approved by a manager within 48 hours. SLA commitment is 24 hours. If not approved in 48 hours, it escalates to HR.
| What you see in your inbox | Policy behind it |
|---|---|
| "Approval Strategy: Unanimous" — read-only | ReadableContext + Locked |
| Employee name and role — read-only context | Same |
| Approve / Reject buttons — required | RequiredFromHuman on the decision field |
| Reminder email at 24h | reminderIntervalSeconds: [86400] |
| Escalation to HR at 48h | timeoutSeconds: 172800, timeoutPortKey: "escalated" |
| SLA breach alert at 24h | slaThresholdSeconds: 86400, emitSlaBreachEvent: true |
Scenario 2 — Invoice Review Before Payment
Requirement: Finance approver reviews invoice. Can correct the amount if OCR was wrong. Cannot change the recipient account number. Large payments require elevated access.
| What you see | Policy behind it |
|---|---|
| Invoice amount — pre-filled, can edit | EditableOptional |
| Recipient account — shown but locked | ReadableContext + Locked |
| Account number partially masked (****1234) | ReadableMasked |
| Large payment approval requires elevated permissions | RequiresElevatedAccess: true |
| Payment method — context only | ReadableContext + Locked |
Scenario 3 — Customer Communication Review
Requirement: Workflow generates personalised emails from templates. Agent must review and confirm the message body before any email sends. Agent can optionally redirect the recipient.
| What you see | Policy behind it |
|---|---|
| Recipient address — pre-filled, can change | EditableOptional |
| Email body — must confirm before submitting | RequiredFromHuman |
| SMTP credentials — completely hidden | SendToHil: false + MaskInLogs: true |
| Cannot submit without reviewing the body | RequiredFromHuman blocks submission |
Scenario 4 — IT Change Request Form
Requirement: IT change request form must be submitted within 24 hours. Reminder at 12 hours. If not submitted, change is automatically cancelled.
| What you see | Policy behind it |
|---|---|
| Form title — prominent heading | ReadableContext + Locked |
| "Assigned To: [your name]" — read-only | Same for assignedTo |
| Reminder at 12h | reminderIntervalSeconds: [43200] |
| Cancellation at 24h | timeoutSeconds: 86400, timeoutPortKey: "cancelled" |
| Admin cannot force-complete | allowAdminForceComplete: false |
Scenario 5 — Slack Notification with Human Review
Requirement: AI-generated Slack message needs a team lead's review and personalisation before posting. Team lead can change both the channel and the message text.
| What you see | Policy behind it |
|---|---|
| Channel — pre-filled, can redirect | EditableOptional |
| Message text — pre-filled, actively prompted to edit | PrefilledEditable |
| Bot token — completely hidden | SendToHil: false + MaskInLogs: true + MaskInOutput: true |
Scenario 6 — Multi-Level Capital Expenditure Approval
Requirement: CapEx request requires 3 of 5 regional managers to approve (NofM). SLA is 5 business days. If not completed in 10 days, auto-routes to CFO.
| What you see | Policy behind it |
|---|---|
| "Strategy: NofM (3 of 5)" — read-only | strategy field — ReadableContext + Locked |
| List of other approvers — read-only | actors field — same |
| Required count (3) shown | requiredCount field |
| SLA breach event at 5 days | slaThresholdSeconds: 432000 |
| Auto-route to CFO at 10 days | timeoutSeconds: 864000, timeoutPortKey: "cfo_escalation" |
FAQ for Business Users
Why can't I edit a field in my task?
The field has InputMode: Locked — it is context-only. Ask your workflow administrator to change it to EditableOptional if you need edit rights.
I received a reminder but the task already expired — what happened?
The reminder fired before expiry, but you missed the final deadline. The workflow routed to the escalation or cancellation path. Check with your manager.
Why is the approval strategy shown but I can't change it?
Approval strategy is fixed when the workflow is designed, not when you vote. It is shown so you understand the rules. It has InputMode: Locked.
Why can't I see the API credentials the workflow uses?
Credential fields are always hidden — SendToHil: false, MaskInLogs: true. This is a security requirement. Even administrators see only the vault reference ID.
Can an administrator force-complete a stuck approval?
If allowAdminForceComplete: true is set, yes. If disabled (common for data-collection forms that require actual human input), no — the actor must respond.