Process Environment Variables

Document information
  • Canonical URL: /docs/02_automations-and-processflow/13_process-environment-variables
  • Version: 2026-06-17
  • Tags: processflow, reference, process-environment-variables

ProcessFlow injects runtime variables into every step so your code can access input data, tenant context, and platform services without manual bootstrapping. Variable names are case-sensitive. Some services are null or disabled unless the step’s sandbox profile grants the matching capability (for example file access or connector execution).

Process environment variables provide each ProcessFlow step with input context, tenant-safe services, and runtime metadata for reliable automation.

Input and output context

VariableTypePractical usage
process_inputobjectNormalized trigger payload or data passed from a previous step.
process_outputobjectMutable output bag for the current step; downstream steps can read values you set here.
raw_inputstringRaw request body (often JSON text) for signature verification and webhook parsing.

Identity and process metadata

VariableTypePractical usage
tenant_idstringActive tenant for the execution; use in all tenant-scoped logic.
user_idstring | nullUser who triggered the run, when available.
webapp_tenant_idstringWebApp tenant context (usually the same as tenant_id).
process_idstringID of the process definition being executed.
process_execution_idstringWorkflow execution ID for correlation, logging, and unique file paths.
execution_auth_source_idstringSource execution ID used for internal HTTP auth headers (often matches _execution_id in process_input).
run_correlation_idstringSupport and log correlation reference for this run.
correlation_idstringAlias of run_correlation_id.
app_urlstringBase URL of the Tealfabric app for building internal API calls.

WebApp and HTTP request context

These fields are populated when the process is triggered from a WebApp (form POST, webhook-style submission). They are typically empty or absent for API-only or scheduled triggers.

VariableTypePractical usage
http_headersobjectRequest headers (Host, Content-Type, X-Forwarded-Proto, and others).
request_methodstringHTTP method, for example POST or GET.
request_uristringRequest path, for example /webapp/contact-form.
remote_addrstringClient IP as seen by the platform.

Do not use server globals such as $_SERVER — they are blocked in the sandbox. Use the injected fields above instead.

Platform services

Prefer tenantDb and integration over low-level or deprecated APIs.

VariableTypePractical usage
tenantDbobjectRecommended tenant-scoped database access (query, getOne, insert, update, delete, …). Also available as tf.tenantDb.
dbobjectRaw MySQL handle for tenant /root only (getRawConnection()). Other tenants: use tenantDb / tf.tenantDb.
process_dbobject | null/root tenant only — PDO-shaped handle for platform tables and step logs. null for normal tenant steps.
integrationobjectExecute configured integrations (executeSync, executeAsync, getStatus, getResult, getPendingCount, …). Mirrored on tf.integration.
connectorsobjectDeprecated alias of integration — use integration in new code.
apiobjectAuthenticated internal HTTP client (get, post) with execution context headers.
llmobjectCall the platform LLM (callLLM / complete).
emailobjectQueue transactional email (send).
notificationobjectCreate and manage in-app notifications (send, dispatch, update, remove).
jwtobjectDecode or verify JWT payloads (decodePayload, verify).
datapoolobjectTenant DataPool access (query, insert, update, schema helpers).
keystoreobject | nullProcess-scoped secrets (get, set, list); null when keystore capability is off.

Files, documents, and OCR

VariableTypePractical usage
filesobject | nullExecution-scoped file I/O (read, write, list) when file capability is enabled; null otherwise.
documentReviewobjectStart document review workflows (createReviewFromProcessFlow).
pdfOcrobjectExtract text from PDFs in tenant storage (extractText).
imageOcrobjectExtract text from images in tenant storage (extractText).

Tenant-relative paths only (for example platforms/25/receipts/invoice.pdf). See PDF OCR and Image OCR.

Logging and the tf namespace

JavaScript and TypeScript steps receive a capability-aware tf object. Prefer tf.* in new snippets; legacy root globals remain for migrated PHP-style code and are aliased on tf where applicable.

VariableTypePractical usage
log_messagecallableLegacy logging alias — log_message("info", "message"). Prefer tf.log.
tfobjectNamespaced sandbox API (see table below).

tf core members

MemberCapabilityPurpose
tf.capabilitiesArray of enabled capability names for this run
tf.logloggingStructured step log lines
tf.context.get/set/snapshotcontextRead/write execution context
tf.utils.nowIso/sha256/hmacSha256/deterministicIdDeterministic helpers (hashing, IDs, timestamps)
tf.dataAccess.getRecord/findRecordsdata-accessRead-only record access
tf.connector.executeconnectorSynchronous connector execution (preferred for new code)

tf service aliases

The same objects as the root globals are also on tf: tf.tenantDb, tf.integration, tf.api, tf.datapool, tf.llm, tf.email, tf.notification, tf.jwt, tf.files, tf.keystore, tf.pdfOcr, tf.imageOcr, tf.documentReview, tf.db ( /root only).

Full method lists, capability matrix, async integration patterns, and examples: Process sandbox tf API reference.

Tenant file helpers

When the file capability is enabled, these functions are also injected (not objects on a service):

file_get_contents, file_put_contents, file_exists, mkdir, read, write, unlink, copy, rename, glob, and related fopen / fread / fwrite helpers.

Paths must stay inside tenant storage boundaries. Include process_execution_id in generated paths to avoid collisions between concurrent runs.

Internal authentication (advanced)

VariableTypePractical usage
execution_auth_keystring | nullShared secret for signed internal HTTP calls from step code. Do not log, return to clients, or hardcode in snippets.

The api service applies execution auth automatically when app_url and auth context are configured.

Handle optional context safely

Some helpers are context-dependent:

  • files and keystore may be null when the step profile does not grant file or secret access.
  • WebApp HTTP fields (raw_input, http_headers, …) appear only for WebApp-triggered runs.
  • Service methods throw a clear error when the step’s sandbox capability disables that feature.

Guard early and return structured errors so downstream steps are not left with ambiguous failures.

type StepInput = { filename?: string };

function buildOutputPath(input: StepInput, executionId: string, filesService: unknown) {
  if (!input.filename) {
    return { success: false, error: { code: "MISSING_FILENAME", message: "filename is required" } };
  }
  if (!filesService) {
    return { success: false, error: { code: "NO_FILES_SERVICE", message: "file context is not available" } };
  }

  return {
    success: true,
    data: { relative_path: `public_docs/${executionId}/${input.filename}` },
  };
}

Verify runtime context through API execution

When testing variable usage, execute a process through the API with explicit input_data and inspect the execution result.

curl -X POST "https://<YOUR_DOMAIN>/api/v1/processflow?action=execute-process" \
  -H "X-API-Key: <API_KEY>" \
  -H "X-Tenant-ID: <TENANT_ID>" \
  -H "Content-Type: application/json" \
  -d '{
    "process_id": "<ENTITY_ID>",
    "input_data": {
      "filename": "report.pdf"
    },
    "async": false
  }'
{
  "success": true,
  "data": {
    "execution_id": "exec_0f8e21a7",
    "status": "completed"
  }
}

Keep variable usage predictable

Prefer injected services over blocked low-level patterns. Store secrets in keystore or tf.keystore, not in source code. For WebApp-heavy workflows, see WebApp functions guide. For sandbox limits, see Sandbox guardrails. For the full tf API, see Process sandbox tf API reference.

Treat these names as a stable contract between your process design and the execution engine. Clear input validation, tenant-scoped service usage, and structured return payloads make step behavior easier to maintain as workflows grow.