28
Advanced QueryField Projection
Return only specific payload fields — reduce bandwidth and hide sensitive data.
Prerequisite: Lesson 11 complete
What you'll learn
- ✓select: ['field1', 'field2'] on any scan/latest/first query
- ✓Stripping happens server-side before response is sent
- ✓Combining select with filter
- ✓Privacy use case: return only non-sensitive fields to frontend
- ✓Combined with scoped API keys for data minimization enforcement
Challenge
Write users with email, phone, address, plan. Query with select: ['user_id', 'plan']. Confirm no email or phone in response.
Interactive Walkthrough
What you'll learn
Return only specific fields from records — reduce payload size and hide sensitive data.
Projection query
curl -s -X POST http://localhost:7475/v1/agents/users/query \
-H "Content-Type: application/json" \
-H "Authorization: Bearer spx_root_YOUR_ROOT_KEY" \
-d '{
"type": "scan",
"limit": 50,
"select": ["user_id", "plan", "created_at"]
}' | python3 -m json.toolOnly user_id, plan, and created_at appear in each record's payload. All other fields are stripped server-side before the response is sent.
Projection with filter
curl -s -X POST http://localhost:7475/v1/agents/users/query \
-H "Content-Type: application/json" \
-H "Authorization: Bearer spx_root_YOUR_ROOT_KEY" \
-d '{
"type": "scan",
"limit": 50,
"select": ["user_id", "email"],
"filter": {"field": "plan", "op": "eq", "value": "enterprise"}
}' | python3 -m json.toolWhen to use projection
- Privacy: return only non-sensitive fields to frontend clients
- Bandwidth: large payloads (with embedded blobs or long text) can be expensive to transfer
- Scoped API keys: combined with key scopes, projection enforces data minimization
Challenge
Write user records that include email, phone, address, and plan. Create a query that returns only user_id and plan — confirm no email or phone appears in the response.
---