> ## Documentation Index
> Fetch the complete documentation index at: https://docs.svantic.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Sensitive forms

# Sensitive forms

Svantic can present interactive forms (A2UI) mid-conversation — richer than free-text Q\&A. When a form asks for secrets (passwords, API tokens, PII), those values must **not** flow through the agent or the LLM. Otherwise they end up in logs, traces, or prompt history.

`SensitiveFormRouter` is the single helper a client UI calls to handle this correctly.

This guide is for client-side code: terminals, browser widgets, mobile apps. Agents themselves don't use it.

## What Svantic sends

When the agent emits a sensitive form, the form metadata includes:

* `sensitive: true`
* `submit_url` — a one-shot secure endpoint the Svantic edge exposes for this session.

Non-sensitive forms have neither field set.

## What the client does

```typescript theme={null}
import { SensitiveFormRouter } from '@svantic/sdk';

async function on_submit(values: Record<string, string>, form: {
  action_name: string;
  sensitive?: boolean;
  submit_url?: string;
}) {
  const routed = await SensitiveFormRouter.route({
    values,
    action_name: form.action_name,
    sensitive: form.sensitive,
    submit_url: form.submit_url,
  });

  // Send `routed.agent_message` (never the raw values) back to the agent.
  await send_to_agent(routed.agent_message, routed.action_data);
}
```

Two paths, one API:

* **Sensitive + `submit_url`** — values go to `submit_url` via HTTPS POST. The router returns a sanitized message like `USER_INPUT: form_submitted=true (context: login [sensitive form submitted securely])`. Forward that to the agent. `action_data` is absent.
* **Everything else** — values go to the agent as normal. `routed_to === 'agent'`, `action_data` carries the values.

The agent never receives raw sensitive values either way.

## What `submit_url` does

The URL points at a Svantic-managed secure endpoint scoped to the current session. The endpoint:

* accepts the form values over TLS,
* stores them encrypted against the session,
* releases them to whichever downstream step needs them (e.g. an auth flow in a connector) without going through the LLM or appearing in telemetry.

You don't need to run anything to support this.

## When the POST fails

`SensitiveFormRouter.route` throws. The client should:

1. Surface a clear error to the user ("Couldn't submit securely — please retry").
2. **Not** fall back to sending values through the agent. The whole point is that the values never go there.

## See also

* [A2UI reference](../reference/a2ui)
* Concept: [A2UI (Human-in-the-Loop)](../../concepts/a2ui)