Validation best practices: .NET coding vs. Outsystems

Hi All,

I was hoping someone could give me the answer to some Outsystems best practices regarding validation. I’m use to programming in C# Webforms and MVC building a N-tier modelled applications. In Outsystems there is a kinda similar 4 layer canvas best practice that kinda resembles it. There is one part I do not have the awnser to regarding validation.

When coding in .NET I’m use to add validationexeptions/businessruleviolation exeptions in the domain layer of my application. In the web forms/user interface I would add JavaScript validation testing the input with the same criteria de domain layer has. Thus avoiding the business layer exceptions to be thrown. This is the best practice in coding .NET.

I created an action/method in Outsystems for creating an entity with custom rules like regular expressions in Outsystems. I can drag an entity on the form and it automatically generates validation on server side and client side if desired. Yet it does only generate validation conforming the entity. Regular expressions validations are not automatically added. When an invalid form is posted the exceptions in action/method is thrown and I can pick that exception up in the frontend.

Question: You create a customer entity including address information. You want the postal to be in a specific format. You create a method called “CreateNewCostomer” in the backend to validate the input for the generated “CreateCustomer”. The validation/check if the postal is in the correct format should that be done the same way as coding .NET? Thus adding the validation in the frontend as wel as in the CreateNewCostomer method? Or should it be done only once in the “CreateNewCostomer” catching the exeption an thowing it back to the userinterface?


a great question :)

Imho it's really simple.

1. serverside validation must ALWAYS be done, because you want to make sure whatever the data is coming from is validated and stored correctly.

2. in-screen-action validation is preferred so users don't get exception, but can see where stuff is going wrong.

3. client-side validation is optional and should only be applied if it's enhances usability.

so, 1 is mandatory, 2-3 are kind of optional, because you want to have a great usability and perhaps even prevent useless calls to the database.

Hi All, 

Thank you for the explanations. 

I need suggestions on implementation of the same. I have selected the validation to be client and server and I prefer performing the server side validations in a server action instead of a screen action( I will pass my input from the screen into the server action to perform the validations). 

In this case, will there be an option to still check form.valid ( since form details will not be available in server actions). I'm just wondering if there is any alternative.Kindly suggest if any.

Thanks and Regards,


Hi Priya!

No, Form.Valid is only available on the Screen context, so there's no way a Server Action knows about it.

At most your server action can provide an output structure/list with all the errors it encountered, so on the screen action where you call the validation server action you can add the necessary validation messages to the relevant inputs.

Hi Jorge, 

 Ok sure.Thank you for the suggestion. 

Thanks and Regards,