Skip to main content
After upgrading to a new platform version, always ensure that your installed component versions match the versions specified in the release notes. To verify this, navigate to FlowX.AI Designer > Platform Status.
Platform Status screen showing component versions

Component versions

Component5.5.05.4.05.3.05.2.05.1.15.1.0
process-engine10.60.010.38.010.29.010.12.09.64.39.63.0
admin10.53.010.38.010.26.110.12.09.66.59.65.0
designer10.91.010.59.110.32.410.12.19.159.59.153.6
cms-core10.35.010.22.010.16.010.7.09.36.39.35.0
scheduler-core10.25.010.15.010.11.110.4.19.26.19.25.0
events-gateway10.27.010.17.010.12.110.4.19.26.19.25.0
notification-plugin10.35.010.22.010.17.010.7.09.29.19.28.0
document-plugin10.35.010.23.010.16.010.6.09.35.19.34.0
task-management-plugin10.35.010.25.010.18.010.7.09.34.29.33.0
data-search10.25.010.14.010.10.110.4.19.23.19.22.0
audit-core10.31.010.21.010.15.110.6.09.30.19.29.1
advancing-controller10.27.010.16.010.11.010.4.19.25.19.24.0
integration-designer10.63.010.38.010.24.010.8.09.50.09.49.1
application-manager10.53.010.37.010.24.010.11.09.73.69.72.0
runtime-manager10.53.010.37.010.24.010.11.09.73.69.72.0
data-sync10.31.110.20.110.14.110.3.19.22.19.21.0
authorization-system10.42.110.28.010.18.110.7.09.34.29.33.0
nosql-db-runner10.27.010.17.010.10.110.4.19.22.19.21.0
email-gateway10.24.010.9.0----
organization-manager10.19.2-----

Embedded components

  • SpiceDB
  • DGraph

Renderers

Component5.5.05.4.05.3.05.2.05.1.15.1.0
@flowx/angular-sdk10.68.010.59.110.32.410.12.19.159.59.153.6
@flowx/angular-theme10.68.010.59.110.32.410.12.19.159.59.153.6
@flowx/angular-ui-toolkit10.68.010.59.110.32.410.12.19.159.59.153.6
@flowx/react-sdk10.68.010.59.110.32.410.12.19.159.59.153.6
@flowx/react-theme10.68.010.59.110.32.410.12.19.159.59.153.6
@flowx/react-ui-toolkit10.68.010.59.110.32.410.12.19.159.59.153.6
@flowx/core-sdk10.68.010.59.110.32.410.12.19.159.59.153.6
@flowx/core-theme10.68.010.59.110.32.410.12.19.159.59.153.6
iOS renderer10.3.010.2.010.1.010.0.09.0.59.0.4
Android renderer10.3.010.2.010.1.010.0.09.0.39.0.2

Plugins

Component5.5.05.4.05.3.05.2.05.1.15.1.0
ocr-plugin1.0.171.0.171.0.171.0.171.0.171.0.17
reporting-plugin0.2.30.2.30.2.30.2.30.2.30.2.3

AI Platform

Component5.5.05.4.05.3.05.2.05.1.15.1.0
ai-assistant10.1.210.1.210.1.110.0.19.2.59.2.4
di-platform10.2.610.2.510.2.510.2.09.3.19.3.1
ai-platform-ai-developerTBD10.1.310.1.310.0.19.4.29.3.0
ai-platform-connected-graphTBD10.1.310.1.310.0.19.4.29.3.0
ai-platform-knowledge-graphTBD10.1.310.1.310.0.19.4.29.3.0
ai-platform-agentsTBD10.1.310.1.310.0.19.4.29.3.0
ai-platform-conversationsTBD10.1.310.1.310.0.19.4.29.3.0
ai-platform-modelsTBD10.1.310.1.310.0.19.4.29.3.0
ai-platform-tenantsTBD10.1.310.1.310.0.19.4.29.3.0
ai-platform-plannerTBD10.1.310.1.310.0.19.4.29.3.0
ai-platform-ai-analystTBD10.1.310.1.310.0.19.4.29.3.0
ai-platform-ai-designerTBD10.1.310.1.310.0.19.4.29.3.0
ai-platform-agent-builderTBD10.1.310.1.310.0.19.4.29.3.0
ai-platform-binariesTBD10.1.310.1.310.0.19.4.29.3.0
knowledgebaseTBD-----
knowledgebase-rag10.2.0-----
knowledgebase-indexer-v210.2.0-----
mcp10.2.0-----
FlowX.AI Version3rd Party DependencySupported Versions
5.5.0Keycloak26+
5.5.0Kafka3.8 - 3.9
5.5.0PostgreSQL16 - 17
5.5.0Oracle Database21c, 23ai
5.5.0MongoDB7 - 8
5.5.0Redis7.4 - 8.0
5.5.0Elasticsearch8 - 9
5.5.0Angular (Web SDK)19.2
5.5.0React (Web SDK)18.x
Starting FlowX 5.0, the following versions of 3rd Party Dependencies are no longer supported:
  • Keycloak versions older than 26
  • Kafka versions older than 3.8
  • Redis versions older than 7.4

New in v5.5.0

Key features and updates

Chat Component Enhancements

New subcomponents (reasoning, error, suggestions), display modes, and mobile support

UI Flows Improvements

Process renderer component, start workflow action, and on load events

Microsoft Outlook Integration

Native MS Graph data source for reading and sending Outlook emails

Send Notification Action

Send emails and reply to received emails directly from processes via SMTP

Knowledge Base v2

Updated Knowledge Base with audit, resource management, and improved UI

User Management Updates

Password policy, DISABLED status, resend invitations, workspace environment types

Upgrading from v5.4.0

Breaking changes

FlowX.AI 5.5.0 introduces a breaking change to the default authentication mechanism across most platform services. If you rely on the default SECURITY_TYPE value or opaque-token introspection, action is required before upgrading.

Authentication mechanism change

The default value of SECURITY_TYPE has changed from oauth2 to jwt-public-key across 14 of 19 platform services. This reflects a shift from opaque-token introspection to JWT-based authentication as the default security mechanism. Removed environment variables: The following environment variables have been removed and are no longer supported:
Environment VariableDescriptionPreviously Used By
SPRING_SECURITY_OAUTH2_RESOURCE_SERVER_OPAQUE_TOKEN_INTROSPECTION_URIOpaque-token introspection endpoint14 services
SPRING_SECURITY_OAUTH2_RESOURCE_SERVER_OPAQUE_TOKEN_CLIENT_IDClient ID for opaque-token introspection14 services
SPRING_SECURITY_OAUTH2_RESOURCE_SERVER_OPAQUE_TOKEN_CLIENT_SECRETClient secret for opaque-token introspection14 services
SECURITY_OAUTH2_REALMOAuth2 realm name13 services
SECURITY_OAUTH2_CLIENT_CLIENT_IDOAuth2 client ID13 services
SECURITY_OAUTH2_CLIENT_CLIENT_SECRETOAuth2 client secret13 services
SECURITY_OAUTH2_SERVICE_ACCOUNT_ADMIN_CLIENT_IDService account admin client ID8 services
SECURITY_OAUTH2_SERVICE_ACCOUNT_ADMIN_CLIENT_SECRETService account admin client secret8 services
Changed default values:
Environment VariableOld DefaultNew DefaultAffected Services
SECURITY_TYPEoauth2jwt-public-key14/19 services
SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_MAINIDENTITY_CLIENT_ID${security.oauth2.service-account.admin.client-id}flowx-${spring.application.name}-sa8 services
SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_MAINIDENTITY_CLIENT_SECRET${security.oauth2.service-account.admin.client-secret}-8 services
SPRING_SECURITY_OAUTH2_CLIENT_PROVIDER_MAINAUTHPROVIDER_TOKEN_URIUses ${security.oauth2.realm}Uses ${security.oauth2.sa-realm}8 services
A new security.oauth2.sa-realm property has been introduced to separate the service account realm from the main authentication realm. This property is used by the token URI for inter-service communication across 11 services.
Migration steps:
1

Update SECURITY_TYPE if explicitly set

If you explicitly set SECURITY_TYPE=oauth2 in your deployment configuration, update it to jwt-public-key or remove it to use the new default.
2

Remove deprecated opaque-token variables

Remove all SPRING_SECURITY_OAUTH2_RESOURCE_SERVER_OPAQUE_TOKEN_* variables from your Helm values, environment configs, or deployment manifests.
3

Update service account client IDs

Service account client IDs now follow the flowx-{service-name}-sa pattern (e.g., flowx-admin-sa, flowx-process-engine-sa). Update your Keycloak service account configurations accordingly.
4

Configure the service account realm

Add the security.oauth2.sa-realm property to your configuration if your service account realm differs from the default.
5

Remove legacy OAuth2 client variables

Remove SECURITY_OAUTH2_REALM, SECURITY_OAUTH2_CLIENT_CLIENT_ID, SECURITY_OAUTH2_CLIENT_CLIENT_SECRET, and SECURITY_OAUTH2_SERVICE_ACCOUNT_ADMIN_* variables from your configuration.

Key changes

  • Authentication: Default SECURITY_TYPE changed from oauth2 to jwt-public-key (breaking change — see above)
  • Organization Manager: New microservice for organization and tenant management
  • Chat Component: Enhanced with new subcomponents (reasoning, error, suggestions), display modes, and mobile support
  • UI Flows: New process renderer component, start workflow action, and on load UI event
  • Microsoft Outlook: New MS Graph data source for Outlook email integration
  • Send Notification: New action type for sending/replying to emails via SMTP
  • Knowledge Base v2: Updated UI, audit trail, and resource management
  • Container Apps: Enhanced authentication flow and landing page
  • File Upload: Improved progress indicators, drag and drop, and large file support
  • File Encrypt/Decrypt: New document plugin actions for file encryption and decryption
  • User Management: Password policy updates, DISABLED status, resend invitations, workspace environment type
  • Process Variables Compare: Monaco diff editor for comparing variable values
  • New Kafka topics: Multiple new topics added across document-plugin, integration-designer, admin, application-manager, email-gateway, authorization-system, and notification-plugin

New microservice: Organization Manager

Available starting with FlowX.AI 5.5.0The Organization Manager is a new microservice responsible for organization and tenant management, including user registration, organization lifecycle, and platform component health monitoring.
Infrastructure requirements:
DependencyDetails
PostgreSQLDedicated database for organization data
RedisCaching and session management
KafkaEvent publishing (organization events topic)
Keycloak/IAMAuthentication and realm management
SpiceDBAuthorization via CAS lib

Organization Manager Setup

Complete setup and configuration guide for the Organization Manager microservice

New Kafka topics

FlowX.AI 5.5.0 introduces new Kafka topics across multiple services.

Document-plugin Kafka topics

New topics for file encryption, decryption, bulk document persistence, and UI Flow session document persistence operations. Input topics (document-plugin consumes from these topics):
Topic NameDescription
ai.flowx.plugin.document.trigger.decrypt.file.v1Triggers file decryption operations
ai.flowx.plugin.document.trigger.encrypt.file.v1Triggers file encryption operations
ai.flowx.plugin.document.trigger.persist.document.bulk.v1Triggers bulk document persistence operations
ai.flowx.plugin.document.trigger.persist.document.session.v1Triggers UI Flow session document persistence; result delivered via SSE through events-gateway
Output topics (document-plugin publishes to these topics):
Topic NameDescription
ai.flowx.engine.receive.plugin.document.decrypt.file.results.v1Results from file decryption operations
ai.flowx.engine.receive.plugin.document.encrypt.file.results.v1Results from file encryption operations
ai.flowx.engine.receive.plugin.document.persist.document.bulk.results.v1Results from bulk document persistence
ai.flowx.eventsgateway.receive.document.v1Document upload progress notifications sent to events-gateway for SSE delivery

Integration-designer Kafka topics

New topics for integration-designer in 5.5.0. Integration-designer now participates in the application sync mechanism for system and workflow resources.
The sync.out.v1 and correction-after-app-operation.response.v1 topics already exist since 5.1.x (used by admin). In 5.5.0, integration-designer becomes an additional producer on these shared response topics.
New topics:
Topic NameDescriptionDirection
ai.flowx.application-version.sync.system.in.v1System resource sync requestsInbound
ai.flowx.application-version.sync.workflow.in.v1Workflow resource sync requestsInbound
ai.flowx.application-version.correction-after-app-operation.system.request.v1System resource correction requestsInbound
ai.flowx.application-version.correction-after-app-operation.workflow.request.v1Workflow resource correction requestsInbound
ai.flowx.build.runtime-data.v1Build runtime dataOutbound
ai.flowx.license.usage.v1License usage trackingOutbound
Existing topics (new producer in 5.5.0):
Topic NameDescriptionDirection
ai.flowx.application-version.sync.out.v1Sync operation responsesOutbound
ai.flowx.application-version.correction-after-app-operation.response.v1Correction operation responsesOutbound

Admin Kafka topics

New topics for UI flow synchronization and correction operations in 5.5.0.
The sync.process.in.v1, sync.business-rule.in.v1, sync.reusable-template.in.v1, sync.out.v1, and correction-after-app-operation topics for process, business-rule, and reusable-template already exist since 5.1.x. Only the UI flow topics below are new in 5.5.0.
Topic NameDescriptionDirection
ai.flowx.application-version.sync.ui-flow.in.v1UI flow sync requestsInbound
ai.flowx.application-version.correction-after-app-operation.ui-flow.request.v1UI flow correction requestsInbound

Application-manager Kafka topics

New outbound topics for resource synchronization and correction of system, workflow, and UI flow resources in 5.5.0.
Application-manager already produces sync and correction topics for process, business-rule, and reusable-template since 5.1.x. The topics below extend the same mechanism to system, workflow, and UI flow resources.
Topic NameDescriptionDirection
ai.flowx.application-version.sync.system.in.v1System resource syncOutbound
ai.flowx.application-version.sync.workflow.in.v1Workflow resource syncOutbound
ai.flowx.application-version.sync.ui-flow.in.v1UI flow resource syncOutbound
ai.flowx.application-version.correction-after-app-operation.system.request.v1System correction requestsOutbound
ai.flowx.application-version.correction-after-app-operation.workflow.request.v1Workflow correction requestsOutbound
ai.flowx.application-version.correction-after-app-operation.ui-flow.request.v1UI flow correction requestsOutbound

Email-gateway Kafka topics

Topic NameDescriptionDirection
ai.flowx.core.trigger.save.audit.v1Audit event loggingOutbound
ai.flowx.core.trigger.start-for-event.process.v1Trigger process start from email eventsOutbound

Authorization-system Kafka topics

Topic NameDescriptionDirection
ai.flowx.organization.events.v1Organization lifecycle eventsOutbound

Notification-plugin Kafka topics

Topic NameDescriptionDirection
ai.flowx.application-version.resources-usages.refresh.v1Resource usages refresh eventsInbound
ai.flowx.application-version.resources-usages.sub-res-validation.response.v1Sub-resource validation responsesOutbound
ai.flowx.application-version.resources-usages.operations.bulk.v1Bulk resource usage operationsOutbound
These topics are automatically created if your Kafka cluster has auto-topic creation enabled. For production environments, it is recommended to create them manually with appropriate partition counts and replication factors.

New environment variables

Platform-wide variables

The following new environment variables are available across multiple services:
Environment VariableDescriptionDefault ValueComponent
KAFKA_MESSAGE_MAX_BYTESMaximum Kafka producer message size in bytes52428800 (50 MB)process-engine, admin, application-manager, integration-designer, events-gateway, email-gateway, notification-plugin, document-plugin
REDIS_TTLRedis cache time-to-live in milliseconds5000000admin, application-manager, cms-core, integration-designer, task-management-plugin, notification-plugin
KAFKA_OAUTH_CLIENT_IDOAuth client ID for Kafka SASL authenticationkafkaevents-gateway, email-gateway, notification-plugin, document-plugin
LOGGING_LEVEL_APPApplication-specific logging levelINFOMost services (12/19)
LOGGING_LEVEL_OAUTH2_EXCOAuth2 autoconfiguration exception logging levelOFFMost services (12/19)
LOGGG_LEVEL_MONGO_DRIVERMongoDB driver logging levelINFOadmin, application-manager, cms-core

Document-plugin variables

Environment VariableDescriptionDefault ValueComponent
MULTIPART_MAX_ENTITY_SIZEMaximum size for multipart uploads at server level52428800 (50 MB)document-plugin
This setting affects all file uploads handled by the document-plugin. Configure alongside the existing Spring multipart settings (SPRING_SERVLET_MULTIPART_MAXFILESIZE, SPRING_SERVLET_MULTIPART_MAXREQUESTSIZE) for consistent upload limits. See Documents Plugin Setup.

Authorization-system variables

Environment VariableDescriptionDefault ValueComponent
SPRING_LIQUIBASE_PARAMETERS_ALLOWED_REDIRECT_URISComma-separated list of valid redirect URI patterns for the flowx-platform-authenticate Keycloak client. Required for new deployments. (empty)authorization-system
New deployments only: If this variable is not set, the flowx-platform-authenticate Keycloak client will have no redirect URIs and OAuth2 login will fail. Set this to your Designer and app URLs (e.g., https://designer.yourcompany.com/*,https://app.yourcompany.com/*).Existing deployments upgrading to 5.5.0 are not affected — the Liquibase migration that uses this variable has already run.

Authorization System Setup

See the full redirect URI configuration details

Email-gateway variables

Environment VariableDescriptionDefault ValueComponent
EMAIL_GATEWAY_IMAP_CONNECTION_TIMEOUTIMAP server connection timeout in milliseconds10000email-gateway
EMAIL_GATEWAY_IMAP_MAX_CONCURRENT_POLLSMaximum number of concurrent IMAP polling operations30email-gateway
EMAIL_GATEWAY_IMAP_MAX_MESSAGES_PER_POLLMaximum messages to fetch per polling cycle50email-gateway
EMAIL_GATEWAY_IMAP_POLLING_INTERVALInterval between IMAP polling cycles in seconds30email-gateway
EMAIL_GATEWAY_IMAP_READ_TIMEOUTIMAP read timeout in milliseconds30000email-gateway
EMAIL_GATEWAY_MASTER_ELECTION_CRONCron expression for master election checks*/5 * * * * *email-gateway
EMAIL_GATEWAY_MASTER_ELECTION_TTLMaster election TTL in seconds15email-gateway
EMAIL_GATEWAY_MAX_EMAILS_PER_INSTANCEMaximum email accounts per service instance for load balancing100email-gateway
EMAIL_GATEWAY_REBALANCING_CRONCron expression for email account rebalancing*/30 * * * * *email-gateway
EMAIL_GATEWAY_STALE_TIMEOUT_SECONDSTimeout in seconds before marking an instance as stale90email-gateway
EMAIL_GATEWAY_MS_GRAPH_MAX_MESSAGES_PER_POLLMaximum messages to fetch per MS Graph polling cycle50email-gateway
EMAIL_GATEWAY_MS_GRAPH_CLIENT_CACHE_TTLTTL for cached MS Graph client instances1demail-gateway
For complete email-gateway configuration including database, Redis, and Kafka settings, see the Email Gateway Setup guide.

Compatibility

  • Authentication: Default SECURITY_TYPE changed to jwt-public-key — deployments using opaque-token introspection require migration (see breaking changes)
  • Renderer Updates: Web and mobile SDKs include new Chat component features and UI Flows enhancements
  • Database: No schema changes required for this upgrade
  • Mobile Support: Chat component now available on iOS and Android renderers
  • New Service: Organization Manager requires PostgreSQL, Redis, Kafka, and Keycloak infrastructure

Support

For technical support, deployment assistance, or feature questions, please contact your FlowX.AI support representative.

Support channels

  • Technical issues: Contact your FlowX.AI support representative
  • Feature questions: Reach out through your designated support channel
  • Documentation: Report documentation issues or suggestions
Last modified on February 27, 2026