> ## Documentation Index
> Fetch the complete documentation index at: https://docs.flowx.ai/llms.txt
> Use this file to discover all available pages before exploring further.
# FlowX.AI 5.8.0 Release Notes
> Runtime authorization overhaul, UI Flow permissions, Custom Components in Processes, new theme components, Angular bulk file upload, and webhook provider adapters.
**Deployment models:**
* Self-Hosted Features for self-hosted (on-premises) deployments
* All Deployments Features available in both self-hosted and SaaS
Sharing a FlowX solution used to mean handing out admin keys. **5.8.0 changes that.** The AI Developer now ships the React component you wished you'd had time to build, PII never reaches your LLM by accident, and you can finally invite a reviewer without giving them the platform.
### What changed since 5.7.0
| 5.7.0 | 5.8.0 |
| ---------------------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------- |
| End-user access management with org-level roles and groups | + **Runtime authorization** with project-version-scoped roles, groups, and attribute-based assignment |
| UI Flows accessible to any runtime user | + **UI Flow permissions**: assign roles per UI Flow, evaluated at runtime |
| Custom Components in UI Flows only (Phase 1, React) | + **Custom Components in Processes** with shared data model, input/output mappings, and AI Developer generation |
| Built-in UI components | + **Tooltip, Markdown, Progress Bar, Separator** as new theme components |
| React-only multi-file upload | + **Angular SDK bulk file upload** |
| Generic webhook gateway | + **Webhook provider adapters** (Slack, with HMAC signing-secret validation) |
| Oracle Database (basic SQL editor) | + **Richer SQL autocomplete** in the Monaco editor: operators, schema-aware tables/columns, and `:paramName` interpolations |
| No personal-information guardrails on AI workflow nodes | + **PII Guard** with input/output scans, sensitivity presets, and an entity catalog |
***
**What's new?**
π [**Runtime authorization**](#runtime-authorization) - Project-scoped roles, end-user groups in FlowX, and Solutions β Share flow\
π [**UI Flow permissions**](#ui-flow-permissions) - Role-based UI Flow visibility with runtime enforcement
𧩠[**Custom Components in Processes**](#custom-components-in-processes) - Bundled CCs in Process User Tasks with shared data model\
π¨ [**New UI components**](#new-ui-components) - Tooltip, Markdown, Progress Bar, Separator\
π₯ [**Angular bulk file upload**](#angular-bulk-file-upload) - Multi-file upload component for the Angular SDK\
π¦ [**UI Flow multi-file upload backend**](#ui-flow-multi-file-upload-backend) - Single bulk endpoint and one completion SSE event for batch uploads\
πͺ [**Webhook provider adapters**](#webhook-provider-adapters) - Slack inbound webhook support with HMAC signing\
ποΈ [**Richer SQL autocomplete**](#richer-sql-autocomplete) - Monaco editor enhancements for the Oracle data source SQL editor\
𧱠[**Data source UX redesign**](#data-source-ux-redesign) - Tile-based creation, type filters, unified settings, save with incomplete config\
β [**Context menu adds UI components in Processes**](#context-menu-adds-ui-components-in-processes) - Right-click Add UI component in Process User Tasks and Reusable UI Templates\
π [**Pointer cursor on actionable elements**](#pointer-cursor-on-actionable-elements) - Web renderers show pointer on action-bound components
π‘οΈ [**PII Guard**](#pii-guard) - Personal information identification on AI inputs\
π€ [**AI Developer generates Custom Components**](#ai-developer-generates-custom-components) - Pre-built agent now drafts Custom Component code\
π [**Knowledge Base enhancements**](#knowledge-base-enhancements) - System metadata keys, Kafka indexerβembedder, Qdrant export/delete, error handling\
π [**Web Crawler multi-URL filters**](#web-crawler-multi-url-filters) - Multiple URL filters per crawler config
{/* THEME A β RUNTIME AUTHORIZATION (BLOCKED ON MARIAN re CORE-4616) */}
### **Runtime authorization**
**Before 5.8.0:** a role on a user matched every project that role appeared in. **Now:** roles live at the project version, sharing is explicit, and Designer users still bypass runtime so they can demo without standing up test accounts.
Runtime access is reorganized around the project. Roles live at the **project version**, each org has a managed catalog of **end-user groups**, and access flows through a **Solutions β Share** modal. FlowX retains authentication and external-IDP federation in Keycloak; runtime roles, end-user groups, and project-scoped sharing live in FlowX itself, evaluated by a custom runtime authorization service tuned for the volume of runtime permission checks. SpiceDB remains the design-time permission engine for Designer access.
See Setup guides β Access management β Runtime authorization.
Each project version declares the runtime roles required to operate it. Roles are org-level entities, defined once and reusable across projects and libraries.
New projects spawn with a default `user` role so a fresh project is reachable on day one without extra wiring.
The Solutions page gains a **Share** modal. Pick a user or end-user group, assign a role, and the user can launch the solution at runtime.
Groups previously managed in Keycloak now live in FlowX. Recommended pattern: an "All End Users" group per single-role solution; one group per role for multi-role solutions.
BPMN swimlanes assign view, execute, and self-assign permissions per role.
Designer users can run any project they have designer access to without holding a runtime role; they auto-receive view, execute, and self-assign on every swimlane.
The Share modal lists only roles defined in the build set as **Active Policy** for the project. Roles defined in a non-active build do not appear until promoted.
The 5.8.0 release introduces a clear split between authentication and runtime authorization:
| Concern | System | Notes |
| ---------------------------------- | ------------------ | ------------------------------------------------- |
| Authentication, sessions, MFA | Keycloak | Unchanged |
| External IDP federation | Keycloak | Configured per organization |
| User attributes (business filters) | Keycloak | Source of truth for token claims |
| Runtime roles | FlowX (custom CAS) | Defined per project version, evaluated at runtime |
| End-user groups | FlowX (custom CAS) | Replaces Keycloak group management |
| Project-scoped sharing | FlowX (custom CAS) | Solutions β Share modal |
| Design-time permissions | FlowX SpiceDB | Designer UI access; unchanged from prior releases |
A `designer-user` Keycloak attribute is auto-managed on each user (`true` for designer users, `false` for end-users), with a mapper on the `flowx-platform-authenticate` client so the engine can check it cheaply on the access token.
**Sharing settings do not export between environments or workspaces.** Configure sharing per environment as a deliberate step when promoting a project to a higher environment.
Sharing data does not travel with the project export, so promoting a build from one environment to another (for example, dev to staging) requires a sharing pass in the target environment. Treat it as an explicit step in your deployment checklist.
Existing FlowX organizations migrate as follows:
* Roles previously assigned directly to users continue to work for backward compatibility while you rebuild assignments under the project-scoped model.
* End-user groups configured in Keycloak are migrated into FlowX and become the authoritative source going forward.
* Existing UI Flows receive the project-level **User** role automatically as their default allowed role on upgrade. See the [UI Flow permissions](#ui-flow-permissions) section for next steps.
All Deployments
{/* THEME B β UI FLOW PERMISSIONS */}
### **UI Flow permissions**
**Before 5.8.0:** every UI Flow was reachable by anyone with runtime access. **Now:** each UI Flow carries its own allow-list and components inside it can be hidden or disabled per role.
Each UI Flow now carries a list of allowed runtime roles. Users without one of those roles cannot start the UI Flow at runtime, and the UI Flow does not appear in the solutions list returned by the runtime API. Inside a UI Flow session, individual components can be hidden or disabled by permission-based rules evaluated at runtime against the user's permission set.
See UI Flows β UI Flow permissions.
A new **Settings β Permissions** page in the UI Flow editor lets you assign one or more runtime roles to each UI Flow.
New UI Flows receive the project-level **User** role by default so they are reachable on day one; tighten the list before deploying.
Components can be hidden or made readonly based on the user's runtime permissions, using the same hide/disable rule machinery as JavaScript expressions.
Users without the required role see a permission toast in the Designer-hosted runtime preview; the deployed app returns 403 from the start endpoint.
Input parameters are validated against the UI Flow's input schema before the session is created.
Allowed roles are saved on the UI Flow resource and travel with project export/import.
UI Flows created before 5.8.0 receive the project-level **User** role automatically as their default allowed role on upgrade. Review and tighten the role list per UI Flow as part of the 5.8.0 deployment checklist.
All Deployments
{/* THEME C β CUSTOM COMPONENTS IN PROCESSES */}
### **Custom Components in Processes**
**Before 5.8.0:** Custom Components only ran in UI Flows. **Now:** drag one onto a Process User Task and the React SDK applies the input/output mappings at runtime.
Bundled Custom Components, previously only usable in UI Flows, now render in **Process User Tasks**. Each Custom Component carries its own **data model** with explicit input and output slices, and you map process data into and out of the component at each use site. Renderer support ships in the React SDK.
See Custom Components β Using Custom Components in Process User Tasks.
Drag a Custom Component onto a Process User Task layout the same way you do in UI Flows.
Each Custom Component declares its own data model. The Designer keeps input and output slices isolated so the component contract is clear at every use site.
Map process data attributes onto the Custom Component's input slice at runtime, so the component receives only the data it declared.
When the component triggers an action, the React SDK applies the configured OUTPUT mappings before piping `saveData` back to process variables.
The Custom Component editor lets you fill input params with sample data for in-Designer preview, mirroring the UI Flow test flow.
Custom Components export and import alongside the data model and mappings so a component travels intact between projects.
Phase 1 limitations from 5.7.0 still apply: React SDK only (no Angular renderer), pre-defined dependency set (React, Emotion, Lodash, Axios, date-fns), browser-side bundling, and client-side rendering only. See the [Custom Components limitations](/5.9/docs/building-blocks/reusable-resources/custom-components#limitations-phase-1) section.
All Deployments
{/* THEME D β NEW UI COMPONENTS */}
### **New UI components**
Four new theme components ship with renderer parity across React, Angular, and Android SDKs.
Contextual hint anchored to any UI element. Configurable text (static, local variable, or computed expression), position handling, and an optional icon.
Render Markdown content from a static string or computed expression, with localization formatting for numbers, dates, and currency. Six heading levels and link styling are theme-driven.
Visual progress indicator. Set a value between `0` and `1` from a static value, local variable, or computed expression.
Visual divider with theme-driven color. Adjustable height for layout spacing.
All four are exposed in the **Theme Admin** sidebar so theme overrides cascade through templates.
All Deployments
{/* THEME E β STOP AGENT RESPONSE: REMOVED.
Verified 2026-05-04 from designer source: all 4 stop-response commits
(56abef8316, a1d2f913c0, 2ec2eb404b, 59bb27a023) are dated 2026-04-20/21,
on origin/master before the 5.7.0 freeze (2026-04-28). Feature already
documented at 5.1/ai-platform/chat-component.mdx:378 (5.7.0 callout) and
announced in the 5.7.0 RN at lines 186 + 349. The Jira tickets
RPT-5330/5341/5340/5339/5338 carry fixVersion = 5.8 but the work shipped
in 5.7.0. Do not re-document in 5.8.0 RN. */}
{/* STANDALONE FEATURES */}
### **Angular bulk file upload**
The **Multiple File Upload** component (`BULK_FILE_UPLOAD`), previously available only in the React SDK, now ships in the Angular SDK with the same drag-and-drop area and theming. Existing UI Flows that use the component render across React and Angular containers without configuration changes.
See the Multiple File Upload component reference.
Same component, same configuration, same theming across React and Angular containers.
Drop zone with click-to-browse fallback in both renderers.
The component picks up theme overrides for typography, colors, and spacing the same way as built-in components.
UI Flows authored before 5.8.0 render in the Angular SDK without edits.
All Deployments
### **UI Flow multi-file upload backend**
Multi-file uploads from UI Flows now use a dedicated bulk endpoint and a single completion event in place of the per-file pattern. The upload action accepts a list of temp-file IDs in one request and the SDK receives a single SSE frame when the batch is persisted.
See Multiple file upload β UI Flow upload flow.
`POST /ui-flow/{uiFlowSessionId}/upload-multiple` accepts a list of temp-file IDs and returns a server-generated `uploadBatchId`.
One SSE frame (`UI_FLOW_FILE_UPLOAD_MULTIPLE`, namespace = `uploadBatchId`) delivers per-file results once the batch is persisted.
`ai.flowx.plugin.document.trigger.persist.document.session.bulk.v1` carries the bulk command from process-engine to document-plugin.
Per-file results are stored as a list under the upload action's `responseKey` in the UI Flow session.
All Deployments
### **Webhook provider adapters**
Inbound webhook registrations now select a **provider**: `GENERIC` or `SLACK`. The Slack adapter performs HMAC-SHA256 signature validation against the Slack signing secret on every request, including the `X-Slack-Request-Timestamp` skew check (5 minutes). Provider-segmented URLs (`/webhooks/incoming/slack/...`) keep generic and provider-specific registrations isolated. Future providers plug in behind the same `InboundProviderAdapter` interface without changing the URL contract.
See Incoming webhooks β Provider adapters.
HMAC-SHA256 on `X-Slack-Signature`, with timestamp skew enforced
The gateway answers Slack's `url_verification` challenge automatically
`/webhooks/incoming/{provider}/...` keeps providers isolated; mismatch returns 400
Rotate the provider signing secret without touching the FlowX API key
Provider + signing secret moved to a dedicated Settings tab on the webhook system
New providers add an adapter and an enum value; no URL or registration schema changes
All Deployments
### **Richer SQL autocomplete**
The Monaco editor on the Oracle Database data source now ships with a full SQL language definition. Autocomplete suggestions cover SQL keywords and operators, table and column names parsed from the saved schema context, and `:paramName` interpolations resolved from the parameters panel.
See the Oracle Database SQL editor documentation.
Full SQL language definition powers keyword highlighting and completion.
Tables and columns parsed from the saved schema context appear in completion lists.
`:paramName` placeholders resolve against the parameters panel for inline preview.
Matches the editor experience used by other code surfaces in the Designer.
All Deployments
### **Data source UX redesign**
The Data Sources resource page is rebuilt around a tile-based creation flow and a unified details view. Each data source type has its own icon and a dedicated tile in the **New Data Source** modal, with a search box that filters tiles as you type. The list view shows the type next to each entry and adds a type filter so you can scope the list by connector. Settings panels for every data source type are normalized to the same card-based layout.
See the Integration Designer reference for data source configuration.
The **New Data Source** modal lists every connector type as a searchable tile, replacing the previous type dropdown.
Each entry in the data sources list shows the connector's icon and type, so a long list is easier to scan.
Filter the list to a specific connector type (REST, FlowX Database, Email, MCP Server, Knowledge Base, etc.) without scrolling.
Every data source type now uses the same card-based settings layout, so the configuration experience is consistent across connectors.
Create and save a data source even when some fields (credentials, endpoints) are not yet available. You can reference the data source in workflows and processes immediately and finish the configuration later β the data source will only operate at runtime once required fields are filled in.
All Deployments
### **PII Guard**
**Before 5.8.0:** data-sensitive customers couldn't enable AI workflow nodes at all. **Now:** every AI node carries a per-node guardrail with sensitivity presets, scan directions, and a fail-closed contract.
AI workflow nodes gain a per-node guardrail that detects and replaces personal information before it reaches the LLM and, optionally, scans LLM output before it flows downstream. The guard runs against the new **Data Privacy** service, configured per node with sensitivity presets, scan directions, and an entity catalog organized into Universal, Regional EN, and Regional RO scopes. Iteration 1 covers Custom Agent, Intent Classification, Extract Data from File, and all AI Text, Document, Image, and Data Operations, including Document Generation.
See Integration Designer β AI Nodes β Personal Information Guard.
Enable on any AI node. Choose a sensitivity preset (Strict / Balanced / Relaxed) or set a custom threshold.
Redacts inputs and `systemPrompt` before the LLM call; optionally scans LLM output before it leaves the node.
Document and image nodes get a redacted source artifact uploaded back to the same storage; the file binding is swapped automatically.
24 entity types (email, phone, IBAN, etc.) grouped under Universal, Regional EN, and Regional RO. Modal supports search and section-level Select All.
Custom Agent nodes get a non-editable system-prompt segment teaching the LLM how to handle `` placeholders.
Any error from the Data Privacy service stops node execution and surfaces on the run log; no partially-redacted prompts reach the LLM.
Each scan reports status, per-entity detection counts, and (for file scans) original and redacted storage paths.
Backed by Presidio. Configured via `FLOWX_DATAPRIVACY_BASEURL` and `FLOWX_DATAPRIVACY_TIMEOUTSECONDS` on integration-designer.
All Deployments
### **Knowledge Base enhancements**
Knowledge Bases gain richer metadata and a more resilient indexing path. Stores and chunks expose system metadata fields you can filter on in the Test KB modal and the Custom Agent node, the indexer and embedder communicate over Kafka instead of synchronous calls, and the Update Knowledge Base node can ingest files by path from inside a workflow.
See Knowledge Base β Overview.
Filter entries by `Source` (Manual or Workflow), `Uploaded`, `Doc name`, `Doc type`, `Doc pages`, and `Store origin`
Filter chunks by `Chunk counter`, `Chunk type`, `Chunk section`, `Chunk page start`, and `Chunk entry`
Replaces the previous synchronous gRPC path; per-chunk embedding requests flow through `ai.flowx.ai-platform.knowledgebase.internal.embedding-request.v1`
Indexer forwards a delete job to the embedder, which removes matching points from Qdrant when an entry is deleted
The Update Knowledge Base node accepts `contentType: FILE_PATH` so workflows can ingest content uploaded earlier in the run
Custom Agent streaming responses include `doc_pages` and chunk metadata (counter, type, section, page start) for richer trace and debug
All Deployments
### **Web Crawler multi-URL filters**
The Web Crawler node now accepts up to 20 URL filter patterns per crawler configuration. Open the **URL Filters** modal on the Web Crawler node, add one row per pattern, and the crawler restricts its breadth-first traversal to URLs that match any of the configured filters.
See the Web Crawler setup guide.
Add one row per pattern in the URL Filters modal; deep crawls match any pattern.
The previous single-string filter is superseded by the new multi-pattern array. Existing crawlers are migrated automatically.
Filters apply to the crawler's breadth-first traversal so deep crawls stay within the intended scope.
Combine narrow and broad patterns in one configuration to handle multi-section sites without spawning multiple crawlers.
All Deployments
### **AI Developer generates Custom Components**
**Before 5.8.0:** the AI Developer wrote business rules and JS expressions. **Now:** it ships entire React Custom Components β JSX, CSS, `package.json`, and sample input data β in one prompt.
The AI Developer pre-built agent gains a **Generate Custom Component** action and an **Edit Custom Component** action. From the Designer's AI command center, describe the component you want, and the agent returns a complete React bundle (JSX, CSS, `package.json`, and sample input data) that you can preview, accept, or iterate on. The same conversation can edit existing components.
See AI Developer β Pre-built agents.
Describe a component in plain language; receive JSX, CSS, `package.json`, and sample input data in one response.
A dedicated input field lets you provide preview data so the generated component renders meaningfully on first run.
Iterate on a generated or hand-authored component through the same conversation. The agent keeps the component context.
The Designer's Preview area renders the generated bundle next to the conversation so you can validate before saving.
A new dependency summary panel surfaces the npm packages the agent included in `package.json`.
Accept the generated bundle into the workspace or discard it without leaving the conversation.
The first iteration generates the component code, styles, and input parameters. Wiring component actions to host-side handlers (Process or UI Flow actions) is not yet inferred β connect actions manually after accepting the generated bundle.
All Deployments
### **iframe logout postMessage contract**
The runtime SaaS app now notifies an iframe parent when a user logs out. When the parent passes a `parentOrigin` query parameter on the `/{orgCode}/logout` URL, the runtime posts `{ type: 'logout-success' }` to `window.parent` immediately before the sign-out redirect. Host applications that embed the FlowX runtime in an iframe can listen for this message and react (clear local state, navigate, surface a UI cue) without polling the iframe URL.
All Deployments
### **Context menu adds UI components in Processes**
The right-click contextual menu for adding a UI component, previously available only in UI Flows, now works in **Process User Tasks** and **Reusable UI Templates** as well. Right-click a node in the components hierarchy panel to insert any allowed child component without dragging from the palette. Copy and paste styles are also exposed from the same menu.
All Deployments
### **Pointer cursor on actionable elements**
Web renderers now switch the cursor to a pointer when hovering over any UI component bound to an action, matching standard web affordances. No configuration change is required β the new behavior applies automatically to elements that already declare an action role.
All Deployments
### **"Process Data" β "Local Variables" rename**
In the UI Designer, the **Process Data** label is now displayed as **Local Variables** when you are editing a UI Flow or a Reusable UI Template. Process editing is unchanged and continues to use **Process Data**. The data source key and binding behavior are identical; only the user-visible label changed, so existing flows continue to work without any update.
All Deployments
### **License billing guards**
The license service no longer creates billing plans for periods past an organization's subscription end date. This prevents stale plan rows from accumulating after a subscription expires and aligns the on-prem billing trail with the SaaS-side license lifecycle.
Self-Hosted
### **Speech-to-text and Web Crawler in AI consumption**
AI consumption tracking now includes Speech-to-text and Web Crawler workflow nodes alongside the existing AI Text, Document, Image, and Data Operations. Organizations on AI consumption-based plans see usage and billing reflected for these nodes from 5.8.0 onward.
All Deployments
***
## Shipped by
This release is the work of the FlowX engineering team β backend, frontend, AI, infra, QA, and docs. It also belongs to the customers who told us what was broken last quarter. Thank you.
***
## Deployment guidelines
For component versions, environment variables, Kafka topics, and migration guidance, see [Deployment guidelines v5.8.0](./deployment-guidelines-v5.8).