Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.flowx.ai/llms.txt

Use this file to discover all available pages before exploring further.

After upgrading to a new platform version, always ensure that your installed component versions match the versions specified in the release notes. To verify this, navigate to FlowX.AI Designer > Platform Status.
Upgrading from 5.1.x LTS? This page describes the steady-state 5.9.0 deployment. For the architecture delta, deprecation list, and upgrade steps, see Migrating from 5.1 LTS.
Platform Status screen showing component versions

Component versions

The following tables list component versions per FlowX.AI release. Verify your installed versions against the 5.9.0 column in FlowX.AI Designer → Platform Status.
Component5.9.05.8.05.7.05.6.05.5.05.4.0
process-engine10.135.010.106.010.96.010.77.010.60.010.38.0
admin10.116.010.93.010.83.010.66.010.53.010.38.0
designer10.230.210.181.010.164.010.127.310.91.010.59.1
cms-core10.86.010.67.010.58.010.43.010.35.010.22.0
scheduler-core10.70.010.53.010.45.010.31.010.25.010.15.0
events-gateway10.72.010.55.010.47.010.33.110.27.010.17.0
notification-plugin10.83.010.64.010.56.010.42.110.35.010.22.0
document-plugin10.94.010.75.010.64.010.46.010.35.010.23.0
task-management-plugin10.84.010.66.010.57.010.41.110.35.010.25.0
data-search10.69.010.52.010.44.010.30.110.25.010.14.0
audit-core10.79.010.63.010.54.010.40.010.31.010.21.0
advancing-controller10.73.010.55.010.45.010.33.110.27.010.16.0
integration-designer10.162.010.128.010.113.010.84.010.63.010.38.0
application-manager10.123.010.97.010.88.010.69.110.53.010.37.0
runtime-manager10.123.010.97.010.88.010.69.110.53.010.37.0
data-sync10.81.010.58.010.50.010.38.010.31.110.20.1
authorization-system10.96.110.77.010.68.010.51.010.42.110.28.0
nosql-db-runner10.75.010.56.010.48.010.34.010.27.010.17.0
email-gateway10.74.010.56.010.47.010.32.110.24.010.9.0
organization-manager10.71.010.53.010.44.010.26.110.19.2-
webhook-gateway10.44.010.25.010.15.010.1.1--
file-gateway10.8.0-----
ai-gateway10.7.0-----
license10.63.010.46.010.36.0---
flowx-docs------
react-saas------

Embedded components

  • SpiceDB
  • Qdrant

Renderers

Component5.9.05.8.05.7.05.6.05.5.05.4.0
@flowx/angular-sdk10.230.210.181.010.164.010.127.310.68.010.59.1
@flowx/angular-theme10.230.210.181.010.164.010.127.310.68.010.59.1
@flowx/angular-ui-toolkit10.230.210.181.010.164.010.127.310.68.010.59.1
@flowx/react-sdk10.230.210.181.010.164.010.127.310.68.010.59.1
@flowx/react-theme10.230.210.181.010.164.010.127.310.68.010.59.1
@flowx/react-ui-toolkit10.230.210.181.010.164.010.127.310.68.010.59.1
@flowx/react-native-sdk10.230.2-----
@flowx/react-native-theme10.230.2-----
@flowx/react-native-ui-toolkit10.230.2-----
@flowx/core-sdk10.230.210.181.010.164.010.127.310.68.010.59.1
@flowx/core-theme10.230.210.181.010.164.010.127.310.68.010.59.1
iOS renderer10.4.110.3.010.3.010.3.010.3.010.2.0
Android renderer10.5.010.3.010.3.010.3.010.3.010.2.0

Plugins

Component5.9.05.8.05.7.05.6.05.5.05.4.0
ocr-plugin1.0.191.0.171.0.171.0.171.0.171.0.17
reporting-plugin0.2.60.2.30.2.30.2.30.2.30.2.3

AI Platform

Component5.9.05.8.05.7.05.6.05.5.05.4.0
di-platform10.3.110.3.010.3.010.3.010.2.610.2.5
ai-platform-ai-assistant10.7.010.7.010.6.2---
ai-platform-ai-analyst10.7.010.7.010.6.210.6.010.4.010.1.3
ai-platform-ai-designer10.7.010.7.010.6.210.6.010.4.010.1.3
ai-platform-ai-developer10.7.010.7.010.6.210.6.010.4.010.1.3
ai-platform-planner10.7.010.7.010.6.210.6.010.4.010.1.3
ai-platform-agent-builder10.7.010.7.010.6.210.6.010.4.010.1.3
embedder10.7.010.7.010.6.2---
knowledgebase-rag10.7.010.7.010.6.210.6.010.2.0-
knowledgebase-indexer-v210.7.010.7.010.6.210.6.010.2.0-

Standalone AI services

Separate repositories under flowx-ai/, installed independently from the AI Platform umbrella chart.
Component5.9.05.8.05.7.05.6.05.5.05.4.0
doc-parser10.9.010.7.010.6.210.5.1--
doc-converter10.2.310.2.310.2.310.2.2--
web-crawler10.3.510.3.510.3.2---
data-privacy10.1.010.1.010.0.8---
speech-to-text10.3.4TBDTBD---
evals-judge10.1.1-----
modpod10.0.710.0.710.0.7---
ai-observatory10.3.2-----
FlowX.AI Version3rd Party DependencySupported VersionsDropped
5.9.0Keycloak26+
5.9.0Kafka3.9 - 4.23.8
5.9.0PostgreSQL16 - 18
5.9.0Oracle Database21c, 23ai
5.9.0MongoDB7 - 8
5.9.0Redis8+Versions older than 8
5.9.0Elasticsearch Sink Connector (*)15+
5.9.0Angular (Web SDK)19.2
5.9.0React (Web SDK)18.x
Note that versions will be dropped from the supported list as support upstream is no longer provided. (*) Required only if using indexing via Kafka. Multiple sink connector implementations also work, as long as they are compatible with both the deployed Kafka and Elasticsearch version deployed.
LTS support policy. FlowX 5.9.x LTS family is supported for 2 years. Within that window, support for any third-party dependency is contingent on that dependency remaining supported by its upstream vendor. Once a version reaches upstream end-of-life, it is removed from the supported list and customers are expected to upgrade to a still-supported version, even if the FlowX LTS itself remains supported.

Kafka topics

Document-plugin archive and extract listeners

5.9.0 exposes four Kafka topics for the document-plugin archive and extract operations. Both follow the encrypt/decrypt trigger and reply pattern: document-plugin consumes the trigger.*.file topic and process-engine consumes the matching engine.receive.*.file.results reply.
TopicProducerConsumer
ai.flowx.plugin.document.trigger.archive.file.v1process-enginedocument-plugin
ai.flowx.engine.receive.plugin.document.archive.file.results.v1document-pluginprocess-engine
ai.flowx.plugin.document.trigger.extract.file.v1process-enginedocument-plugin
ai.flowx.engine.receive.plugin.document.extract.file.results.v1document-pluginprocess-engine
The four topic names are exposed as env vars on the document-plugin side (KAFKA_TOPIC_FILE_ARCHIVE_IN, KAFKA_TOPIC_FILE_ARCHIVE_OUT, KAFKA_TOPIC_FILE_EXTRACT_IN, KAFKA_TOPIC_FILE_EXTRACT_OUT). See Documents plugin setup → File archive / File extract. Two new thread-pool entries are added: KAFKA_CONSUMER_THREAD_POOLS_THREADPOOLGENERIC_THREAD_COUNT_PER_CONTAINER_FILEARCHIVEIN and ..._FILEEXTRACTIN, both defaulting to 5.

Environment variables

A configuration that blocks startup is a required configuration. If a service fails to start and its logs report a missing or empty configuration value, treat that value as required and provide it, even when it is not flagged as required here. These guides document the most common variables; they are not an exhaustive list of every value your deployment topology requires.

Data-sync: Keycloak admin credentials

The data-sync job provisions FlowX-managed end-user groups and runtime roles in Keycloak on first run, using the Keycloak admin API. Configure the following on the data-sync job:
Environment VariableDescriptionDefault ValueComponent
FLOWX_OPENID_PROVIDEROpenID provider type. Set to keycloak (the only supported provider).-data-sync
FLOWX_OPENID_SERVER_URLBase URL of the Keycloak server, including the /auth/ path.-data-sync
FLOWX_OPENID_USERUsername of a Keycloak admin account that can manage groups and roles in the FlowX realm.-data-sync
FLOWX_OPENID_PASSWORDPassword for the admin account above. Store in a Kubernetes Secret.-data-sync
FLOWX_OPENID_CLIENT_IDKeycloak admin client used to obtain the admin token. Typically admin-cli for standard Keycloak deployments. Must be set explicitly. There is no default.-data-sync
For full data-sync configuration, see Data-sync job setup.

Anonymous service account: shared client secret

5.9.x introduces a single shared service-account client, flowx-anonymous-sa, used by FlowX backend services for inter-service calls on anonymous (unauthenticated) runtime flows. One client secret is reused across all consumers — it must be provided in two places. On authorization-system — passed to Liquibase so the client is provisioned with the correct secret when FlowX manages Keycloak:
Environment VariableDescriptionDefault ValueComponent
SPRING_LIQUIBASE_PARAMETERS_SECRETS_SERVICE_ACCOUNTS_FLOWX_ANONYMOUS_SAClient secret used by Liquibase to create the flowx-anonymous-sa client in the service-accounts realm at first boot. Required when SECURITY_KEYCLOAKADMINENABLED=true.-authorization-system
On every consuming service — the Spring Security OAuth2 client registration for the anonymousidentity alias resolves the same secret at runtime:
Environment VariableDescriptionDefault ValueComponent
SPRING_SECURITY_OAUTH2_CLIENT_REGISTRATION_ANONYMOUSIDENTITY_CLIENT_SECRETClient secret for the anonymousidentity registration. Must be the same value across every service — it is a single shared service account.-admin, application-manager, authorization-system, document-plugin, email-gateway, events-gateway, file-gateway, integration-designer, license, mock-server, nosql-db-runner, organization-manager, process-engine, runtime-manager, scheduler, task-management-plugin, webhook-gateway
This is a secret. Store it in your secrets management solution (e.g., Kubernetes Secret, Vault) and reference it from there. Never commit it to version control.
For the Keycloak-side context (flowx-anonymous-sa client, SA_FLOWX_ANONYMOUS realm role, manual-configuration recipe for deployments without Keycloak admin access), see Manual Keycloak configuration.

Knowledgebase-rag: Qdrant search tuning

Two env vars control the fanout of dense and sparse Qdrant queries inside the knowledgebase-rag service. Defaults are tunable per environment.
Environment VariableDescriptionDefault ValueComponent
QDRANT_PREFETCH_LIMITMaximum points returned by each dense/sparse prefetch stage in a hybrid search before fusion.100knowledgebase-rag
QDRANT_FUSION_LIMITMaximum points returned after RRF fusion (hybrid search) or by a single-stage dense/keyword search. Caps the reranker input.80knowledgebase-rag
Raise both when recall is insufficient on very large or long-tailed Knowledge Bases. Lower them when Qdrant pods report memory pressure or filter-heavy queries time out.

Integration-designer: XML response handling

Two properties control how integration-designer handles XML response bodies on REST endpoints. Defaults are safe; raise the size cap only if upstream services return very large XML bodies that must be parsed inline.
Spring PropertyEnvironment VariableDescriptionDefault ValueComponent
integration.response.xml-auto-parse.enabledINTEGRATION_RESPONSE_XML_AUTO_PARSE_ENABLEDKill-switch. When false, XML responses are returned as raw strings instead of parsed maps.trueintegration-designer
integration.response.xml.max-bytesINTEGRATION_RESPONSE_XML_MAX_BYTESXML bodies larger than this byte limit are returned as raw strings without parsing.5242880 (5 MiB)integration-designer

CORS handling: APPLICATION_CORS_ALLOW_ORIGIN

CORS is enforced at the application layer. Each backend service exposed via admin or public URLs reads its allowed-origin list from a single environment variable. Allowed methods, allowed headers (including Authorization, Content-Type, Fx-Workspace-Id), and credential handling are baked into each service’s application.yaml with safe defaults. Only APPLICATION_CORS_ALLOW_ORIGIN is deployment-specific.
Environment VariableDescriptionDefault ValueComponent
APPLICATION_CORS_ALLOW_ORIGINComma-separated list of origins allowed to call this service from the browser. Supports wildcard subdomains (https://*.yourcompany.com). Must include every Designer, runtime renderer, and integration domain that calls FlowX APIs.-admin, ai-gateway, application-manager, audit-core, authorization-system, cms-core, document-plugin, events-gateway, file-gateway, integration-designer, license, notification-plugin, organization-manager, process-engine, runtime-manager, task-management-plugin, webhook-gateway
For migration guidance and the full list of removed NGINX CORS annotations, see Ingress routing and CORS.

Process-engine and integration-designer: native script engine

The default script engine for JavaScript and Python execution is a native subprocess pool. Scripts run in isolated Node.js and Python worker processes.
Environment VariableDescriptionDefault ValueComponent
APPLICATION_SCRIPT_ENGINE_PROVIDERScript engine providernativeprocess-engine, integration-designer
APPLICATION_SCRIPT_ENGINE_NATIVEENGINE_JS_POOLSIZENode.js worker pool size16process-engine, integration-designer
APPLICATION_SCRIPT_ENGINE_NATIVEENGINE_JS_EXECUTIONTIMEOUTMSJS script execution timeout (ms)5000process-engine, integration-designer
APPLICATION_SCRIPT_ENGINE_NATIVEENGINE_PYTHON_POOLSIZEPython worker pool size8process-engine, integration-designer
APPLICATION_SCRIPT_ENGINE_NATIVEENGINE_PYTHON_EXECUTIONTIMEOUTMSPython script execution timeout (ms)10000process-engine, integration-designer
To use GraalVM instead of the native engine, set APPLICATION_SCRIPT_ENGINE_PROVIDER=graalvm on both services.
Last modified on June 2, 2026