Skip to main content
Feedback

Data Handling

Flow customer data is classified into either Configuration Data or Business Data.

Configuration Data

Configuration Data is the JSON metadata generated by the Flow tooling as a user constructs workflow logic within Flow. This configuration data is required for the execution of a Flow workflow.

Business Data

Business Data represents data that is entered into a workflow by a person or system, data that is loaded from an external system using one or more integrated systems or data that is transferred or processed by the Flow platform.

In terms of handling customer data, Flow does not provide data storage for business data and instead relies on the designed processes to be connected to a third party storage system. For example, a database supplied by the customer, customer provided options for file storage, or an integrated solution such as Boomi Integration. The Flow connectors layer is transient and does not store information, but only processes. It then passes it on to the final destination until the flow life cycle is complete.

  • Configuration Data is encrypted during transmission using standard SSL protocols such as TLS.

  • Configuration Data can optionally be encrypted at rest through a choice provided by the Flow platform.

  • Configuration Data can be purged from the system at the end of the contract by working with the Boomi team.

  • Business Data that is not processed by the platform may be transferred through the platform using standard encryption protocols. Note that any data transferred outside of the Flow platform needs to be secured by the customer as Flow does not enforce HTTPS/TLS communication, unless a customer specifically runs connectors under HTTPS.

  • All connectors hosted by Flow run under HTTPS.

Multi-cloud allows you to deploy runtime applications to your own runtime environments, such as on-premise. This allows you to achieve greater control over your business data; runtime business data will reside in the runtime environment that you define, instead of in the cloud. Although the cloud platform is still used to build your flows, they can also be published and run in your own local runtime environment. See Flow Multi-cloud.

During the execution of a flow application, a JSON object known as a “state” is used to temporarily store data used during the in flight flow execution. This state data is automatically cleaned up as part of a maintenance job or as per the flows state retention setting. For more information on how to configure the flow states retention, see Flow states.

Restricting data through access controls in a flow

As an additional data control measure, Flow allows various mechanisms to restrict access to the data at runtime. Based on your business requirements and authorization strategies, you can configure how users access your apps. You may want everybody to be able to run the app, or authenticated users only. You can also selectively provide permissions to different parts of the app to different groups of users.

Flow also lets you restrict run API, draw API, admin API, and package access by IP address. See Restricting tenant flow access by IP address

On this Page