Skip to main content
FlowFn
IntegrationsTemplatesPricingDocsBlogSign inStart free
All documentation

v1.3.0

UpdatedMay 28, 2026Reading time3 min read

Released 2026-05-27. Consolidates five releases that shipped together. Interactive agents pick up their full public chat surface, webhook agents move to a hardened URL shape, every agent gets a per-agent AI connection picker, the engine collapses workflow and agent execution onto one architecture, and owners get a per-team audit log of every BYOK call.

Interactive agents — public chat surface

  • Public chat URL with optional custom slug — interactive agents are addressable at /a/<slug> in addition to the random embed token.
  • Public / password access — toggle on the agent editor mirrors the form & visualizer model. Encrypted at rest, rotatable, can be cleared anytime.
  • Embed-domain controls are independent of public access. A password-protected agent embedded on your site still asks visitors for the password.
  • Owner takeover — the run detail page has a Conversation view where a teammate can reply as the agent without invoking the LLM. The next end-user reply sees your turn in conversation history.
  • Direct vs Embed — the agent runs list distinguishes visitors who opened the public link from sessions loaded via the iframe/JS SDK.
  • "Waiting on the team" state — public chat surfaces show a friendly pending message and poll for the decision while an approval is open.
  • Per-checkpoint billing — each awaiting_user turn debits credits for tokens since the previous checkpoint, so long chats don't sit unbilled.

Webhook agents

  • Platform picker — webhook agents pick the upstream platform (Stripe, GitHub, Slack, and more) so the engine verifies that platform's signature header natively.
  • Rotatable URL token — the webhook URL embeds a routing token (not the signing secret). Rotate the token to kill the URL without touching the secret. Subscribers verify by signature header; a leaked URL no longer forces re-configuring every upstream platform.
  • User-supplied signing secret — paste the secret from the upstream platform's webhook configuration directly. Rotating it is the upstream's job; FlowFn no longer mints one for you.

AI configuration on agents

  • Per-agent AI connection picker — pin a specific team AI connection on an agent (or leave it on your account default).
  • Backup connection — when the plan / platform AI key hits a quota or rate limit, the run automatically falls back to a named team connection so it doesn't fail.
  • Playground AI bindings get the same backup-connection control.

Schedule agents

  • Schedule agents always run in UTC — the editable timezone field is replaced with a read-only label.
  • Scheduled triggers follow the same DB-merge pattern workflow schedules use — one cron tick on the schedule server merges every matching agent; pausing an agent on its doc stops dispatch on the next tick.

Engine architecture (unified workflows + agents)

  • One worker process consumes both flowfn-workflow-execute-<SERVER_CODE> and flowfn-agent-runs-<SERVER_CODE> queues. Agent runs are no longer executed in-process on the API box.
  • Shared server allocation — an agent's allowed tools determine its processing type (heavy media → computer-optimized; rest → balanced). Same max_concurrent_runs cap, same dedicated-team-server preference workflow runs use.
  • Periodic stuck-job sweep on a 10-minute cron, replacing the previous per-boot sweep. Catches mid-run worker crashes.
  • If you operate the deployment: server types collapse to service / worker / schedule (the previous agent type is gone). The AGENT_ENABLED env var no longer has any effect; agents always use BullMQ.

Per-team BYOK activity audit

  • Open Teams → team card → BYOK activity. Lists every external call FlowFn made on your team's AI keys, platform-tool connections, or MCP servers.
  • Filter by surface (agent run / workflow run / playground action / playground chat), kind (platform action / AI model / MCP tool), and status (ok / error).
  • Metadata only — request bodies, response bodies, prompts, completions, and API keys are never recorded.
  • 90-day retention with a daily purge cron. Audit rows tied to your own agent or workflow runs are included in the self-service data export.

Approve flow

  • Approve / Reject email links moved to namespaced routes: /approve/agent/<id> for agents and /approve/workflow/<runId>/<taskRunId> for workflows.
  • Widget password endpoint renamed /access/request-access to match form conventions.

Other

Several destructive actions (delete approval rule, clear branding logo, regenerate secret) now ask for confirmation. Public agent endpoints moved under /api/agents/*; agent runs detail moved to /api/runs/agents/....

Spotted an issue or have feedback?

support@flowfn.com
Back to docs hub →