Security & data
How AgentFlow handles access, traffic, and your files
For teams evaluating AgentFlow for internal use.
Sign-in and workspace scoping
When Google sign-in is enabled, each person gets a separate workspace boundary enforced server-side. Without auth, the app scopes data by session and workspace headers—suitable for demos and single-team pilots, not shared public access.
Data in transit and at rest
Browser traffic should use HTTPS in production. Uploaded documents and chat history are stored according to your deployment: file-based storage in the default setup, or your own database and object storage when you wire them in. No document content leaves your infrastructure.
Operational safeguards
The API uses standard hardening patterns—rate limiting, structured logging, health checks, and metrics—so you can monitor abuse, latency, and errors the same way you would any internal service.
Before you go to production
For production deployments, plan for secrets management (vault or environment secrets), automated backups, retention and deletion policies, and a review of per-workspace access controls. Align the wording in this section with your organization's actual controls once those are finalized.