Security Governance

FlowGenX provides enterprise-grade security governance features to help you manage API access, monitor usage, and maintain compliance across your organization.

Overview

The Security Governance module encompasses four key areas:

Authentication & Authorization

Manage how users and applications authenticate to your APIs using API Keys and OAuth 2.0/JWT tokens.

Tenant Management

Organize users into groups and consumers with fine-grained access controls and resource allocation.

Audit Logs & Analytics

Track all API access requests, monitor usage patterns, and analyze denied requests for security insights.

Compliance & Access Control

Configure IP restrictions, time-based access controls, and generate compliance reports to meet regulatory requirements.

Key Features

• Multi-tenant Architecture: Isolate resources and configurations by environment
• Granular Access Control: Route-level, service-level, and method-level permissions
• Real-time Monitoring: Live access logs and analytics dashboards
• Compliance Reporting: SOC2, ISO27001, GDPR, HIPAA, and PCI-DSS compliance tracking
• Flexible Authentication: Support for API Keys and OAuth 2.0 with Keycloak integration
• Advanced Restrictions: IP allowlisting/blocklisting and time-based access windows

Getting Started

Navigate through the documentation sections to learn more about each security governance feature:

1. Authentication - API Keys and OAuth management
2. Tenant Management - Groups and consumers
3. Access Control - Access matrix, API catalog, lineage, and templates
4. Audit Logs - Access monitoring and analytics
5. Compliance - IP/Time restrictions and reporting

Access Location

Currently, security governance features are integrated into the ACL Management module located at:

/abManagement/access_management/api_acl_management

The features are organized into sections accessible from the navigation sidebar.