Security Features

TIBCO Flogo® Enterprise includes the following security features:

  • Flogo® Enterprise uses TLS for triggers such as the ReceiveHTTPMessage REST trigger, and the GraphQL trigger.
  • The InvokeRESTService Activity supports server authentication using SSL certificates.
  • Some Flogo Enterprise connectors use HTTPS for clients to connect securely to the services.
  • Flogo Enterprise gives you the ability to store app secrets in external configuration management systems.

    You can encrypt the password values using an internal proprietary utility and then store the encrypted value in an external configuration management system. This prevents the Secret from being exposed in plain text format.

  • You can set API keys that can be used to register their app with Flogo Enterprise monitoring. This mitigates the vulnerability of your app.

  • For advanced security capabilities, we recommend using specialized solutions such as API Gateway.