Skip to main content
Version: 3.4.x

License Engine setup guide


The License Engine is a service that can be set up using a Docker image. This guide will walk you through the process of setting up the License service and configuring it to meet your needs.

Infrastructure prerequisitesโ€‹


It has the following dependencies:

  • Postgres database - the License Engine uses a Postgres database to store license-related data. The database should be set up with basic configuration properties specified in the helm values.yaml file, these properties include the name of the database, username and password, and resources such as CPU and memory limits

  • Connection to the same Kafka instance as the engine - the License Engine needs to be able to communicate with the FLOWX.AI Engine using Kafka; the Kafka instance used by the engine should be the same one used by the License Engine

  • Routing of requests through NGINX - requests made to the License Engine should be routed through the FLOWX.AI Designer using NGINX, the configuration for the Designer should be updated to also expose the REST API of the License Engine by adding a path in flowx-admin-plugins-subpaths


The service comes with most of the needed configuration properties filled in, but there are a few that need to be set up using some custom environment variables.

Configuring Postgres databaseโ€‹

The basic Postgres configuration is specified in the helm values.yaml file. This file includes properties such as the name of the database, username and password, and resources such as CPU and memory limits.

existingSecret: {{secretName}}
enabled: true
annotations: {{prometheus port}} "true"
type: ClusterIP
release: prometheus-operator
enabled: true
interval: 30s
scrapeTimeout: 10s
enabled: true
size: 1Gi
postgresqlDatabase: license-coredb
maxConnections: 200
sharedBuffers: 128MB
postgresqlUsername: postgres
cpu: 6000m
memory: 2048Mi
cpu: 200m
memory: 512Mi

OpenID connect settingsโ€‹

  • SECURITY_TYPE: Indicates that OAuth 2.0 is the chosen security type, default value: oauth2.
type: oauth2
  • SECURITY_PATHAUTHORIZATIONS_0_PATH: Defines a security path or endpoint pattern. It specifies that the security settings apply to all paths under the "/api/" path. The ** is a wildcard that means it includes all subpaths under "/api/**".
  • SECURITY_PATHAUTHORIZATIONS_0_ROLESALLOWED: Specifies the roles allowed for accessing the specified path. In this case, the roles allowed are empty (""). This might imply that access to the "/api/**" paths is open to all users or that no specific roles are required for authorization.
- path: "/api/**"
  • SECURITY_OAUTH2_BASE_SERVER_URL: This setting specifies the base URL of the OpenID server, which is used for authentication and authorization.
  • SECURITY_OAUTH2_CLIENT_CLIENT_ID: Specifies the client ID associated with the application registered on the OpenID server for authentication and authorization.
  • SECURITY_OAUTH2_REALM: Defines the realm for the OAuth 2.0 authorization server. The realm is a protected space where the client's resources are stored. It provides additional context for the authentication process.
ยปConfiguring access roles (old)

Configuring License datasourceโ€‹

The License Engine uses a Postgres/Oracle database to store license-related data. The following environment variables need to be set in order to connect to the database:




Configuring Engine datasourceโ€‹

The License service needs to retrieve the data for a process instance from the engine database. So it needs to have all the correct information to connect to the engine database.

The following configuration details need to be added in configuration files or overwritten using environment variables:




Configuring Kafkaโ€‹

Kafka handles all communication between the License Engine and the FLOWX Engine. Both a producer and a consumer must be configured. The following environment variables need to be set:

  • SPRING_KAFKA_BOOTSTRAP_SERVERS - address of the Kafka server

  • SPRING_KAFKA_CONSUMER_GROUP_ID - group of consumers

  • KAFKA_CONSUMER_THREADS - the number of Kafka consumer threads

  • KAFKA_AUTH_EXCEPTION_RETRY_INTERVAL - the interval between retries after AuthorizationException is thrown by KafkaConsumer


The configured license topic KAFKA_TOPIC_LICENSE_IN should be the same as the KAFKA_TOPIC_LICENSE_OUT from the engine

Configuring loggingโ€‹

The following environment variables could be set in order to control log levels:

LOGGING_LEVEL_ROOT - root spring boot microservice logs

LOGGING_LEVEL_APP - app level logs

Configuring NGINXโ€‹

The configuration for the Flowx Designer should be updated to also expose the REST API of the license engine by adding a path in flowx-admin-plugins-subpaths

      - path: /license(/|$)(.*)
serviceName: license-core
servicePort: 80

Was this page helpful?