Skip to content






Service manager

API Explorer

Securing a Flux service

By default, Flux services can be accessed using the Flux API with no restrictions. You can add security metadata for each Flux service to limit access to authorized users or groups only. To do this, follow the steps below:

  1. Right click the file of the Flux service you want to secure in the Coder Navigator view.
  2. Click Properties.
  3. Under Invoke, add the users and groups you want to authorize for the service.

Applying security metadata

Applying security metadata

Any user that does not belong to the group of authorized users or groups won't be able to use the service via the Flux API. TORO Integrate creates a security metadata file (with the extension .security) once users and groups are added to a service. This file is added to the file system in the same directory as the Flux service.