You control what Flux may do

Identity boundaries. Approval gates. Action logs. One kill switch.

admin.flux.smart-apps.in/settings/pilot
Pilot Controls
AI Chat
Human Takeover
Proactive Nudges
Email Notifications
Kill Switch
Auto-Escalation Rules
Sentiment threshold0.3
Max AI turns8
Loop detection3 messages
Pending Approvals
Upgrade to Enterprise
jane@acme.com
Stripe connector
High
Activate custom connectors
mike@shop.co
Stripe connector
Medium

Identity

System-verified only. Chat-claimed identity is never trusted. Actions are automatically scoped to the authenticated visitor.

Boundaries

Every connector action has defined permissions and risk levels. High-risk operations require human approval before execution.

Override

Kill switch disables Flux in 30 seconds. Safe manual mode returns a fallback message. Operators can take over any conversation.

pilot-controls
Flux Chat[ON]
Human Takeover[ON]
Proactive Nudges[OFF]
Kill Switch[OFF]

Authenticated vs. anonymous

Anonymous visitor

Knowledge-base answers and forms only.

Anonymous visitor
What are your pricing plans?
We offer four plans: Starter (free), Growth, Pro, and Enterprise. You can view full pricing at our pricing page.
Submit an inquiry form

Authenticated user

Identity-scoped actions, personalized support.

jane@acme.com Verified
Can I upgrade to Enterprise?
Sure, Jane! I can upgrade your Acme Inc account from Pro to Enterprise right now.
subscription.upgrade Executed

When Flux should stop, it stops.

Flux escalates when a visitor asks for a human, when messages loop, when sentiment drops, when Flux reaches its turn limit, or when confidence falls below threshold. The operator gets the full conversation, customer data, and suggested replies.

Defense in depth

Layers of protection. Not just one wall.

Security isn't a single feature — it's a system of overlapping controls that protect your data, your customers, and your AI.

Rate Limiting

10 named limits — WebSocket connections (5/min), chat messages (20/min), file uploads (10/min), webhooks (100/min), and more. Per-tenant and per-IP.

Input Validation

Message length capped at 2,000 characters. Connector inputs enforced at schema-defined maxima. Minimum 2-second gap between messages prevents flooding.

Tenant Isolation

Durable Objects namespaced by tenant. Vectorize queries filtered by tenant ID. R2 paths prefixed by tenant. RLS on all database tables. No cross-tenant data access.

Domain Allowlisting

Widget script checks Origin header against up to 20 allowed hosts with wildcard support. Connections from unauthorized domains are rejected.

Credential Encryption

Connector secrets encrypted at rest with AES before database storage. Decrypted only at execution time inside the Worker.

Webhook Verification

Stripe webhook signatures verified via STRIPE_WEBHOOK_SECRET. Twilio requests validated. Unsigned events rejected.

Talk to us about your requirements.

Book a Demo