Flowise + xLink Quickstart

What You'll Build

A secure Flowise AI workflow where agents authenticate using cryptographic identity instead of API keys. Perfect for low-code teams building production AI pipelines without managing secrets.

Flowise Canvas

Drag-and-drop workflow

→

xLink Node
Identity verification

→

Protected API

Authenticated access

Installation

Install the Flowise xLink integration package:

# Using npm
npm install @private.me/flowise-xlink

# Using yarn
yarn add @private.me/flowise-xlink

# Using pnpm
pnpm add @private.me/flowise-xlink

Setup Custom Nodes

Register xLink custom nodes in your Flowise instance:

// flowise-config.js
import { XLinkAuthNode, XLinkVerifyNode } from '@private.me/flowise-xlink';

export const customNodes = [
  XLinkAuthNode,      // Authenticate as agent
  XLinkVerifyNode,    // Verify incoming identity
];

Custom Node Configuration

Place the configuration file in your Flowise packages/components/nodes/Custom directory, then restart Flowise to load the new nodes.

Visual Workflow Example

Build a secure AI pipeline with identity verification:

1. Add xLink Auth Node

Drag the xLink Authenticate node onto your canvas and configure:

// Node Configuration (Visual UI)
Agent ID: "flowise-ai-agent"
Vault Path: "/var/flowise/identities/agent.xid"
Target Service: "payment-api"

2. Connect to LLM Chain

Chain the authenticated connection to your LLM or API call node:

// Visual Connection Flow
[Document Loader] → [Text Splitter] → [Embeddings] →
[Vector Store] → [Retrieval Chain] → [xLink Auth] →
[Payment API Call] → [Response Formatter]

3. Add Verification (Optional)

For workflows accepting agent requests, add the xLink Verify node:

// Verification Node Config
Trust Registry: "/etc/flowise/trust-registry.json"
Required Tier: "verified"
Allowed Services: ["analytics", "data-sync"]

Code Integration (Optional)

For custom nodes or advanced workflows, use the JavaScript API:

import { createXLinkConnection } from '@private.me/flowise-xlink';

// Inside custom Flowise node
async function execute(nodeData, input, options) {
  const conn = await createXLinkConnection({
    agentId: 'flowise-workflow',
    vaultPath: '/var/flowise/identities',
    trustRegistry: '/etc/flowise/trust.json'
  });

  // Authenticate outbound request
  const result = await conn.agent.send({
    to: 'payment-service',
    payload: { amount: input.totalCost }
  });

  return result.value;
}

Why Flowise + xLink?

🎨

Visual Security

Drag-and-drop identity nodes directly into AI workflows. No code required for authentication.

🔐

Zero Secrets

No API keys in Flowise canvas or environment variables. Identity verified cryptographically.

⚡

Low-Code Teams

Business analysts and domain experts build secure pipelines without security expertise.

🔄

Production Ready

Handles retries, failures, and trust registry updates automatically in visual flows.

📊

Audit Trail

Every workflow execution logs cryptographic identity proofs. Full compliance visibility.

🚀

LangChain Compatible

Works seamlessly with LangChain flows, vector stores, and all Flowise integrations.

Example Workflows

RAG Pipeline with Payment

// Visual Flow Description
PDF Loader → Extract customer documents
Text Splitter → Chunk content
OpenAI Embeddings → Generate vectors
Pinecone Store → Save embeddings
Conversational Retrieval Chain → Answer questions
xLink Auth → Authenticate as billing-agent
Stripe API → Charge customer
Response Formatter → Return receipt

Multi-Agent Coordination

// Orchestrator Workflow
[Task Input] → [xLink Auth: orchestrator] →
  ├─ [Agent A: data-processor] → [Process CSV]
  ├─ [Agent B: api-caller] → [Fetch External Data]
  └─ [Agent C: report-generator] → [Create PDF]
→ [Merge Results] → [xLink Auth: email-sender] → [Send Report]

Secure API Gateway

// Incoming Request Verification
[Webhook Trigger] → [xLink Verify] → (if verified) →
[LLM Classification] → [Route to Handler] → [Response]
                     ↓ (if rejected)
                 [403 Forbidden]

Configuration Reference

XLinkAuthNode Parameters

agentId (string) - Unique identifier for this agent
vaultPath (string) - File path to identity vault
targetService (string) - Service to authenticate with
trustRegistry (optional) - Path to trust registry JSON

XLinkVerifyNode Parameters

trustRegistry (string) - Trust registry file path
requiredTier (enum) - Minimum trust tier: "untrusted" | "verified" | "internal"
allowedServices (array) - Whitelist of permitted service names
onFailure (enum) - Action on verification failure: "reject" | "log" | "passthrough"

Environment Variables

# Optional: Global defaults
XLINK_VAULT_PATH=/var/flowise/identities
XLINK_TRUST_REGISTRY=/etc/flowise/trust-registry.json
XLINK_LOG_LEVEL=info

Performance Characteristics

xLink adds minimal overhead to Flowise workflows:

Authentication latency: 0.3-0.8ms per request
Verification latency: 0.2-0.5ms per incoming message
Trust registry lookup: In-memory cache, <1ms
Workflow impact: <0.1% overhead on typical LLM chains

For a workflow making 50 API calls, total xLink overhead is ~15-40ms — negligible compared to LLM inference (1-5 seconds).

Migration from API Keys

Before: API Key in Environment

// .env file (exposed secret)
PAYMENT_API_KEY=sk_live_51a2b3c4d5e6f7g8h9...

// HTTP Call node config
Headers: {
  "Authorization": "Bearer {{PAYMENT_API_KEY}}"
}

After: xLink Identity

// No environment variables needed

// Visual flow
[HTTP Call] ← [xLink Auth Node]
               ├─ Agent ID: flowise-billing
               └─ Target: payment-service

// Headers automatically injected
X-Agent-Identity: flowise-billing
X-Auth-Proof: [cryptographic proof]