Human review is Fluxo’s differentiator, but review becomes much more valuable when it integrates with the rest of a team’s systems: portals, CRMs, internal dashboards, and downstream automation.
So Fluxo exposes a programmable review surface: scoped APIs, signed webhooks, and embedded review experiences. The guiding constraint is that programmability must not break governance or tenant boundaries.
REST review API
I exposed API routes for review tasks with org-scoped API key auth:
- list review tasks
- create review tasks
- read task by id
- apply task actions (approve/reject/revise)
Scope checks are mandatory per endpoint, and workflow ownership is validated against the API key organization.
Webhook event contracts
Fluxo emits review lifecycle events:
- review.created
- review.approved
- review.rejected
- review.revised
- review.expired
Each payload is standardized with id, event, timestamp, and structured data body. Endpoints can subscribe to specific events only.
Delivery guarantees and traceability
For each webhook delivery attempt, I persist:
- endpoint reference
- payload snapshot
- response status/body
- delivery/failed timestamps
- retry count
This gives operators an actual delivery ledger, not opaque sent logs.
Embed review tokens
I implemented embed tokens with scoped permissions and origin controls:
- optional workflow/queue scope
- approve/reject/edit capability flags
- allowed origins
- expiry and revocation
From that token, Fluxo can generate secure iframe code for external portals while preserving backend authorization checks.
Why I built it this way
Review workflows become much more valuable when they are composable with existing systems. The programmable layer makes Fluxo interoperable while preserving governance, auditability, and strict organization scoping.