⚡ Flowfull

Your backend, powered by the Trust Layer Standard

Build APIs and business logic in your architecture. Validate trust with Flowless. Keep full control of how your product grows.

Flowfull is where your product logic lives: monolith, custom backend, or microservices. Pubflow gives you the trust pattern, while you keep the code, services, and architectural decisions.

Monolith-readyCustom backendMicroservices-friendlyBridge validated

Start with Flowfull View docs Explore schema

What Flowfull helps you do

Move faster without giving up architectural freedom.

Freedom

Keep your language, your services, your database, and your deployment strategy.

Architecture

Start simple as one backend, then evolve into domain-specific services when the product demands it.

Adoption

Use schema references, starter kits, and bridge validation to integrate progressively into existing apps.

Choose the architecture that fits your team

Flowfull does not force one backend style. You can evolve from simple to advanced without platform lock-in.

Monolith first

Keep everything in one backend service for speed and clarity in early stages.

Meaning: one deployable backend where business logic, your services, and APIs live together.

Custom backend

Design your own route structure, domain logic, and integrations while keeping Flowless trust validation.

Meaning: your architecture, your rules, with Pubflow standards integrated where needed.

Microservices design

Split services by domain when scale or team structure requires independent ownership.

Meaning: independent services with shared trust patterns through bridge validation.

Flowfull is your custom backend, made simple

Pubflow is universal: use any programming language, keep your architecture, and plug in Flowless-grade security through middleware or bridge validation.

Universal by design

Flowfull starter kits help you ship fast without losing control of your backend architecture.

Official starter kits

Flowfull Node Starter
Official Node.js/TypeScript reference starter
Open repo
Flowfull Python Starter
Fast backend starter for Python teams
Open repo
Flowfull Go Starter
Compiled performance with Flowfull concepts
Open repo
Flowfull Elixir Starter
Functional backend workflows with Flowfull
Open repo

Custom backend firstAny languageBridge / validate ready

Use libraries or validate directly

Choose the style that fits your stack: client helpers, route middleware, or direct bridge validation in backend routes.

• Use @pubflow/flowfull-client for fast API calls + session handling
• Use bridge validation in custom backend routes
• Enforce auth, plans, and roles in one consistent layer

import { Hono } from 'hono';
import { optionalAuth } from '../lib/auth/auth-middleware';
import { validateBridgeSession } from '../lib/auth/middleware';

const app = new Hono();

// Public + authenticated behavior in one handler
app.get('/payment-methods', optionalAuth(), async (c) => {
  const user = c.get('user');
  if (!user) return c.json({ methods: [], authenticated: false });

  return c.json({ methods: await listUserMethods(user.id), authenticated: true });
});

// Strictly protected route with bridge validation
app.get('/api/profile', async (c) => {
  const auth = await validateBridgeSession(c);
  if (!auth?.isValid || !auth.user) {
    return c.json({ success: false, error: 'Unauthorized' }, 401);
  }

  return c.json({ success: true, user: auth.user });
});

Already have an existing app?

Adopt Flowfull progressively. You do not need to rewrite everything to gain better trust and backend structure.

Step 1

Map your current model

Use the schema reference to compare users, sessions, and auth tables with your existing data model.

Step 2

Integrate trust in critical routes

Start by protecting your most sensitive endpoints with bridge validation and role checks.

Step 3

Evolve at your own pace

Keep monolith, hybrid, or microservices architecture while gradually moving to cleaner contracts.

Open schema reference See developer architecture Browse starter kits

Why Flowfull

Consistent authorization across every API.

Secure APIs

Routing, token validation, and scopes ready for production.

Flowless native

Every request is validated automatically with Flowless + Bridge.

Flexible middleware

Authorize by user_type, plans, or flags with zero boilerplate.

Observability

Structured logs and metrics for every request crossing Flowfull.

Middleware that stays out of the way

Validate tokens, enforce roles, and drop unauthorized requests in milliseconds.

• Accepts Flowless tokens by default
• Masks sensitive errors and normalizes responses
• Works on serverless and long-lived servers

Quick example

Authorization middleware

import { createFlowfull } from '@pubflow/flowfull-client';

const api = createFlowfull('https://api.example.com');

// Login
const response = await api.post('/auth/login', {
  email: 'user@example.com',
  password: 'password123'
});

// Session is automatically stored!
console.log('Logged in:', response.user);

// All future requests include the session
const profile = await api.get('/profile');

Bridge validates the token, Flowfull enforces roles.

100%

Requests validated via Flowless

<15 ms

Typical middleware latency

Lines to enforce roles

Ship Flowfull now

Protect your APIs without writing authorization boilerplate.

Create account Talk to sales