Activepieces

Provides a web-based UI for constructing automation workflows by dragging action/trigger pieces onto a canvas and connecting them with data flow edges. The builder uses a state management layer (likely Redux or similar) to track the flow definition as a directed acyclic graph (DAG), with real-time validation of step connections and data type compatibility. Each step is rendered as a configurable card with input/output port definitions derived from the piece schema.

Implements a plugin architecture where integrations (pieces) are self-contained npm packages exporting action and trigger definitions with TypeScript types. The framework provides base classes and decorators for defining piece metadata, authentication handlers, and step logic. Pieces are loaded dynamically at runtime via a piece-loader service that resolves dependencies and validates schema compatibility before execution.

Tracks all flow executions with detailed logs including step inputs/outputs, execution duration, and error messages. Provides a UI for viewing run history, filtering by status/date/trigger type, and drilling down into individual step execution details. Logs are stored in the database with configurable retention policies. The system exposes metrics for monitoring (execution count, success rate, average duration) suitable for integration with observability platforms.

Implements quota enforcement at the flow execution level, tracking metrics like number of runs, API calls, and data processed. Quotas are configured per workspace or user and enforced by the execution engine before starting a flow. The system tracks usage in real-time and provides dashboards for monitoring consumption. Rate limiting is applied at the API and webhook ingestion layers to prevent abuse.

Allows users to test workflows before deploying them to production by executing them with sample trigger data. The dry-run mode executes the flow through the same engine as production but with isolated state and no side effects (e.g., API calls are logged but not executed, or executed against test endpoints). Users can inspect step outputs and validate the flow logic without affecting external systems.

Implements workspace-level isolation where each workspace is a separate logical environment with its own flows, connections, and users. Access control is enforced through roles (admin, editor, viewer) with granular permissions for creating, editing, and executing flows. Workspaces are isolated at the database level with row-level security policies. Users can belong to multiple workspaces with different roles.

Maintains version history for each flow, allowing users to view, compare, and revert to previous versions. Each published version is immutable and can be deployed independently. The engine tracks which version is currently active and can roll back to a previous version if needed. Supports draft and published states, enabling testing before deployment.

Tracks workflow execution counts, API calls, and other usage metrics per workspace. Enforces quotas based on subscription tier, preventing workflows from executing if quotas are exceeded. Provides usage dashboards and billing reports. Supports multiple billing models (per-execution, per-user, etc.).

Executes flows by traversing a directed acyclic graph (DAG) of steps, evaluating each step's inputs by resolving variable references and expressions, executing the step's logic (piece action or code), and propagating outputs to dependent steps. The engine maintains execution context including step results, flow variables, and connection credentials. Error handling includes configurable retry logic, error branches, and pause/resume capabilities for manual intervention.

Uses a message queue (likely Redis or similar) to decouple flow triggering from execution. When a flow is triggered, a job is enqueued with the flow definition and trigger payload. Worker processes poll the queue, dequeue jobs, and execute flows in isolation. Multiple workers can process jobs concurrently, enabling horizontal scaling. The queue system handles job persistence, retry logic, and dead-letter queues for failed jobs.

Exposes HTTP endpoints that accept webhook payloads from external services. Each webhook trigger has a unique URL and optional signature verification (HMAC-SHA256). Incoming webhooks are validated, deduplicated based on configurable keys, and enqueued as flow execution jobs. The system tracks webhook delivery status and provides retry mechanisms for failed deliveries.

Allows users to write custom code steps that execute arbitrary JavaScript/TypeScript within a sandboxed environment. The sandbox is implemented using Node.js VM module or similar isolation mechanism, with access to step inputs, flow variables, and utility functions. Code is executed with a timeout and memory limit to prevent resource exhaustion. The sandbox provides a safe execution context without access to the host filesystem or network (unless explicitly configured).

Manages authentication credentials for external services through a secure credential store. Supports multiple auth patterns: OAuth2 (with authorization code flow), API keys, basic auth, and custom headers. Credentials are encrypted at rest and decrypted only when needed for piece execution. The system handles OAuth2 token refresh automatically and provides a UI for users to authorize and manage connections.

Maintains version history of flow definitions, allowing users to create, publish, and rollback to previous versions. Each version is immutable and tagged with metadata (creator, timestamp, change description). The system supports promoting versions from development to production environments. Rollback is implemented by creating a new version that references the previous version's definition.

Provides pre-built pieces for interacting with large language models (Claude, GPT-4, etc.) within workflows. Includes actions for prompt execution, structured data extraction, and content generation. The pieces handle model selection, parameter configuration (temperature, max tokens), and response parsing. Supports streaming responses for long-running operations and integrates with the credential management system for API key storage.

Enables workflows to be triggered on a schedule using cron expressions or simple interval-based triggers (every N minutes/hours/days). The scheduler runs as a background service that evaluates trigger conditions at specified intervals and enqueues flow execution jobs. Supports timezone-aware scheduling and allows users to configure execution windows (e.g., only run during business hours).