Application JSON Manifest (Example)

The manifest file (manifest.json) defines an application’s properties and its integration points with Flowlu. It describes how the application is identified, which permissions it requests, and where it is embedded in the interface.

Below is a simplified example of a manifest structure with key fields and explanations.

{
  "appId": "com.example.weather",
  "name": "Weather Forecast",
  "version": "1.0.0",
  "description": "Shows weather information for a selected city.",
  "author": {
    "name": "Example Inc.",
    "contact": "[email protected]"
  },
  "iconUrl": "https://example.com/icon.png",
  "categories": ["Utilities"],
  "tags": ["weather"],
  "permissions": [
    "crm.contacts.read",
    "tasks.create"
  ],
  "integrationPoints": {
    "menu": {
      "section": "CRM",
      "title": "Weather Forecast",
      "icon": "https://example.com/menu_icon.png"
    },
    "dashboard": {
      "widgetTitle": "Today’s Weather",
      "size": "small"
    },
    "cards": [
      {
        "entity": "client",
        "widgetTitle": "Client Region Weather"
      }
    ]
  },
  "entrypointURL": "https://app.example.com/",
  "webhookURL": "https://app.example.com/webhook",
  "configuration": {
    "configSchema": {
      "type": "object",
      "properties": {
        "apiKey": {
          "type": "string",
          "title": "Weather service API key"
        }
      },
      "required": ["apiKey"]
    },
    "defaultConfig": {
      "apiKey": ""
    }
  },
  "platformVersion": "1.0"
}

Key manifest fields

Application identification

The appId, name, and version fields identify the application.

• appId is a unique identifier or namespace used internally and in references.

• version follows semantic versioning (SemVer) and is used to track application updates.

Description and metadata

• description provides a short summary of the application’s purpose.

• categories and tags are used to classify the application in the marketplace catalog.

• author contains information about the developer or company, including contact details.

Icon and visual assets

The iconUrl field specifies the application icon (PNG or SVG). This icon is displayed in the marketplace and in interface locations where the application is integrated. Additional visual assets, such as screenshots or previews, may be defined for use in the catalog.

Permissions

The permissions field defines the access rights requested by the application. This list specifies which Flowlu modules or data the application needs access to, such as reading CRM contacts or creating tasks.

All requested permissions must be approved by an administrator during installation. During runtime, Flowlu strictly enforces these permissions: API requests outside the approved scope are rejected automatically.

Integration points

The integrationPoints section defines where the application appears in the Flowlu interface. Each integration point is configured as a separate section in the manifest.

Common integration points include:

• header: integration into the top navigation bar

• menu: integration into the main navigation menu

• tabs: integration as a tab on entity pages (for example, CRM deals or tasks)

• cards: integration as widgets inside entity cards (such as client profiles)

Additional supported integration points include reports (custom reports), dashboard (dashboard widgets), mobile (mobile application integrations), and contactCenter (communications module integration).
The full list of available integration points is described in the next section.

External service URLs

For applications that rely on an external web service, the manifest may include:

• entrypointURL: the main URL of the application interface, loaded in an embedded iframe or a separate tab.

• webhookURL: an optional URL used to receive event notifications supported by Flowlu webhooks (for example, entity-related events configured in webhook settings).

Lifecycle events such as installation, update, or removal are not delivered to applications via webhooks.

Configuration settings

The configuration section is used when an application requires user-defined settings during installation.

• configSchema defines a JSON Schema describing the expected configuration parameters. Flowlu uses this schema to automatically generate a configuration form during installation.

• defaultConfig defines default values for these parameters.

This mechanism allows applications to request required data (such as API keys for external services) and store them securely.

Manifest validation

The manifest should remain relatively small and easy for the platform to parse. When an application is uploaded, Flowlu validates the manifest against the current JSON schema. If required fields are missing or incorrectly formatted, installation or publication is rejected.

For this reason, developers should carefully follow the manifest schema published in the documentation and validate their manifests during development.