Security

This section explains how to operate FlowLayer access safely in development and shared environments. Begin with Remote Access for network posture and exposure boundaries. Then read Session Token for authentication handling and session hygiene. Treat the session endpoint as a control plane: keep it private, restrict reachability, and rotate tokens when needed. Use external network and identity controls around FlowLayer when operating beyond a single trusted machine.