Skip to main content

Platform Configuration & Feature Flags — How it works

Overview

The platform-config engine manages feature flags — the switches that turn platform behaviour on or off per deployment, tenant, or facility. It resolves the effective value of a flag for a given context by layering scoped overrides on top of a global default, and audits changes.

Data model & ownership

TablePurpose
feature_flagThe flag and its global default.
feature_flag_scopeThe scope kind (e.g. tenant/facility) an override targets.
feature_flag_overrideA scoped value that overrides the default.
feature_flag_auditAppend-only change history.

Key rules & invariants

  • Effective value = the most specific matching override, else the global default.
  • Security-sensitive flags default to the safe value (off); changes are audited.

API

See the API Reference. Endpoint groups under /api/v1/platformconfig: feature flags, scopes, overrides, and the resolved effective flag for a context.

Configuration & feature flags

Flags are the feature itself; specific flags (e.g. pii.encryption.enabled, OPA enablement) are documented on their operations pages.

  • Consumed by the Access control decision pipeline and any engine gating optional behaviour.