Platform Configuration & Feature Flags — How it works
Overview
The platform-config engine manages feature flags — the switches that turn platform behaviour on or off per deployment, tenant, or facility. It resolves the effective value of a flag for a given context by layering scoped overrides on top of a global default, and audits changes.
Data model & ownership
| Table | Purpose |
|---|---|
feature_flag | The flag and its global default. |
feature_flag_scope | The scope kind (e.g. tenant/facility) an override targets. |
feature_flag_override | A scoped value that overrides the default. |
feature_flag_audit | Append-only change history. |
Key rules & invariants
- Effective value = the most specific matching override, else the global default.
- Security-sensitive flags default to the safe value (off); changes are audited.
API
See the API Reference. Endpoint groups under /api/v1/platformconfig: feature
flags, scopes, overrides, and the resolved effective flag for a context.
Configuration & feature flags
Flags are the feature itself; specific flags (e.g. pii.encryption.enabled, OPA enablement) are
documented on their operations pages.
Related features
- Consumed by the Access control decision pipeline and any engine gating optional behaviour.