Security First

Built with enterprise-grade security from the ground up

All credentials and secrets are encrypted using AES-256 with key rotation support. Keys are stored separately and rotated regularly.

Fine-grained permissions let you control exactly who can do what. Admin, Member, and Viewer roles with customizable permissions.

Dangerous actions require approval. Optional two-person rule ensures the requester can't approve their own changes.

Every action is logged with timestamp, actor, IP, and details. Configurable retention up to 365 days.

Complete data isolation between tenants. No cross-tenant access in queries, search, or logs.

Bearer tokens with scopes, expiration, and optional IP allowlists. Tokens are hashed before storage.