Security

Built for supervised automation.

The security model assumes agents are powerful actors that need clear scopes, approvals, quotas, and reviewable evidence.

Cognito-backed custom authentication with secured dev, staging, and production routes.

Workspace-scoped authorization for humans, admins, billing owners, read-only users, and agents.

Human approval gates for sensitive agent actions and export access.

Scoped agent API tokens with audit logging, quota checks, and rate limits.

Security headers, CORS controls, WAF planning, secret scanning, and encrypted AWS-managed secrets.

Enterprise security review

The security whitepaper summarizes architecture, Cognito authentication, tenant isolation, audit logs, encryption, backups, CI gates, AWS deployment, and agent-specific approval controls.

Read whitepaper View subprocessors