Authentication, tenant isolation, and trusted enrollment.
Security starts with signed-in users, tenant-scoped desired state, and a separate enrollment path for agent runtimes.
Security here is not a banner. It is the basic contract between signed-in users, enrolled clients, and the data store.
Users sign in, agents enroll.
The SaaS surface uses user login, while agent enrollment needs a separate trust path.
Google and email login for the SaaS control plane.
A client token or bundle that ties a machine to a tenant.
Client-side fingerprints, keys, or certificates that can be rotated.
Who is logged in, what tenant they belong to, and what the client can do.
Keep tenant boundaries visible.
The SaaS version needs clear tenancy so different teams do not mix objects or state.
Every object belongs to a tenant in the shared SaaS model.
Cloud and local stores keep tenant data separated by workspace and managed object.
Pilot workspaces use owner access and tenant-scoped state; advanced role controls are planned for larger teams.
Self-host and local deployments can keep SQLite and NAS options.
Make the trust boundary visible instead of implied.
The control plane manages desired state; the local runtime applies it and reports verification.
Available now, with enterprise controls next.
Phase 1 keeps the pilot boundary clear while leaving room for enterprise procurement needs.
- Google and email auth
- Tenant-scoped managed objects
- Separate agent enrollment
- Desired-state verification
- Key and trust-bundle rotation
- SSO and SAML
- Advanced role controls
- Formal audit exports
- Enterprise procurement packet
- Expanded approval workflows
Split auth, tenant isolation, and enrollment into focused pages.
Move into the pages that separate user auth from client trust and tenant boundaries.