Security and RBAC
Security and RBAC
Authentication uses JWT with a Valkey-backed token blacklist and rate limiting. Authorization is role-based and fail-closed.
Tenancy is enforced at the data layer so cross-site access fails closed as not-found.
Authentication uses JWT with a Valkey-backed token blacklist and rate limiting. Authorization is role-based and fail-closed.
Tenancy is enforced at the data layer so cross-site access fails closed as not-found.