Auth & ACLSecure access by default

Auth and ACL built for real-world teams

Ship apps and agents with secure sign-in from day one. Control who can see, edit, approve, and automate, down to the record.

Request a demoExplore Security & Governance

Security rarely breaks loudly. It drifts.

They are slow expansions of access that go unnoticed.

Shared admin accounts become risk fast

Temporary access becomes permanent and credentials get reused. Accountability weakens without anyone noticing.

Permissions drift as teams grow

New roles appear, old ones stay. People keep access they no longer need.

Access rules differ across systems

What is restricted in one surface may be visible in another.

Reports bypass fine-grained controls

Dashboards and exports can ignore record-level rules, exposing fields beyond their intended audience.

Service accounts accumulate privileges

Automations start broad and rarely get tightened, creating silent escalation paths.

Agents exceed user scope

AI assistants may operate beyond the initiating user's permissions if inheritance is not strictly enforced.

One policy layer for every app and agent

A unified access model that controls identity and permissions consistently across every app, workflow, and agent you build.

One model. No fragmented permissions.

Most systems handle authentication and authorization separately across modules. Docyrus treats them as one architectural layer, applied consistently across every surface.

Digital security and access control concept

Auth decides who signs in

Authentication verifies identity through secure sign-in methods and trusted identity providers, ensuring every user and service is properly validated before accessing the system.

ACL decides what they can do

Access Control Lists define roles, scopes, and permissions, determining which data, actions, and workflows a user or agent can access.

Docyrus applies both everywhere

Web apps, mobile apps, client portals, dashboards, workflows, and AI agents all operate under the same policy layer, eliminating inconsistencies between systems.

Control access once. Apply it everywhere.

Centralized authentication and authorization ensure security scales with your architecture.
New apps and agents inherit the same access model by default. Governance becomes systemic, not reactive.

Single Sign-On

One login gives users access to every app and agent in their workspace.

OktaAzure ADGoogle WorkspaceSAML 2.0Docyrus SSO
  • Federated identity across all projects
  • MFA enforcement per role or organization

Roles & Permission Sets

Define roles with granular permission sets once — reuse across every project.

  • Role changes propagate automatically to all apps
  • Compose permissions from reusable permission sets
  • No per-app reconfiguration needed

Record-Level Security

Restrict who can view, edit, or delete individual records across every surface.

Ownership rulesTeam membershipCustom criteria
  • Applies uniformly to dashboards, APIs, and exports
  • Criteria evaluate dynamically per request

Field & Action Controls

Go beyond record access — control visibility at the field and action level.

  • Hide sensitive fields from unauthorized roles
  • Lock actions like delete, export, or bulk edit
  • Require approvals for critical workflows
  • Enforced even within shared views and reports

Agent Access Model

AI agents respect the same access model — no silent privilege escalation.

User inheritanceScoped service roles
  • Agents inherit the triggering user's permissions by default
  • Service roles define explicit boundaries for automation
  • Every agent action is auditable

Audit Trails

Full-context logging for every security-relevant event.

LoginsPermission changesData accessCritical actions
  • Who did what, when, and from where
  • Searchable history for compliance and investigations

Frequently asked questions about Auth & ACL

What does Auth & ACL do?+

Auth & ACL provides secure sign-in and record-level access control for apps, portals, and agents on Docyrus.

When should teams use Auth & ACL?+

Teams should use it when they need to control who can view, edit, approve, or automate specific records and workflows.

How does Auth & ACL work with the rest of Docyrus?+

It governs data access, UI access, automation actions, and portal experiences through the same permission model across the platform.

Who is Auth & ACL for?+

It is built for teams shipping multi-user products, internal systems, and customer-facing portals.

Security should not slow you down

Build secure apps and AI agents without redesigning your access model every time. Define once. Enforce everywhere.

Signup Now!Request a demo