How we handle your research data.
Inklyst is in early access. Security is foundational — tenancy, auth, and data handling are designed in from day one. This page covers what we have in place today and where we're still strengthening. It will get more specific as we move from beta to general availability.
Where we stand today.
- Tenancy isolation
Per-organization and per-workspace checks enforced at the backend.
- Authentication
Email and password sessions, with credentials hashed at rest.
- Encryption in transit
TLS everywhere.
- SSO / SAML
Available on the Custom tier — contact us.
- SOC 2 / ISO
Not yet certified. On the roadmap once realtime stabilizes.
- Formal penetration test
Internal review only. External pentest planned with GA.
Every resource has an owner.
Inklyst is organized in a strict chain: an organization owns one or more workspaces, a workspace owns boards, and a board owns the files, citations, chat threads, and feed events created inside it. Every record in the database carries the organization and workspace it belongs to.
Every backend route validates that chain before reading or writing. A request for a file is checked against the workspace it lives in, the organization that workspace belongs to, and the session identity making the call. There is no top-level “global” query path — the tenancy filter is part of the query, not a layer on top.
The practical consequence: cross-tenant reads are not architecturally possible. A bug in a feature handler can't leak a workspace's files into another organization because the workspace identifier is required to construct the query at all.
What we store, where it lives, who can read it.
Expand each topic for specifics. We'll publish a longer data processing addendum alongside our first paid contracts.
Sessions, scopes, and revocation.
Sessions are issued as HTTP-only, SameSite cookies signed by the server; tokens are never exposed to the client app. Passwords are hashed with a modern memory-hard algorithm before they touch storage.
Inside a workspace, every member has a role — Owner, Admin, or Member. Owners and Admins can manage membership, billing, and workspace settings. Members can read and contribute to boards but can't change membership or destroy resources. Role checks happen on the backend, not in the UI.
Sessions can be revoked from the account screen at any time, which invalidates the cookie everywhere it's in use. Password reset is email-verified and rotates the underlying session secret so older sessions stop working immediately.
Found a vulnerability?
We take security reports seriously. Email us with details — we acknowledge within 48 hours and credit responsible disclosure in any public write-up.
Please don't open public issues for security problems. Reports that require coordination get a private channel until a fix ships.
Ready to try Inklyst?
Tenancy and auth are wired. Open the canvas to try it.