Security built in, not bolted on

Enterprise-grade access control and compliance from day one.

Role-Based Access

Granular permissions from viewer to admin. Control who sees, edits, approves, and deletes content.

Single Sign-On

Connect your identity provider. Azure AD, Okta, or any OIDC-compliant service with automatic user provisioning.

Multi-Tenant Isolation

One deployment serves multiple organisations with complete data isolation, separate configs, and independent user management.

Audit Trail

Immutable log of every action. Know who did what, when, and on which asset — across every tenant.

Multi-Factor Authentication

TOTP-based MFA with QR-code enrolment and backup codes. Enforce step-up auth for admins or high-risk actions.

Biometric Login

WebAuthn / passkey support for hardware-key and biometric sign-in. Phishing-resistant authentication out of the box.

Content Encryption

AES-128 HLS sample encryption (RFC 8216) for protected streaming. Tokenised playback URLs and per-asset key delivery.

Encrypted Credentials

Argon2id password hashing, signed JWTs, and HMAC-SHA256 webhook signatures. Secrets and credentials never travel in plaintext.