Access Control Guide
This guide documents the roles, permissions, and access control configuration available to operators of Enprivacy Invisiq.
Overview
Section titled “Overview”Invisiq uses role-based access control (RBAC). Access is granted by assigning users to one or more roles. Roles are configured by workspace administrators.
Authentication is handled via your identity provider (SSO/OIDC/SAML) or via passwordless email authentication. Local accounts are not supported.
| Role | Description | Permissions |
|---|---|---|
| Administrator | Full access | TODO |
| Member | Standard user access | TODO |
Configuring SSO / Identity Provider
Section titled “Configuring SSO / Identity Provider”MFA Enforcement
Section titled “MFA Enforcement”API Keys
Section titled “API Keys”API keys provide programmatic access to the Invisiq API. They are scoped and can be rotated.
Audit Log Events Related to Access
Section titled “Audit Log Events Related to Access”The following access-related events are captured in the audit log:
- User login and logout
- Failed authentication attempts
- Role assignment and revocation
- API key creation and rotation