Skip to main content
Swiftgum leverages to ensure users only interact with data and configurations they’re allowed to see.

Overview

Developers & Admins: Configure OAuth apps and manage workspaces.
End Users: Connect personal accounts or retrieve documents.

Admins (or workspace owners) have full control to add integrations, revoke tokens, and view logs of ingestion events.

Permission Layers

Each workspace is typically owned by a single admin user with top-level privileges. Owners can add or remove other admin-level users or invite standard users.
Creating or configuring integrations requires admin rights. End Users may connect personal accounts under these integrations, which generate individual tokens.
End users can view only their own tokens, while admins can revoke any token as needed. Note that raw OAuth credentials remain encrypted and are not directly exposed.

Compliance & Logging

Audit Trails: Every change to roles, tokens, or integrations is logged with a timestamp, actor (admin or system), and a record of the modifications. These audit logs support compliance with standards such as SOC 2 and GDPR.

Data Minimization

Swiftgum only stores file contents when ingestion is explicitly enabled. Otherwise, it retains only references or metadata about files unless a local ingestion pipeline is used for transformation.

Best Practices

  • Least Privilege: Grant only the minimum permissions necessary.
  • Regular Reviews: Monitor logs for changes or suspicious revocations.
  • Segmentation: Use separate workspaces for different teams to minimize cross-access.