Overview

Developers & Admins: Configure OAuth apps and manage workspaces.

End Users: Connect personal accounts or retrieve documents.

Admins (or workspace owners) have full control to add integrations, revoke tokens, and view logs of ingestion events.

Permission Layers

Compliance & Logging

Audit Trails: Every change to roles, tokens, or integrations is logged with a timestamp, actor (admin or system), and a record of the modifications. These audit logs support compliance with standards such as SOC 2 and GDPR.

Data Minimization

Swiftgum only stores file contents when ingestion is explicitly enabled. Otherwise, it retains only references or metadata about files unless a local ingestion pipeline is used for transformation.

Best Practices

  • Least Privilege: Grant only the minimum permissions necessary.
  • Regular Reviews: Monitor logs for changes or suspicious revocations.
  • Segmentation: Use separate workspaces for different teams to minimize cross-access.