Encrypted credentials
Tenant client secrets and delegated OAuth tokens are encrypted at rest with AES-256-GCM using your deployment secret key.
Migration Tab assumes every tenant boundary is sacred. Credentials are encrypted, data is org-scoped, and live mutations stay behind explicit human approval.
Tenant client secrets and delegated OAuth tokens are encrypted at rest with AES-256-GCM using your deployment secret key.
Supabase Row Level Security on every table and storage path. Workspace members cannot read another organization's data.
Cloud mutations require MIGRATIONTAB_ALLOW_LIVE_MUTATIONS=true plus typed job approval. Today's catalog is discover/export only.
Operators run jobs and edit mappings. Admins manage tenant profiles, connect delegated Forms, grant SPE access, and approve live operations.
Job creation, tenant changes, mapping updates, and approvals write to an org-scoped audit log.
SPE Loop access and group Forms require explicit operator action in the customer tenant — the SaaS cannot run SharePoint admin PowerShell for you.