Security Architecture¶
Security is a first-class, cross-cutting concern owned at the architecture level and enforced by the Governance / Security / Compliance Platform. This page describes the security model; the Security-First Architecture principle page covers the philosophy.
Identity and access¶
| Concern | Mechanism |
|---|---|
| Authentication | OAuth2 / OpenID Connect via OpenIddict (ConnectSoft.AuthorizationServerTemplate, ConnectSoft.IdentityTemplate). |
| Tokens | JWT carrying tenantId, subject, roles, scopes. |
| Service-to-service | Service identities and API tokens (Control Plane ServiceIdentityService, ApiTokenService). |
| Authorization | RBAC for coarse roles, ABAC for fine-grained, policy-driven decisions via the Governance PolicyEngineService. |
| Tenant isolation | Tenant guards in every handler; see Multi-Tenancy. |
Trust boundaries¶
flowchart TB
subgraph public [Public Zone]
client["Browser / Mobile / API client"]
end
subgraph edge [Edge]
gateway["API Gateway + Auth Server (OpenIddict)"]
end
subgraph trusted [Trusted Factory Zone]
services["Platform Microservices"]
bus["Service Bus"]
end
subgraph secrets [Secret Zone]
vault["Azure Key Vault"]
end
client -->|TLS + JWT| gateway
gateway -->|validated identity + tenant| services
services --> bus
services -->|managed identity| vault
Hold "Alt" / "Option" to enable pan & zoom
Secrets¶
- Secrets are never stored as artifacts or in source control. The factory stores only references (
SecretReference) resolved at runtime from Azure Key Vault via managed identities. - The Governance
SecretGovernanceServiceandSecretScanWorkerdetect leaked secrets in generated artifacts before they reach a repository. - Secret rotation is automated (
SecretRotationWorkerin Runtime Cloud / Integration).
Agent and prompt security¶
- Agents are permission-scoped: each
AgentDefinitiondeclares the tools, models, and memory classes it may access, enforced by the Agent Mesh and Governance policies. - Prompt safety policies and memory access policies prevent agents from accessing knowledge outside their tenant and classification scope (see Knowledge governance).
Audit¶
Every sensitive action emits an AuditEntry in the canonical envelope, correlated by traceId, retained per compliance policy, and queryable via the Governance /audit API. This makes the platform fully auditable from intent to runtime.
Generated SaaS security¶
Generated products inherit this model: OpenIddict auth, RBAC/ABAC, tenant guards, Key Vault secrets, and audit — produced by the security-related agents and templates. See Generated SaaS security.