Security that matcheshow LenGrowth actually works.
This page is a plain-English summary of the security, identity, access control, and audit capabilities that are already present in the codebase.
Verified surfaces
SSO settings
OIDC or SAML configuration, provider metadata, allowed domains, and login testing.
SCIM provisioning
Bearer-token provisioning endpoints for Users, Groups, ServiceProviderConfig, and Schemas.
Role matrices
Company permissions include configure SSO, view audit, and export audit capabilities.
Audit trail
Admin audit exploration with filters, row details, exports, and saved presets.
The system is built around company-scoped access, not broad public access.
Authentication is token-verified
The backend verifies Supabase JWTs against the JWKS endpoint, checks issuer and audience when configured, and creates the user record only after the token is valid.
Authorization is company-scoped
Cerbos policies gate company and workspace actions, including audit access and SSO configuration, so access checks happen at the backend and not only in the UI.
Enterprise identity is supported
The product includes OIDC and SAML configuration, allowed-domain controls, JIT provisioning, SCIM token management, and group-to-role mappings.
Actions are auditable
Audit logs can be filtered, reviewed in detail, exported, and saved as presets for investigation or compliance workflows.
What is actually implemented today.
Privacy policy covers account information, company profiles, payment processing through Stripe, and data from connected chat platforms.
Connected Slack, Microsoft Teams, or Basecamp workspaces can provide workspace metadata and bot interaction history for the ChatOps surface.
Terms of Service describe account security, third-party services, platform permissions, and the company mailing address.
Support is centralized through the Intercom Help Center, which is linked from the public help page and the legal pages.
Auth
`auth_service.py` verifies Supabase JWTs, caches JWKS lookups, and requires a valid token before the app creates or loads a user.
Identity
`sso.py` supports OIDC and SAML config, login tests, allowed domains, JIT provisioning, SCIM tokens, and reconciliation.
Audit
`audit_logs.py` exposes company-scoped logs with filters, row-level detail, export, and saved presets.
The app also has a real background-processing stack.
Celery worker orchestration
Long-running analysis, asset generation, recurring syncs, and other async workflows run through Celery workers and scheduled beat jobs.
Redis-backed infrastructure
Redis is used for Celery broker/result backend paths and for rate limiting, including the sliding-window limiter in the FastAPI middleware.
Worker monitoring
Flower is listed with the backend worker stack, giving the ops side a standard Celery task-monitoring surface.
Edge and detection context
Cloudflare appears in the platform’s technology-analysis patterns, so the system recognizes Cloudflare-backed sites when it inspects a business footprint.
What this means in practice
The trust story is already in the product. This page just makes it visible.
Public legal baseline
Privacy, Terms, and a help link already exist in the public footer and sitemap.
Enterprise controls
Admins can work with SSO, SCIM, roles, permissions, and audit logs inside the app.
Scope control
Backend checks are company-scoped and permissioned, not just cosmetic UI states.
Support path
Intercom is the support surface; this page is the trust surface beside it.