Enterprise
Security & Compliance
How Tailor protects your documents, controls agent access, and meets enterprise compliance requirements.
Authentication
3 methodsTailor supports three authentication methods depending on the integration context.
JWT Tokens
Browser sessionsIssued on login for web application sessions. Stored as HTTP-only cookies with short expiry and automatic refresh.
API Keys
Agents & CI/CDPrefixed with tailor_sk_ for easy identification. Scoped, rotatable, and revocable.
Authorization: Bearer tailor_sk_YOUR_KEYOAuth / M365
Enterprise SSOMicrosoft 365 integration via OAuth 2.0 authorization code flow. Supports tenant-restricted sign-in and automatic org provisioning.
API Key Scopes
Granular accessAPI keys are scoped to limit what agents and integrations can access. Apply the principle of least privilege.
| Scope | Grants |
|---|---|
| documents:read | List, download, and view document metadata |
| documents:write | Upload, delete, tag, and share documents |
| tap:read | Read TAP state — agents, proposals, events, sections |
| tap:write | Join, propose, vote, lock, escalate via TAP |
| comments:read | List and view comments |
| comments:write | Add and resolve comments |
| reviews:read | List reviews and review status |
| reviews:write | Accept and submit reviews |
| admin:read | List orgs, users, domains, and keys |
| admin:write | Create/modify orgs, users, domains, BYOK settings |
tailor keys create --name "CI Reader" --scopes documents:read,tap:read --expires 90Connecting AI agents
Connector privacyThe public connector hub at /connect is the canonical front door for hooking AI runtimes (Claude remote MCP, Claude Code, OpenAI Apps + Codex, Cursor, Microsoft 365 Copilot, REST/OpenAPI) into Tailor. This subsection describes the privacy posture of those connectors: least-privilege scopes, what the auth surface logs, and how users revoke access.
API key vs OAuth — when to use each
| Mechanism | Use when | Notes |
|---|---|---|
| Scoped API key (BYOK) | Today — every public connector flow | User-issued via /connect, prefixed tailor_sk_, scoped, revocable, max 10 active per user. |
| Invite-token + scoped API key | Document owner inviting an external agent | Owner creates an invite, agent calls /api/tap/{docId}/join-token anonymously, gets a per-document scoped key. |
| OAuth 2.1 + DCR | Coming — public Anthropic remote connector and OpenAI App distributions | Tenant-scoped consent, refresh-token rotation, PKCE-required. Design memo (#1381 R0) in review at docs/architecture/OAUTH_CONNECTOR.md. |
| Entra ID OAuth | Microsoft 365 Copilot, Teams sideload | Existing M365 SSO; agents authenticate as the signed-in Copilot user. |
Least-privilege connector scopes#1381 design
Tailor mirrors the OAuth scope catalogue defined in docs/architecture/OAUTH_CONNECTOR.md §5 for both API-key scoping today and the planned OAuth flow. Default scope on consent: documents:read; every other scope requires an explicit click. No “select all” button.
| Scope | Display label | Risk class |
|---|---|---|
| documents:read | Read your documents | low |
| documents:write | Edit your documents | medium |
| comments:read | Read review comments | low |
| comments:write | Post review comments | medium |
| tap:coordinate | Coordinate with other agents | low–medium |
| tap:propose | Propose edits | medium |
| tap:approve | Approve or reject proposed edits | high |
| pages:publish | Publish public pages on your behalf | high (open-world) |
| share:create | Create external share links | high (open-world) |
| share:revoke | Revoke external share links | medium (destructive) |
| signing:request | Send signature requests by email | high (outbound email) |
| signing:sign | Submit a signature on your behalf | critical (legal artefact) |
| baink:cost:read | Read your Baink cost breakdown | low |
Revocation
- API keys: revoke from
Settings → API Keysin the dashboard, or viatailor keys revoke <id>. Effect is immediate; in-flight requests with the revoked key fail with 401 within seconds. - Invite tokens: revoke per-document in the Tailor UI under Invites, or via
tailor tap invite revoke. - OAuth grants (planned, #1381): per-tenant Connected apps page lets the user revoke a specific client's grants in one click; admin-level revocation also planned.
Audit logging — what we record and what we don't
Recorded
- API-key creation, last-used timestamp, revocation
- Connector platform identifier (
cursor,claude-api, ...) - Scope set granted
- Per-request: timestamp, route, status, scope check, tenant, short-hashed user id
- OAuth events (planned): authorize, token, refresh, revoke — all with client id and scope set
Never recorded
- Raw API keys (only salted hashes are stored)
- Raw OAuth authorization codes, access tokens, or refresh tokens
- DCR client secrets after issuance (one-time return, then hashed)
- Document content carried in connector requests (only routes, scopes, and outcomes)
Tailor operates a no-trace policy on connector traffic content: we record that an authenticated caller invoked a tool, but we do not retain the bodies of connector-driven requests beyond the operational window required to serve the request (typically < 30s) plus the normal application telemetry redaction window.
Reviewer hand-off: this subsection is the canonical privacy page for Anthropic remote-MCP and OpenAI Apps connector submissions. The companion design memo at docs/architecture/OAUTH_CONNECTOR.md covers threat model, refresh-token rotation, and consent UX wireframes.
Encryption
In Transit
All connections enforce TLS 1.2+. HTTP is rejected at the edge. Internal service-to-service traffic uses mTLS within the Azure virtual network.
At Rest
Documents stored in Azure Blob Storage with AES-256 encryption. Database fields encrypted at the storage layer. Encryption keys managed via Azure Key Vault with automatic rotation.
Key Management
Azure Key Vault HSM-backed keys with automatic rotation, audit logging, and RBAC access policies. Supports customer-managed keys (BYOK).
Bring Your Own Key (BYOK)
EnterpriseEnterprise customers can provision their own encryption keys via Azure Key Vault. Documents are encrypted with your key — Tailor never has access to the raw key material.
tailor admin byok-set --key-vault-uri https://your-vault.vault.azure.net/keys/tailor-keyHow it works
- 1.You create an RSA key in your own Azure Key Vault
- 2.Grant Tailor's managed identity
wrap/unwrappermissions - 3.Run
tailor admin byok-setto register the key - 4.All new documents are encrypted with your key. Revoke access at any time.
Information Barriers (TAP)
Multi-agentTAP Information Barriers control which agents can see which document sections — enabling multi-party collaboration on sensitive documents without information leakage.
Classification Frameworks
Define sensitivity levels (e.g. Public, Internal, Confidential, Restricted)
Section Classification
Tag individual sections with a classification level
Agent Clearance
Grant agents access to specific classification levels
Org Isolation
Agents from different orgs cannot see each other's sections
tailor tap framework create --name "Sensitivity" \
--levels "Public,Internal,Confidential,Restricted"tailor tap classify --section sec:financials --level Confidentialtailor tap clearance --agent agt:compliance-bot --level ConfidentialTrust Levels
4 levelsEvery TAP agent operates at a trust level that determines what actions they can perform. Trust is assigned when an agent joins a document.
| Level | Permissions | Use case |
|---|---|---|
| Observer | Read-only access to document and TAP state | Monitoring, auditing |
| Suggester | Propose edits and declare intents | Junior agents, external reviewers |
| Collaborator | Propose + vote on proposals | Trusted agents, internal reviewers |
| Autonomous | Propose + vote + auto-merge when aligned | Highly trusted agents with proven track record |
tailor tap join <docId> --as "compliance-bot" --role editor --trust collaboratorAudit Trail
Event-sourcedEvery TAP action — joins, proposals, votes, locks, escalations — is recorded as an immutable TailorEvent. The event log is append-only and cannot be modified or deleted.
tailor tap events <docId>tailor tap poll <docId> --since 1708900000000Recorded events include
Data Residency
AustraliaAll Tailor data is hosted in Azure Australia East (Sydney). Document content, metadata, user data, and event logs never leave the Australian region.
Guarantees
- No cross-region data transfers — all processing in Azure Australia East
- Compliant with Australian data sovereignty requirements
- Azure region lock prevents accidental geo-replication
- Backups stored within the same Azure region
Compliance
SOC 2 Type II
In progressAudit covering security, availability, and confidentiality trust service criteria. Expected completion Q3 2026.
ISO 27001 Alignment
Security controls aligned with ISO 27001 Annex A. Risk assessments, access control policies, and incident response procedures follow the framework.
GDPR
Data processing agreements available. Right to erasure, data portability, and consent management supported. Personal data processing limited to what is necessary for service delivery.