Identity and access control Authentication is centralised through the gateway and supports user tokens, service tokens, and API keys for integration scenarios.
JWT-based user sessions for portal access Service-to-service tokens with managed rotation API key support for external integrations Flexible guards for user, service, and mixed-access endpoints Controlled execution environments Autonomous work runs away from your local machines and internal network, with runtime isolation as a first-order design concern.
Cloud workspaces isolate task execution from customer infrastructure Ephemeral execution architecture is the target for untrusted command isolation Runtime workspaces are separated by project and organisation boundaries Merge gates keep production changes behind explicit policy Data protection Coroid is database-first, encrypted by default for sensitive configuration, and aligned with EU hosting requirements on the public cloud service.
Encryption for data in transit and at rest Encrypted storage for sensitive configuration values EU hosting profile for GDPR-sensitive teams Scoped repository access instead of broad organisation-wide credentials Production operations The platform is operated with monitoring, scanning, and disaster-recovery practices expected by enterprise engineering teams.
SBOM and container image scanning in CI HTTPS-only public endpoints with TLS termination Automated database snapshots and restore runbooks Prometheus, Grafana, Loki, and GlitchTip-backed observability