Permissions, end to end
Source ACLs are captured as entitlement snapshots at ingest and enforced on every read across search, wiki, the API, and the agent skill. Retrieval fails closed.
Security & governance
Premora runs on premises or in a customer-controlled private cloud, scoped to a single enterprise per installation. Governance is a property of the pipeline, not a feature bolted on top: permissions propagate from the source system all the way to the answer.
Product security controls
These are the safeguards Premora provides so your team can operate it securely — aligned with NCUA/FFIEC-style expectations and SOC 2.
Source ACLs are captured as entitlement snapshots at ingest and enforced on every read across search, wiki, the API, and the agent skill. Retrieval fails closed.
premora-api-gateway is the only HTTP entry point. Authentication, rate limits, and request-size and abuse controls are enforced in one place — never bypassed.
A built-in token issuer verifies local accounts, OIDC/Entra, SAML 2.0, or LDAP/AD binds, then mints RS256 JWTs. No separate IdP product to run; SSO fails closed when misconfigured.
First-run bootstrap creates a DB-backed admin that exists before any SSO and is permanent — a broken IdP can never lock everyone out.
Admin actions, connector changes, query execution, report publication, and policy overrides are recorded. Every prompt and agent call is attributable to a user.
Installs from signed, checksummed, versioned artifacts. Customer environments never need GitHub or GHCR credentials — connected, internal-registry, or USB air-gap.
Data sovereignty
One Premora deployment serves a single enterprise — there is no cross-customer multitenancy. The platform supports customer-managed certificates, CAs, and keys, restricts direct database access to controlled service seams, and keeps web research off the core read path. The core browse-and-search path keeps working with no external SaaS dependency.
The technical docs cover identity, access control, and runtime configuration in depth.