AUTORA OS

Security architecture · any brand · any dealership network

Security that behaves like
infrastructure.

AUTORA is designed for tenant isolation, append-only traceability, connector governance, and platform-level security control across dealership networks.
The security model is brand-agnostic. The same access controls, audit trail, and governance layer apply whether the tenant is a Toyota group, a VW franchise, or a mixed-brand PE-backed portfolio.
Get Revenue Leak ReportSecurity review

Security summary

Core controls visible to every stakeholder.

Last updated · 1 April 2026

Data encrypted in transit (HTTPS/TLS)

Role-based access control

Immutable audit trail

Store-level data isolation with RLS enforcement

POPIA-aligned data handling

Role-based access matrix

Each role sees only what the operating model allows.

Platform access is separated from dealership access. Support visibility is auditable. Tenant boundaries are enforced in data access and then reinforced in the product layer.

RoleAccess scopeRestriction
Platform OwnerAll dealers, governance rules, audit logs, and implementation oversight.No platform secrets are exposed client-side.
Platform SupportDealer setup, operational diagnostics, and scoped support actions.No billing control, no raw key visibility, all actions audited.
Dealer AdminUsers, local policies, reporting, and store configuration.No cross-dealer visibility.
Dealer SalesInbox, lead actions, bookings, and assigned workflows.No governance or billing controls.
Dealer MarketingMetrics and compliance views only.PII and message bodies can be redacted by policy.

Governance notes

Security is not an abstract promise. It is visible in the operating boundaries.

  • Platform credentials are stored server-side and are not exposed to dealership users.
  • Support actions are auditable and traceable by role, user, and timestamp.
  • Data access is scoped by store or group membership before application-level access is granted.
  • Incident review follows logged audit evidence rather than informal support access.

Security contact

Need a security review, architecture note, or access clarification?

Security reviews, access questions, and incident coordination are handled through the platform team with auditable support procedures.

security@autoraos.company
WhatsApp Support