> For the complete documentation index, see [llms.txt](https://docs.riff.ai/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.riff.ai/concepts/security.md). # Security Riff is built for use in enterprise procurement and operations environments, where AI tooling must meet the same security bar as any other system with ERP access. > **Note for the docs team:** Please verify current certification status and data residency commitments before publishing this page. Content below reflects the designed security posture — confirm specifics with the Riff team. ## Authentication and access control ### Single Sign-On (SSO) Riff supports enterprise SSO via SAML 2.0 and OAuth 2.0. Connect your identity provider (Okta, Azure AD, Google Workspace) so that Riff authentication follows your existing MFA and session policies. No separate credential management required. ### Role-based access control Access within a Riff workspace is role-based: | Role | What they can do | | ----------- | --------------------------------------------------------------------------- | | **Owner** | Full workspace control — deploy agents, manage integrations, manage members | | **Builder** | Create and edit apps and agents; cannot manage integrations or billing | | **Viewer** | Read-only access to deployed apps and agent output | Agents themselves operate under the permissions of the integration credentials they're configured with — not any individual user's credentials. This means agent permissions are explicit and controllable independently of who runs them. ### Secrets management Credentials used by agents — ERP API keys, OAuth tokens, SMTP credentials, webhook secrets — are stored in Riff's encrypted secrets manager. They are: * Never stored in code or configuration files * Never logged or returned in API responses * Accessible to agents at runtime, not readable by builders after initial entry * Rotatable without redeploying the agent ## Data handling ### Where your data lives Riff's infrastructure is hosted in the EU. Data processed by agents — ERP records read, supplier emails parsed, audit logs written — is stored within EU boundaries. ### What Riff stores Riff stores: * Agent configuration (the job definition, not ERP data) * The audit trail of agent actions * Data explicitly written to Riff's native database by the builder * Attachments and files explicitly passed to the agent Riff does not store a copy of your ERP data. When an agent reads from your ERP to make a decision, that data is processed in memory and logged in the audit trail (the specific fields used, not a full record dump). ### Data retention Audit logs and agent run history are retained for \[retention period — confirm with Riff team]. Workspace data is retained for the duration of your subscription and deleted within \[period] of account closure. ## Compliance ### GDPR Riff is GDPR-compliant. A Data Processing Agreement (DPA) is available on request and is included in enterprise agreements. For procurements requiring a DPA before onboarding, contact your account manager. ### SOC 2 \[Status — confirm with Riff team: "Riff is SOC 2 Type II certified" or "Riff is working towards SOC 2 Type II certification, with report expected \[date]." ] ### Penetration testing Riff conducts regular penetration testing by an independent third party. Results are available under NDA for enterprise procurement processes. ## The permissioned actions model The primary security control for ERP write access is Riff's typed actions model — described in detail in [How agents act on ERPs](/concepts/how-agents-act-on-erps.md). In brief: agents can only perform the specific, pre-declared write operations they've been configured and approved to perform. There is no mechanism for an agent to perform an ERP write action that wasn't reviewed and authorised by the builder before deployment. This is the architectural guarantee that makes ERP write access auditable. ## Security questions and enterprise onboarding For security questionnaires, DPA requests, penetration test results, or architecture review calls, contact: \[security contact — confirm with Riff team]. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.riff.ai/concepts/security.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.