Backend source of truth
Sensitive actions should be enforced server-side through role, plan, billing and workspace checks, not only hidden in the UI.
Security & Trust
Kadryn is designed for teams running AI in production who need visibility, ownership, guardrails and auditability without exposing secrets or unnecessary data.
Principles
Kadryn’s security model is built around server-side authorization, tenant isolation, minimal data exposure and controlled integrations.
Sensitive actions should be enforced server-side through role, plan, billing and workspace checks, not only hidden in the UI.
Business objects should always be scoped to the organization or workspace that owns them.
API keys, provider tokens, OAuth credentials and webhook secrets should never appear in dashboards, logs or audit payloads in clear text.
Changes to budgets, routing, policies, exceptions and integrations should leave a clear operational trail.
Controls
Kadryn separates access, secrets, delivery, observability and governance so AI cost control does not become another security blind spot.
Identity
Access is organized around users, organizations, roles and plan-aware capabilities.
Owner, admin, member and viewer flows for workspace-level control.
Google OAuth, OIDC/SAML and SCIM-oriented workflows depending on plan.
Advanced RBAC, custom roles, SSO group mapping and stricter access policies.
Secrets
Provider credentials and delivery secrets are treated as sensitive operational material.
Application keys should be stored as hashes with only a displayable prefix.
Provider keys and OAuth tokens should be encrypted at rest and never returned raw.
Webhook delivery should use signatures, timestamps, idempotency and retries.
Data
Kadryn is designed to reason from cost and operational metadata instead of collecting unnecessary sensitive content.
Provider, model, project, feature, team, customer and owner context.
Retention windows can vary by plan and data category.
Sensitive exports should be role-checked, scoped and auditable.
Operations
Production trust depends on diagnostics, redacted logs, safe errors and controlled incident workflows.
Errors, background jobs, webhooks, email delivery and integration health.
Sensitive changes should be recorded with actor, action, target and outcome.
Containment, investigation, correction, communication and post-incident review.
Data boundaries
AI FinOps works best when operational metadata is enough to understand cost, ownership and risk. Customers should avoid sending secrets, unnecessary personal data or sensitive raw content into fields that are not designed for it.
Trust documents
Security is not only a marketing claim. Customers need access to privacy, DPA, subprocessors, support and implementation guidance.
How Kadryn handles personal data across the site, SaaS service, support and billing.
Open →
How Kadryn processes customer data when acting as processor.
Open →
Infrastructure, email, billing, observability and integration providers.
Open →
Implementation guidance for gateway, ingestion, integrations and production setup.
Open →
Contact Kadryn for security, privacy, implementation or enterprise questions.
Open →
Start with a minimal setup, review the data you plan to send, and add stricter controls as your AI usage becomes business-critical.