Access Control

Controlling who can access your integration platform and what they can do is critical for security and governance. Frends provides a comprehensive access control system that allows you to manage user authentication, define granular permissions, and maintain strict oversight of your environment.

User Authentication

Frends offers flexible and secure methods for user authentication to ensure that only authorized personnel can access the platform. For robust enterprise-grade security, we support Single Sign-On (SSO) with Azure Entra ID (formerly Azure Active Directory, Office 365). This allows your organization to centrally manage user access and enforce custom authentication policies, and it is our best practice recommendation.

For environments not using SSO, Frends enforces strong password policies, including requirements for length, complexity, and expiration, to protect user accounts. To further secure user sessions, the platform supports an automatic session logout after a predefined period of inactivity.

Role-Based Access Control

Frends implements a powerful Role-Based Access Control (RBAC) system that gives you full control over user permissions. You can define custom roles with specific rights, allowing you to grant users the exact level of access they need to perform their duties, adhering to the principle of least privilege.

This granular control extends to all aspects of the Platform, including access to sensitive logging data and Process monitoring information. By using RBAC, you can effectively segregate duties and ensure that users can only view or modify the resources relevant to their role.

Controlling Access to Your Data

You have complete authority over who can access your data within the Frends Platform. Using the RBAC system, you can even block access for Frends' own Professional Services employees if they are not actively engaged in supporting your environment.

Only a limited and audited number of Frends personnel have access to backend resources. This access is strictly controlled, requiring secure keys stored in Azure Key Vault, and all backend data is always encrypted. This ensures that your data remains confidential and protected from unauthorized access at all levels.