Praisma Hub LogoPraisma Hub

1.1.6 Security Overview — Authentication, Roles, and Token Handling

Security is a foundational principle of Praisma Hub. Every layer of the platform is designed to protect organizational data, control access, and ensure that actions are performed only by authorized users. This section provides an overview of how authentication, roles, permissions, and token handling work together to create a secure and reliable environment.

Authentication

Authentication in Praisma Hub verifies the identity of users before granting access to the platform. Users authenticate using their registered credentials, typically an email address and password. Passwords are securely stored using modern hashing algorithms and are never saved or transmitted in plain text.

To further enhance security, Praisma Hub supports additional authentication measures such as session validation, device-aware security checks, and optional multi-factor authentication where applicable. These measures reduce the risk of unauthorized access, even if credentials are compromised.

Authentication is handled centrally and consistently across all modules. Once authenticated, a user gains access only to the organizations and features explicitly assigned to them.

Roles and Permissions

Access control within Praisma Hub is based on a role-driven permission model. Roles define what a user is allowed to see and do within an organization. Instead of assigning permissions individually, users are assigned roles that group related permissions together.

Common role categories may include administrators, editors, contributors, reviewers, and viewers. Each role has clearly defined capabilities, such as managing users, publishing content, viewing analytics, or configuring system settings.

This approach ensures clarity, reduces configuration errors, and supports consistent governance across the organization. When responsibilities change, roles can be adjusted quickly without complex reconfiguration.

Principle of Least Privilege

Praisma Hub follows the principle of least privilege. Users are granted only the permissions necessary to perform their tasks and nothing more. This minimizes the potential impact of mistakes or misuse and significantly improves overall security.

By enforcing strict permission boundaries, the platform ensures that sensitive operations—such as billing management, role assignment, or system configuration—are restricted to authorized users only.

Token Handling and API Access

In addition to user-based authentication, Praisma Hub uses secure tokens for system integrations and API access. Tokens allow external services, automated processes, or internal modules to interact with the platform without exposing user credentials.

Tokens are scoped, meaning they are limited to specific permissions and use cases. They can be rotated, revoked, or expired as needed, ensuring that access remains controlled over time. This is especially important for integrations, automation workflows, and analytics pipelines.

Session Management and Expiration

User sessions in Praisma Hub are managed securely. Sessions are time-bound and automatically expire after periods of inactivity. This reduces the risk of unauthorized access on shared or unattended devices.

Administrators can invalidate active sessions if necessary, for example when a device is lost or a user leaves the organization.

Auditing and Accountability

All sensitive actions within Praisma Hub are logged. This includes authentication events, permission changes, and critical system operations. Audit logs support accountability, troubleshooting, and compliance with internal policies or external regulations.

By maintaining a clear record of who did what and when, organizations gain visibility and confidence in their security posture.

Security as a Continuous Process

Security within Praisma Hub is not a one-time configuration but an ongoing process. Regular updates, monitoring, and structured access management ensure that the platform remains resilient against evolving threats.

By combining strong authentication, role-based access control, secure token handling, and auditing, Praisma Hub provides a robust security foundation suitable for professional and public-sector environments.