Help Center

Security and privacy

Understand access and data boundaries

How Statecraft keeps team data scoped and auditable.

Team authorization

Every protected action resolves the signed-in user, profile, and actual team membership on the server. Client-supplied team identifiers are not trusted for authorization.

Database enforcement

Row-level security limits authenticated reads to verified team membership. Sensitive workflow writes run through validated, rate-limited server routes and are audited.

Still stuck?

Tell a human what you were trying to accomplish.

Get help →