Security & Compliance

Klority is built for organizations that take **security, identity, and data privacy** seriously. Your data is isolated, encrypted, and protected by modern security best practices.

Authentication & SSO

Secure your workspace with industry-standard authentication methods:

  • Single Sign-On (SSO): Enable one-click login for your entire organization using Google Workspace, GitHub, or Microsoft Azure AD.
  • Two-Factor Authentication (2FA / TOTP MFA): Users can enable TOTP-based MFA for an extra layer of protection on their password login, compatible with Google Authenticator, Authy, 1Password, and any standard TOTP app.
  • Role-Based Access Control (RBAC): Granular permissions to ensure team members only see what they need to.
  • Secure Session Management: We use HTTP-only, secure cookies and domain-scoped isolation to prevent session hijacking.

Multi-Factor Authentication (MFA)

Klority supports TOTP-based Multi-Factor Authentication for all accounts using email/password login. Once enabled, users must verify their identity with a 6-digit time-based code at every login โ€” in addition to their password.

  • Works with any TOTP app: Google Authenticator, Authy, 1Password, Bitwarden, and more.
  • Opt-in per user: Members manage MFA from their personal Security settings. No admin action required.
  • Backup codes: On setup, 8 single-use backup codes are generated so users can regain access if they lose their device.
  • SSO users: Accounts authenticated via Google, GitHub, or Microsoft rely on those providers' own strong security (including their MFA). Klority's TOTP applies specifically to email/password logins.
๐Ÿ’ก

How to enable MFA

Go to Settings โ†’ Security in your Klority account. Click Enable MFA, scan the QR code with your authenticator app, and enter the 6-digit code to confirm. Store your backup codes somewhere safe.

Data Isolation & Infrastructure

Everything in Klority is built on a multi-tenant architecture designed for complete isolation.

  • Database Isolation: Workspace data is logically separated at the database level. No tenant can ever access another tenant's data.
  • Encryption at Rest: All data stored in our enterprise-grade relational database and encrypted cloud storage is encrypted at rest using industry-standard AES-256.
  • Encryption in Transit: 100% of data transmitted to and from Klority is encrypted using TLS 1.3 (HTTPS-only).
๐Ÿ””

Role-Based Access Control (RBAC)

Admins can manage billing, members, and workspace-wide settings. Standard Members are scoped to work within projects, but cannot access administrative panels.

API Access

Automate your workflows securely with Klority's REST API. Generate Personal Access Tokens to safely interact with tasks, test cases, and Wiki pages from your CI/CD pipelines or internal tools.

Backups & Availability

We perform daily automated backups of all workspace data and maintain 99.9% uptime by leveraging Amazon Web Services (AWS) high-availability infrastructure across multiple availability zones.

Previous โ† Billing & Pricing