Security & SSO

Security & SSO

GrackerAI is built for enterprise security requirements.

Compliance & Certifications

  • SOC 2 Type II — Annual audit
  • GDPR — EU data subject rights honored
  • CCPA — California privacy rights honored
  • ISO 27001 — In progress

Request the latest reports via security@gracker.ai.

SSO

SAML SSO available on Scale and Agency plans:

  • Okta
  • Microsoft Entra ID (Azure AD)
  • Google Workspace
  • OneLogin
  • Generic SAML 2.0 IdP

Setup

  1. In your IdP, create a new SAML application
  2. Use the metadata URL from Configure → Settings → Security → SSO
  3. Map standard attributes (email, name, groups)
  4. Test with one user before enforcing org-wide

SCIM Provisioning

Available alongside SSO on Scale and Agency plans. Auto-creates and deactivates users based on IdP group membership.

Data Encryption

  • At rest: AES-256
  • In transit: TLS 1.3 minimum
  • Database backups: Encrypted; rotated daily

Access Controls

  • Role-based access (see Team Management)
  • Session timeout — Configurable (default 24 hours)
  • IP allowlisting — Available on Enterprise plans
  • Audit logs — Available on Scale and above

Security Reporting

To report a vulnerability, email security@gracker.ai. PGP key available on request.

We follow coordinated disclosure with 90-day timelines.