Security
M3 Forge is designed for self-hosted deployments where your organization maintains full control over data residency, encryption, access controls, and compliance posture.
RBAC Permissions
Role-based access control with six system roles, custom roles, and a detailed permissions matrix.
HMAC Authentication
Request-level authentication with HMAC-SHA256 signatures for API and webhook endpoints.
Data Privacy & Storage
How data is stored, transmitted, encrypted, and managed with configurable retention policies.
Security Principles
- Self-hosted by design — Your data never leaves your infrastructure unless you explicitly configure external integrations.
- Defense in depth — Authentication, authorization, encryption, and audit logging at every layer.
- Least privilege — RBAC with custom roles, scoped API keys, and scoped HMAC signing keys ensure minimal access.
- Transparency — All configuration changes and security events are logged in the audit trail.
Last updated on