Skip to main content
Version: 2.0.0

Security Architecture

Permit.io is built with security by design, every turn and point where security measures can be implemented they are. A significant portion of the security architecture is provided through the OPAL architecture.

Key points

  • All connections are SSL encrypted (HTTPS and SSH for Git)
  • All PDP connections are outgoing, i.e. the PDP is the initiator of all the connections both to the Permit cloud and to any data-source you choose to configure.
    • only exception is queries sent to the PDP (e.g. queries from the Permit SDKs)
  • By default no data is uploaded to the Permit cloud (all needed can be hosted locally in the PDPs); only meta-data [e.g. user object GUIDs] are uploaded.

Connectivity Diagram

Connectivity Map Diagram