Appearance
Security & Control FAQ
Common questions about access control, data security, and governance in Junto.
What role-based access control does Junto use?
Junto uses a five-role hierarchy:
| Role | Description |
|---|---|
| Owner | Everything, including billing and organization settings |
| Admin | Full operational access to all tools and settings |
| Manager | High-risk tools, team management |
| Operator | Medium and low-risk tools |
| Technician | Low-risk tools and standard workflows |
Who can access Settings pages?
Only users with Admin or Owner roles (permission level 90+).
How does the tool approval system work?
Each AI agent tool can be configured with an approval mode:
- Requires Approval -- Every use requires explicit human approval.
- Session Approval -- Approved once per session.
- Auto-Approved -- No human approval step.
Your role determines which risk level of tools you can approve. Managers approve high-risk, Operators approve medium/low, Technicians approve low-risk only.
How are passwords and credentials secured?
Junto uses industry-standard hashing for passwords and token-based authentication for sessions. Integration API keys and credentials are encrypted at rest using strong symmetric encryption. Encryption keys are managed server-side and never exposed to the client.
Is data encrypted in transit?
Yes. All communication between the browser and Junto backend is over HTTPS. API calls to external integrations also use encrypted connections.
Can I audit what the AI agent does?
Yes. Agent runs are tracked and associated with the initiating user. Tool usage, approval decisions, and interactions are logged. Integration actions like ConnectWise time entries are tied back to the originating user.
How are integration credentials stored?
Credentials are encrypted before database storage. Decryption occurs server-side only when needed for API calls. Credentials are never sent to the frontend in plaintext.