Administrators define who can configure, view, update, export, assign or audit a category of work.
01 · Security & data
Security is not only roles. It is the reason a person may act on a real resource.
Moltaro connects identity, roles, record responsibility, field visibility, module context, audit, and database ownership so the platform can explain access without locking data away.
SSO verifies the person; Moltaro decides what they may do.
Single sign-on proves who arrived. Authorization still belongs to the Moltaro installation: local roles, permissions, assignments, field rules, module responsibility and server-computed actions.
A user may act because they own this record, handle this board item, cover this territory, or receive delegated access from a module.
Lists, details, fields, comments, attachments, history and exports are shaped by backend access checks rather than client guesses.
Entity catalogs carry hierarchy; modules keep their own controls.
Entity Definition catalogs let teams model departments, teams, projects and other containment hierarchies where access can be inherited or constrained. Boards, GEO and Entitlements add their own responsibility models beside that catalog, so governance stays explicit without pretending every surface is an Entity.
A permission should answer why, not only yes or no.
The strongest operational systems make authority traceable: what broad role the user has, what concrete resource connects them to the work, which module created context, and what happened afterward.
Security also means the data remains yours.
Moltaro is PostgreSQL-first and deployment-conscious: shared cloud, dedicated tiers and on-premise paths differ in who operates the environment, but the ownership story stays explicit.
Entity records, exports, audit and module facts are designed around database-backed structures instead of opaque vendor-only content.
Backups are part of the managed data story across shared and dedicated deployments. Dedicated commercial tiers can add direct database access, longer retention, backup handoff or custom operational policies when the customer needs deeper control.
When policy requires it, the customer can operate Moltaro with their own PostgreSQL, storage, backups, keys, monitoring and update process.