A security overview

This page will help you better understand how security is structured in Invofox

Invofox is built so software companies can provide their customers with the best AI solution for their document processing needs.🤖

One of the complexities that come with this is how to structure the security so it's flexible enough to service all of our customers' needs, and simple enough for it to be easily understood.

We structure security in three different levels:

  • Account. If you're a customer of Invofox you'll have one and only one account. You will handle environments, user and security groups at the account level. Also, we'll charge you based on the contracted services and the usage on your account.
  • Environment. You can have as many different environments as you want to, free of charge! You'll be able to service as many customers and process as many documents as you need in each of these environments. API keys are managed at the environment level, as are users and permissions. Our customers typically use environments to:
    • Separate a Test and a Live environment.
    • Configure different settings, such as validations or usage of the classifier and splitter, for different use cases or customers.
    • Control what users can see and do separating sensitive information in different environments.
  • Company. A company in Invofox is one of your customers for which you want to provide service. This is an optional setting which don't need to configure for Invofox to work and get your documents' data, but we use this information to improve the results, so we encourage you to do it. Users can be granted access to a subset of an environment's companies.
  • Clients & providers. These are your customers' customers and providers, and because of that they are configured per company. Again, this is an optional setting that will only improve the quality of the results, as well as enable additional validations that will enable you to get the highest possible data quality with Invofox.

User management is done at the account level. In order to access the user management interface you need to be logged in with an admin user, click on the top right corner, and then select the Settings option:

You will then see a popup that will allow you to manage your accounts users and security groups:

To create a new user you only need a name and an email address. The email address must be unique per user. You will also have to associate a security group, which you can manage in the same popup, on the Security groups tab:

When you create a new user, Invofox will automatically send them an email with their credentials.

By default Invofox accounts are created with two security groups, but you can create your own granting them permissions at the account, environment or even company level.

These same security groups are also used in the workload management queues and the approval workflows.