The Security, Governance & Trust domain governs identity, access, policy, and compliance enforcement across all runtime execution in Fuse. It is a foundational domain — ensuring that every user, system, and AI actor operates within governed, auditable, and explainable boundaries.
This domain combines identity orchestration, runtime approvals, policy enforcement, and audit generation into a single, unified control plane — embedded across all workflows, automations, and integrations.
Fuse does not treat security or governance as optional layers. They are first-class, composable domains that operate inline with orchestration and execution.
This domain enables:
Whether you're managing medical records, cross-border financial flows, or AI decisions — this domain ensures what can happen is always governed by what should happen.
The following capabilities represent the configurable and governable identity, access, and policy surfaces in Fuse. Each includes a reference page and a corresponding user/admin guide.
| Capability | Description | Guide |
|---|---|---|
| Users | Manage user accounts and profiles participating in workflows | View Guide |
| Roles | Define role-based access controls and authorization context | View Guide |
| Permission Sets | Group permissions and bind them to roles or workflows | View Guide |
| Groups | Create and manage security groups for access and routing | View Guide |
| Policies | Define conditional enforcement logic and access evaluation rules | View Guide |
| Security Properties | Extend user profiles with custom attributes for identity scoping | View Guide |
| Identity Providers | Configure SCIM, SAML, OIDC identity federation and login providers | View Guide |
| IP Rules | Restrict access or enforce conditions based on originating IP address | View Guide |
| RiBAC | Enforce Risk-Based Access Control based on runtime conditions | View Guide |
| Certificates | Manage certificates for encryption, signing, or identity verification | View Guide |
| Questions | Configure knowledge-based identity verification questions | View Guide |
| Layer | Security, Governance & Trust Role |
|---|---|
| Integration | Enforces token-authenticated access and connection-level policies |
| Automation | Applies trigger-level constraints based on token, risk, or role |
| Orchestration | Inserts approval, escalation, and conditional access flows |
| Interoperability | Propagates context and policy across domains, systems, and actors |
Next: Workflow & Pipeline Domain — Discover how Fuse structures logic across human, system, and AI actors in multi-step flows.