Security & access

OAuth scopes per integration, four-role RBAC, SAML SSO with Okta and Azure AD, AES-256 encryption, one-click revoke, and SOC 2 audit logs.

5 articles

OAuth scopes we request

The exact OAuth scopes Omesta requests from Stripe, Meta, Google, TikTok, Shopify, and GA4 — and the data fields each scope unlocks. Minimum-needed only.

3 min read

Revoking an integration

Revoke any Omesta integration in one click from inside Omesta or directly from Stripe, Meta, Google, or Shopify. Data retention, purge timing, and reconnection.

2 min read

Role-based access control

The four Omesta workspace roles (Owner, Admin, Operator, Viewer) and exactly what each can and can't do — billing, autopilot approval, integrations, exports.

3 min read

SSO (SAML) setup

SAML SSO setup with Okta, Azure AD, Google Workspace, OneLogin, JumpCloud, or any SAML 2.0 IdP in five minutes. Domain claiming and SCIM provisioning on Scale.

4 min read

Data encryption overview

TLS 1.3 in transit, AES-256-GCM at rest, envelope encryption with AWS KMS, and bring-your-own-CMK on the Enterprise tier of Scale. The full encryption story.

3 min read

Still not finding what you need? Email support@omestasystems.com. Median response time is under 2 hours.

Contact support Back to help center