Security & access
OAuth scopes per integration, four-role RBAC, SAML SSO with Okta and Azure AD, AES-256 encryption, one-click revoke, and SOC 2 audit logs.
5 articles
OAuth scopes we request
The exact OAuth scopes Omesta requests from Stripe, Meta, Google, TikTok, Shopify, and GA4 — and the data fields each scope unlocks. Minimum-needed only.
Revoking an integration
Revoke any Omesta integration in one click from inside Omesta or directly from Stripe, Meta, Google, or Shopify. Data retention, purge timing, and reconnection.
Role-based access control
The four Omesta workspace roles (Owner, Admin, Operator, Viewer) and exactly what each can and can't do — billing, autopilot approval, integrations, exports.
SSO (SAML) setup
SAML SSO setup with Okta, Azure AD, Google Workspace, OneLogin, JumpCloud, or any SAML 2.0 IdP in five minutes. Domain claiming and SCIM provisioning on Scale.
Data encryption overview
TLS 1.3 in transit, AES-256-GCM at rest, envelope encryption with AWS KMS, and bring-your-own-CMK on the Enterprise tier of Scale. The full encryption story.
Still not finding what you need? Email support@omestasystems.com. Median response time is under 2 hours.
The standard for revenue recovery. Protecting payments, attribution, and ad spend.
As featured in
See all 500+ features →© 2026 Omesta Systems. All rights reserved.