Question 1

How is data isolated between different organizations?

Accepted Answer

Every database row carries a tenantId column. PostgreSQL Row-Level Security policies enforce that every query — even a misconfigured one — can only return rows belonging to the current tenant. Additionally, each organization can be provisioned with full database isolation for maximum separation.

Question 2

Which identity provider does Enafeedback use?

Accepted Answer

Enafeedback authenticates admin users through EnaCore Identity, an enterprise-grade OIDC provider managed by EnaCore. Authentication uses PKCE flows with a dedicated callback domain (auth.enafeedback.com). Passwords are never stored in Enafeedback itself — identity is fully delegated to the IdP.

Question 3

How does the HMAC audit chain work?

Accepted Answer

Every admin action (create, update, delete, access) is appended to an immutable audit log. Each log entry includes a HMAC-SHA256 hash derived from the previous entry's hash plus the current event payload. This creates a chain: any tampering with an entry invalidates all subsequent hashes, which can be verified in real time from the admin panel.

Question 4

What module-scoped roles are available?

Accepted Answer

For each module (Feedback, Hygiene, Survey) there are Admin, Operations Lead, and Field Supervisor roles. Buildings management has its own role. Additional platform-level roles include Platform Auditor (read-only audit access) and Platform Owner (full access to integrations, SMS config, team, subscription, and org settings).

Question 5

Can teams in different countries access the same account?

Accepted Answer

Yes. The admin panel supports 72 languages and 8 configurable display timezones. AI-powered message translation ensures feedback submitted in any visitor language is readable by admins in their own language. All data is consolidated in one tenant regardless of physical location of team members.

Security and compliance built into the foundation.

Every security feature you need. None added later.

PostgreSQL Row-Level Security

OIDC / SAML Identity

HMAC-SHA256 Audit Chain

Encrypted Secrets at Rest

Module-Scoped RBAC

Audit Retention Tiers

برای محیط‌های تنظیم‌شده و چندمستأجری ساخته شده. (tenant) (multi-tenant)

PostgreSQL RLS

مدیریت هویت OIDC

HMAC-SHA256 audit chain

امنیت داده جهانی

Enterprise Architecture FAQ

زیرساخت Enterprise. بدون مصالحه.

PostgreSQL RLS

HMAC audit chain

هویت OIDC

مطابق استانداردهای بین‌المللی

ذخیره‌سازی Huawei OBS

پلتفرم EnaSpace

Enafeedback را در محیط خود ببینید.