Teams & Access Control
Ephos natively integrates with Clerk to provide robust Organizational control. By leveraging Clerk Organizations, you can securely invite team members, assign roles, and share Phantom Keys within a constrained security boundary.
How It Works
When you create an Organization in Ephos, all stored Phantom Keys and Ephos Tokens are tied to the Organization's scope, rather than your personal user account.
Role-Based Access Control (RBAC)
- Org Admins: Can view, create, rotate, and delete all Phantom Keys. Can generate Ephos Tokens and assign them to specific team members.
- Org Members: Cannot access the raw Phantom Keys. Can only see and use Ephos Tokens that have been explicitly assigned to them by an Admin.
Adding Members
Depending on your subscription tier, you can invite additional members to your organization:
- Free Tier: 1 Member
- Plus Tier: Up to 3 Members
- Pro Tier: Up to 10 Members
Organizational Billing
Paid subscriptions (Plus & Pro) are Organization-exclusive. You must create an Organization to upgrade your usage limits.
Members can be managed directly by clicking the Manage_Subscription button within the "Subscription & Usage" section of your dashboard settings. This opens the Organization Profile modal where you can send invites, manage roles, and remove users.
Revocation
If an Org Admin removes a member from the Clerk Organization, a webhook instantly fires to our Vault Enclave. This triggers an immediate purge of any Ephos Tokens assigned to that member, entirely severing their access to the proxy and your secrets.