Platform
Identity & Access
Novatria Identity & Access provides centralized authentication, authorization, and entitlement management across both Governance and Security suites — with SSO, MFA, RBAC, ABAC, and fine-grained data-plane access controls.
Centralized Identity
One identity provider (auth.novatria.com) handles authentication for all suites with SSO, MFA, and suite-aware session routing.
Attribute-Based Access
Go beyond role-based access with ABAC policies that factor in user department, data classification, time-of-day, and location for fine-grained control.
Zero-Trust Posture
Every API call, data access, and cross-suite operation is authenticated and authorized — with continuous session validation and automatic token rotation.
Capabilities
Why customers choose Novatria Identity & Access
SSO & MFA
Native integration with Okta, Azure AD, Auth0, and Google Workspace. Enforce MFA policies globally or per-suite with adaptive risk scoring.
RBAC + ABAC Hybrid
Combine role-based defaults with attribute-based overrides. Grant a 'Data Steward' role, then refine with attributes like department, classification, and project.
Entitlement Certification
Periodic access reviews with automated approval workflows. Managers certify team access quarterly with one-click approve/revoke flows.
Cross-Suite Propagation
Grant access in Governance and it propagates to Security where relevant — no duplicate access provisioning across suites.
Session Intelligence
Monitor active sessions, detect anomalous login patterns, and automatically revoke compromised sessions across all suites simultaneously.
API Key Management
Issue scoped API keys with TTLs, rate limits, and IP allowlists. Track key usage and rotate automatically based on policy.
Common Questions
Can I use my existing identity provider?
Yes. Novatria integrates with any SAML 2.0 or OIDC-compliant provider including Okta, Azure AD, Auth0, Ping Identity, and Google Workspace.
How does ABAC differ from RBAC?
RBAC assigns permissions to roles. ABAC evaluates dynamic attributes (department, data classification, time) at decision time. Novatria combines both — start with roles for simplicity, layer in attributes for precision.
Is data-plane access controlled separately?
Yes. Control-plane access (dashboards, APIs) and data-plane access (query results, exports) are governed independently. A user can view a catalog entry without being able to query the underlying data.
Get started
See Novatria in action
Land through Governance or Security, then expand across the full trust platform.