Security and governance
Who can do what, and the record of who did.
Access in Archively is explicit. Named roles hold named permissions. A review pipeline gates release. Every change is attributed, and published versions are kept.
Last reviewed July 2026
- Roles
- 7 plus administrator
- Workflow
- 9 stages
- Authentication
- SAML SSO · MFA
- Audit
- Field-level, attributed
Access and accountability
Permissions are named. Actions are logged.
Seven archival roles plus an administrator
Access is role based. Seven archival roles cover the stages of archival work, and an administrator manages the institution. People get the permissions their role needs, and nothing more.
7 ARCHIVAL ROLES + ADMINISTRATOR
Nine workflow stages
Records move through nine defined workflow stages before release. A review pipeline runs from AI review to quality review to rights clearance to publish. Release is gated, not automatic.
9 WORKFLOW STAGES · REVIEW-GATED RELEASE
Per-section permissions
Work on a record is organized by section, so each person's area of responsibility stays clear and their edits stay attributed to them.
PER-SECTION PERMISSIONS
Field-level audit trails
Every edit is recorded with the person who made it and the time it happened. Changes are attributed at the field level, so the history of a record stays legible.
FIELD-LEVEL AUDIT · ATTRIBUTED CHANGES
SAML SSO and MFA
Staff sign in through your identity provider with SAML single sign-on. Multi-factor authentication is supported for staff accounts.
SAML SSO · MFA
Published-version history
Published versions are frozen. When a record changes and is published again, the earlier version is kept, so you can see what was public and when.
PUBLISHED-VERSION HISTORY
How the record holds up
The AI proposes. A person decides.
The human-authority model is the spine of the platform. It is also part of its security story, because it means every published field was reviewed and attributed.
The AI proposes; archivists decide
AI output is an immutable snapshot. A person reviews it field by field and marks each field accepted, modified, or rejected, with a word-level view of the difference. The decision is human, and it is recorded.
IMMUTABLE AI PROVENANCE · FIELD-BY-FIELD REVIEW
Staff work and public access are separate
The staff workspace and the public portal are separate surfaces. Only published records appear on the public portal.
STAFF WORKSPACE · PUBLIC PORTAL
Each institution is separated
In the managed cloud, each institution runs in its own separated space, with its own catalog, media, users, and configuration.
PER-INSTITUTION SEPARATION
Put your security questionnaire into the evaluation.
A working setup using your records, not a sales presentation.
