Security Is Architectural, Not an Add-On
ArkanPM is built with tenant isolation, role-aware authorization, and full audit trails as foundational primitives — not features bolted on later. Here's what that looks like in practice.
Row-Level Security (RLS) Multi-Tenancy
Every query is scoped to the tenant at the PostgreSQL layer. A compromised application process cannot accidentally leak data across tenants — the database itself enforces the boundary.
11 Built-In Roles — RBAC + ABAC
Super Admin, Platform Admin, Tenant Admin, Facility Manager, Building Manager, Maintenance Technician, Inspector, Vendor User, Owner, Resident, Read-Only. Attribute-based access adds context-aware rules on top — building-scoped assignments, temporal scoping, and financial data masking.
MFA with Backup Codes
TOTP multi-factor authentication with QR-code provisioning and 8 single-use backup codes. Enforced for admin and sensitive roles.
Hardened Authentication
JWT access tokens with 15-minute TTL and 7-day refresh cycle. Password policy requires 10+ characters with complexity. Account lockout after 5 failed attempts. Concurrent-session limits are configurable.
Full JSON-Diff Audit Trail
Every create, update, delete, login, and logout is logged with old/new JSON values for point-in-time comparison. Filterable by entity, action, date range. Soft-delete preservation keeps the trail intact.
Tenant Status Guards
Suspended or terminated tenants are locked out at the authentication layer — independent of per-user permissions. Administrative lifecycle is enforced, not advisory.
Webhook Authentication
Outbound webhooks carry authentication secrets, support custom headers, and log every delivery attempt with status, response body, and retry count.
Document Retention Policies
Per-document-type retention (compliance, financial, operational, temporary). Access is audited with user ID, action, IP, and timestamp on every view.
Configurable Regional Residency
Tenant-level configuration for locale, timezone, and default currency (AED, SAR, QAR, USD). Data-residency posture is configurable per deployment to align with UAE, Saudi, and Qatar requirements.
Deployment & Operational Posture
Encryption in Transit
HTTPS across all endpoints with Helmet security headers enforcing strict content policy, referrer policy, and frame-ancestors.
Automated Background Operations
Seven background processors (PM generator, overdue inspection detector, warranty expiry monitor, escalation engine, booking no-show handler, lease expiry monitor, contract expiry monitor) run on BullMQ with Redis persistence — retry and failure visibility included.
Integration Logging
Every outbound integration call logs request/response data, status (success/error/warning), error messages, and duration. Integration health is observable.
Role-Aware Financial Masking
ABAC rules can hide financial fields from users whose role lacks the required attribute — even if the underlying record is otherwise visible. Useful for tenant-manager vs. owner separation.