Everything your team needs to trust the system
Spendda is built for teams that need reliable data, clear reporting, and strong controls. Review security, access policies, and system behavior in one place.
Compliance posture
- TLS 1.2+In transit
- Tenant isolationPer-client workspaces
- BackupsDaily snapshots (Enterprise)
- SOC 2Type II, roadmap
Security
Encryption, tenant isolation, RBAC, and how we approach enterprise hardening.
OpenPrivacy
What we process, where it lives, subprocessors, and retention controls.
OpenAPI documentation
Public REST surface. OpenAPI spec and examples ship with your pilot workspace.
OpenSingle sign-on (SSO)
SAML 2.0 and OIDC with IdP-initiated login. Configured during enterprise onboarding.
Jump to sectionSSO, SAML and OIDC
Enterprise workspaces connect to Okta, Entra ID, Google Workspace, or your preferred IdP. We support SP- and IdP-initiated flows, enforced MFA at the IdP, and optional SCIM directory sync on the roadmap. Your implementation engineer documents redirect URLs, attribute mapping, and session lifetime during onboarding. This site holds a placeholder until your tenant is provisioned.
Audit trails & roles
Tenant-scoped roles (owner, admin, member, viewer) control uploads, exports, and admin surfaces. Export and system events can be mirrored to an audit feed for governance teams. See Client portal in the product (admin).
Backups & availability
Production targets include encrypted daily backups, point-in-time recovery for the primary database, and documented RTO/RPO per tier. Pilot sandboxes may use shorter retention; your order form states the SLA that applies to you.