Built for Enterprise Teams

Enterprise-grade delivery,
not enterprise complexity.

Effigate gives enterprise teams the operational control they need — multi-tenant isolation, role-based governance, SLA enforcement, contract billing, and audit-ready reporting — without the implementation overhead of legacy platforms.

Request Enterprise Demo Security & Compliance

Multi-tenant · RBAC · SLA Enforcement · Audit Logs · API-first

Enterprise-ready from day one

99.9%

Uptime SLA

Tenant Isolation

AES-256

Data Encryption

GDPR

Compliance Ready

Multi-Tenant Architecture

Complete data isolation between every workspace

Every tenant in Effigate runs in its own isolated database schema. There is no shared tables, no row-level tenant filtering, no risk of data leakage between organisations. Each workspace is cryptographically independent.

This architecture means your enterprise clients' data never touches your internal data, your clients' data never touches each other, and your compliance posture is structurally enforced — not just policy-enforced.

  • Separate database per tenant — no shared tables
  • Path-based tenant resolution — zero cross-tenant URL exposure
  • Tenant-scoped API tokens — cannot access other workspaces
  • Tenant-isolated file storage — attachments never cross boundaries
  • Landlord-level admin controls with full audit trail

Tenant Isolation Model

Schema-per-tenant architecture

tenant_acme_corp
Active
tenant_globex_ltd
Active
tenant_initech_inc
Active
tenant_umbrella_co
Suspended

Each database schema is fully independent. No tenant can ever query another tenant's data.

Role-Based Access Control

Granular permissions at every level

Effigate implements a dual-layer RBAC model — tenant-level roles govern platform access, project-level roles govern work visibility and actions. Client users exist in a separate, restricted access tier.

Owner

Full platform control. Manages billing, settings, users, all data.

  • Full settings access
  • Billing management
  • All user management
  • Landlord visibility
  • All data export

Admin

Operational control without billing access. Manages teams and configurations.

  • Settings access
  • User management
  • All project data
  • Report exports
  • Integration setup

Manager

Manages projects, sprints, and team workloads within permitted scope.

  • Project management
  • Sprint planning
  • Team assignment
  • Time log review
  • Client reports

Project-Level Roles

Project Owner

Full project control

Project Manager

Sprint & delivery ownership

Contributor

Task execution & time logging

Reviewer

Quality gates & approvals

Observer

Read-only visibility

SLA Enforcement Engine

P-001: Payment API failure BREACHED
Critical Priority · 4h response, 8h resolution
P-002: Report export timeout WARNING
High Priority · 8h response, 16h resolution
P-003: UI display glitch ON TRACK
Medium Priority · 24h response, 48h resolution
SLA Enforcement

SLA timers that never lie and penalties that automatically calculate

Enterprise service agreements require measurable, enforceable SLA compliance. Effigate's SLA engine runs per-ticket timers from the moment a ticket is created, accounting for business hours, support levels (L1–L3, Solution Architect), and after-hours/weekend flags.

When SLA is breached, Effigate doesn't just flag it — it calculates the financial deduction, attaches it to the invoice, and generates the audit evidence. Your clients see exactly what happened and when.

  • Per-priority SLA targets (Critical, High, Medium, Low)
  • Business hours and timezone-aware timer calculation
  • Automatic breach detection with escalation alerts
  • SLA penalty auto-deduction on contract invoices
  • Client-visible SLA status on the portal
  • Full audit trail — every timer event is logged
Audit Trails

Every action is recorded, timestamped, and queryable

Enterprise compliance teams need evidence. Effigate's audit logging captures every significant event — who changed what, when, from what context, and with what result. From ticket status changes to invoice issuance to API token creation, the record is immutable.

API Audit Logs

Token creation, revocation, auth events per IP

Invoice Events

Issued, viewed, paid, disputed — full ledger

Time Log Lock

Immutable after 3-day lock period by default

User Activity

Role changes, login/logout, permission grants

SLA Events

Timer start, pause, breach, resolution per ticket

Contract Changes

Amendment history with before/after snapshots

Audit Log Stream

2026-03-11 09:14:32 api.token.created
admin@acme.com · Token "CI Deploy" created — scope: read
2026-03-11 09:02:11 invoice.issued
owner@acme.com · INV-2026-0041 issued to Globex Ltd
2026-03-11 08:55:07 sla.breach.detected
system · Ticket #TK-0182 SLA breached — Critical
2026-03-11 08:40:23 timelog.locked
system · 14 time logs locked (lock window: 3 days)
2026-03-11 08:31:05 user.role.changed
owner@acme.com · alice@team.com promoted Owner→Admin
Enterprise Reporting

9 enterprise report types — built in

From executive revenue summaries to individual member utilization, Effigate's reporting engine gives leadership the visibility they need without requiring custom BI tooling.

Executive Summary

Cross-project revenue, delivery velocity, and capacity overview for C-level visibility.

Project Financial

Budget vs actuals, rate card utilisation, SLA deductions, and invoice reconciliation.

Sprint Execution

Committed vs delivered, velocity trends, blocker analysis across all active sprints.

Member Utilization

Per-member capacity, logged hours, billable ratio, and workload distribution.

Revenue Realization

Invoiced vs collected, outstanding balances, and payment velocity by client.

Client Profitability

True margin per client after SLA deductions, support costs, and time at rate.

Estimated vs Tracked

Story point accuracy, task hour estimation drift, and delivery predictability.

Internal Cost

Internal team cost vs billable revenue — find your most and least profitable work.

Expense Analytics

Categorised expense tracking with client allocation and P&L integration.

Explore all reporting capabilities
REST API & Webhooks

API-first architecture for integration-heavy environments

Effigate exposes a fully documented, tenant-scoped REST API (JSON:API conventions) for every resource — projects, tasks, tickets, contracts, time logs, invoices, and reports. Authentication is via per-tenant API tokens with granular scope control.

  • Tenant-scoped API tokens — cannot access other workspaces
  • Scoped permissions: read-only, read-write, resource-specific
  • Rate limiting with X-RateLimit-* response headers
  • Outbound webhooks for every domain event (HMAC-SHA256 signed)
  • Webhook delivery with exponential back-off retry (5 attempts)
  • Full Swagger/OpenAPI documentation via Scramble
GET /api/{'{tenant}'}/v1/projects 
{
  "data": [
    {
      "id": "proj_01H9X...",
      "type": "project",
      "attributes": {
        "name": "Platform Rewrite Q1",
        "status": "active",
        "budget_hours": 800,
        "logged_hours": 341,
        "completion_pct": 42.6
      },
      "meta": {
        "open_tickets": 14,
        "sla_breach_risk": 2
      }
    }
  ],
  "meta": {
    "total": 12,
    "per_page": 25,
    "current_page": 1
  }
}
Scalability Architecture

Scale clients, teams, and workloads without changing the operating model

Effigate is designed so the same platform can support a 20-person delivery team, a multi-client MSP operation, or a larger enterprise services organisation without changing the underlying governance model. The hierarchy, tenancy, auditability, and reporting layers remain structurally consistent as volume increases.

That matters because enterprise scale rarely breaks the UI first. It breaks the hidden process assumptions: manual queue triage, spreadsheet reconciliation, implicit permissions, and reporting logic that only works while one manager still knows how everything fits together. Effigate replaces those assumptions with explicit operating rules.

  • Queue-based background processing for exports, webhooks, sync jobs, and long-running workflows
  • Tenant-isolated databases so high-volume clients do not create cross-tenant query risk
  • Structured report exports for executive and client-facing review without ad hoc BI workbooks
  • Rate-card and contract governance that survives staffing growth and account-team turnover
  • Consistent access-control layers across browser UI, client portal, and API integrations

Enterprise scale model

How Effigate keeps operations consistent as more teams, clients, and workflows enter the system.

Architecture view
Tenant layer Isolate every workspace Tenant DB Portal API Storage Operations layer Run delivery and service Projects Tickets Time Invoices Governance layer Keep control explicit RBAC Audit SLA Reports Scale layer Support growth Queues Exports Webhooks Integrations

Security built into every layer

Enterprise deployments require more than a privacy policy. Effigate's security architecture is designed from the ground up for compliance-conscious organisations.

AES-256 Encryption

All data encrypted at rest using AES-256. All data in transit protected by TLS 1.2+.

Zero Cross-Tenant Access

Architectural isolation means no query can return another tenant's data — by design.

IP Firewall

Configurable IP allowlisting and blocklisting at the tenant level — enforced before authentication.

Password Policy Engine

Configurable minimum complexity, rotation policy, and breach detection per tenant.

GDPR Readiness

Data export, right-to-erasure workflow, consent logging, and DPA documentation.

Backup & Recovery

Automated daily backups with point-in-time recovery. RTO and RPO defined per plan.

Full security & compliance details

Enterprise Feature Checklist

Everything an enterprise procurement team needs to see

Infrastructure & Architecture

  • Schema-per-tenant database isolation
  • Path-based multi-tenancy (no subdomain DNS required)
  • Horizontal scaling architecture
  • Queue-based async job processing
  • CDN-ready static asset delivery
  • Health check endpoints

Identity & Access Management

  • Role-based access control (tenant + project levels)
  • Client user tier with restricted portal access
  • Per-tenant API token management
  • Token scope granularity (read/write/resource)
  • IP allowlist / blocklist per tenant
  • Session management and forced logout

Compliance & Auditability

  • Immutable audit log for all platform events
  • API audit log (token activity, auth events)
  • Time log immutability after lock period
  • Invoice immutability after issuance
  • GDPR data export and erasure workflow
  • DPA documentation available on request

Operational Excellence

  • 99.9% uptime SLA with status page
  • Automated daily database backups
  • Point-in-time recovery capability
  • Change management and release notes
  • Priority support SLA for Enterprise plans
  • Dedicated onboarding and migration assistance

Continue your enterprise evaluation

Enterprise buyers rarely evaluate architecture, access control, SLA, billing, and client transparency separately. Use these related pages to inspect how the platform behaves as a complete operating model.

Permissions & access control SLA management engine Billing engine & rate cards Reporting & analytics suite Enterprise IT workflow Security & compliance page
Integration ecosystem

Connect Effigate to your enterprise toolchain

Enterprise teams bring their own tool stack. Effigate integrates with source control, messaging, file storage, and notification systems so delivery workflows stay connected.

GitHub

Link commits, PRs, and branches to tasks and deliverables for full traceability.

Source Control

GitLab

Connect merge requests and commits to project work items and epics.

Source Control

Slack

Deliver SLA breach alerts, sprint notifications, and approvals to Slack channels.

Notifications

Microsoft Teams

Route platform events and ticket updates to Teams channels via webhooks.

Notifications

Email

Transactional and configurable digest notifications with per-tenant templates.

Notifications

Amazon S3

Store attachments and exports in tenant-owned S3-compatible buckets.

File Storage

Enterprise FAQ

Common questions from enterprise procurement and security teams.

Effigate uses a schema-per-tenant database isolation model. Each tenant has its own isolated database schema — there are no shared tables between tenants. This means a misconfiguration or bug cannot leak data between organisations. Tenant resolution is path-based (/{tenant}/), so there is no reliance on DNS-level isolation.

Effigate is available as a cloud-hosted SaaS. Self-hosted enterprise deployments are available on request for organisations with strict data residency requirements. Contact our enterprise team for infrastructure specifications and deployment documentation.

Effigate exposes a full REST API (JSON:API conventions) for all resources. Outbound webhooks are supported for every domain event. Common integrations include GitHub, GitLab, Slack, Microsoft Teams, email, and S3-compatible storage. Custom integrations can use the API token system.

SLA penalties are calculated by the billing engine based on the breach severity, duration, and rate defined in the active rate card. Penalties are auto-deducted from the contract invoice and attached as a line item with full audit evidence. The client portal shows the SLA timeline and deduction calculation.

Cloud-hosted data is stored in the infrastructure region selected at tenant onboarding. Enterprise plans can request dedicated infrastructure within specific regions. Data is never transferred across regions without explicit configuration.

Client users are a separate access tier from internal users. They access a dedicated client portal with restricted visibility — they cannot see internal notes, rate card details, SLA calculation formulas, or internal team data. Client Admins can manage their own client employees within the portal.

Ready to run enterprise delivery on one platform?

Talk to our enterprise team about deployment options, security review, compliance documentation, and custom onboarding.

Request Enterprise Demo View Enterprise Pricing