Capabilities

Resources, privileged accounts, scopes, owners, status, and metadata stay in one backend model.

Roles, scoped access, policy bindings, and resolved controls explain who can do what.

Sensitive account operations run as tracked jobs with step results and operational evidence.

Brokered sessions stay tied to actor, target, account, reason, policy, and component trust.

Events, audit records, drift, stale access, failed work, and ratings become review signals.

The UI and API use the same objects, jobs, policy checks, and evidence model.