Security & Access Control
Built for the data you're responsible for.
Student records, medical information, financial data — you're the custodian of sensitive information. CompCue is designed from the ground up to keep it completely safe and completely yours.
Passwordless Magic Links
No passwords means nothing to steal. Every user — from principals to parents — authenticates via a one-time link delivered to their email.
- Built on NextAuth v5 with a custom Prisma adapter for session persistence
- No passwords stored anywhere in the system
- Magic links expire after a configurable TTL
- Server-side sessions stored in the database — not just JWTs
- Middleware validates every request before the page renders
Complete Multi-Tenant Isolation
Every school is its own isolated world. There is no configuration, no edge case, and no bug path that allows one school to see another school's data.
- Unique school slug enforced with a database-level unique index
- All URLs prefixed with /org/<slug>/ — namespace isolation by URL design
- Every single database query filtered by schoolId at the ORM layer
- Next.js middleware validates slug-to-user ownership on every request
- School status lifecycle controls access: Active, Suspended, Disabled
Session Security
Sessions are server-side, school-scoped, and validated on every incoming request — before any data is returned or any page renders.
- Sessions stored server-side in the database
- A session for School A cannot access School B — ever
- Middleware intercepts and validates before any rendering begins
- Unauthorized cross-tenant attempts are redirected before they touch data
Encrypted Credentials
API keys, webhook secrets, and payment gateway credentials are encrypted at rest. No plaintext secrets are ever stored in the database.
- Razorpay API keys and webhook secrets encrypted at rest
- Stripe API keys and webhook secrets encrypted at rest
- Payment secrets never exposed to the frontend layer
- Legacy password fallback uses bcryptjs hashing
Audit Trails
Every financial action and every leave approval is permanently and immutably logged — with actor identity, timestamp, and the exact state change.
- Full financial transaction log: amount, method, gateway, staff identity
- Leave approval log: action, actor, previous status, new status, comment
- Application timeline for every admissions action
- Document version control — every version retained, never deleted
Document Access Control
Documents shared within the school can be locked to exactly who should see them — from open to the whole school down to admin-only.
- 4 access levels: Public, Private, Restricted, Confidential
- Per-share permissions: view, download, edit, re-share
- Optional share expiry date
- Digital signature support with certificate hash and IP logging
Everyone sees exactly what they need. Nothing more.
CompCue checks the specific permission required — not just the role — on every UI element and every API endpoint. Fine-grained and extensible.
12 permission categories — granular control at every level
Separate login surfaces for every audience
Staff, parents, and students each have their own login path — so there's no accidental cross-role access.
/loginCentral portal — links to all school and admin logins/org/<slug>/loginSchool staff: teachers, admins, owners/org/<slug>/parent-loginParents of enrolled students/org/<slug>/student-loginStudents/admin/loginPlatform-level super-adminsDocument access levels
Control exactly who can see each document stored in CompCue.
Security questions? We're an open book.
Talk to our team about CompCue's security architecture, data handling practices, and compliance posture.