Skip to main content

Security

The Security tab centralizes tenant-wide security settings for the organization. These controls define what users, public visitors, agents, and integrations are allowed to do across the workspace.

Use Security to manage:

  • editable user profile fields,
  • audit log retention,
  • soft-delete retention,
  • connection governance,
  • prompt shield behavior,
  • content safety filtering,
  • public conversation sharing,
  • public recording sharing.

Profile Fields

Administrators can choose which profile fields users are allowed to edit themselves. Restrict these fields when identity data should come only from SSO, Microsoft Entra, Google, or another authoritative directory.

Editable fields are controlled independently:

  • first name,
  • last name,
  • email,
  • phone number.

If a field is disabled here, users should treat it as directory- or admin-managed rather than self-service.

Data Retention

Retention controls how long audit history and soft-deleted records remain available. Shorter retention reduces stored history; longer retention supports audits, support investigations, and recovery workflows.

Retention can be turned on independently for audit logs and soft-deleted records:

  • Audit log retention: automatically deletes audit log entries after the configured number of days.
  • Soft-delete retention: permanently erases soft-deleted records after the configured number of days.

Valid retention values are 1 to 90 days. Turning a retention control off disables automatic cleanup for that retention type.

Connection Governance

Connection governance controls which integration types and functions can be used. Administrators can disable entire connection types or force selected functions to require confirmation before execution.

Connection governance shows each connection type with:

  • connection type name, description, image, and scope,
  • whether the connection type is enabled for the organization,
  • whether function-level overrides are supported,
  • function metadata, including whether the function modifies data,
  • the current function access mode,
  • any organization-level override.

Use connection governance to:

  • disable an entire connection type for the organization,
  • keep a connection type enabled but override risky functions,
  • force a function to be disabled,
  • force a function to be enabled,
  • force a function to require confirmation before execution,
  • return a function to its default policy by clearing the forced override.

This is organization-wide governance. It sits above individual connection access, agent tool assignment, and workflow configuration.

AI Safety

Prompt shield and content safety settings protect customer-facing and internal interactions from unsafe or unwanted content. Content safety can be enabled as a whole and then tuned by category, including violence, sexual content, hate, and self-harm.

AI safety settings are stored separately:

  • Prompt Shield Filter protects assistants from prompt injection and jailbreak attempts.
  • Content Safety Filter blocks risky user prompt content.
  • Content safety categories can be toggled independently for Violence, Sexual content, Hate, and Self-harm.

If the main content safety filter is disabled, category switches are not active in the UI.

Sharing

Sharing controls define whether users can create public conversation links or public recording links. These settings matter before enabling public chat, authenticated widgets, realtime experiences, or any workflow that exposes workspace data outside the organization.

Sharing settings are independent:

  • Conversations controls whether public conversation sharing links can be created.
  • Recordings controls whether public recording links can be created. This control is shown only when the Recordings organization feature is enabled.

The standalone Security Center page presents recommendations and findings. This Organization tab is where the underlying tenant-wide policy settings are changed.

Security - organization's security policies

Troubleshooting

If Security settings do not behave as expected:

  • confirm that the user has an owner or admin role before changing tenant-wide controls,
  • check whether a feature is disabled in Settings before looking for sharing controls,
  • check connection governance if a tool or workflow function is unavailable even though the connection exists,
  • check retention settings when audit records or soft-deleted records disappear earlier than expected,
  • check content safety and prompt shield settings when user prompts are blocked.