Wonderful takes account security seriously. All users and collaborators are authenticated and authorized using a fine-grained, role-based access model that ensures only the right people can view or modify content.
- Secure Login: Users sign in using email and password or organization-approved authentication providers.
- Session Security: Sessions are managed securely, and idle sessions may expire automatically.
- Protected Resources: Any attempt to access private content requires a valid, authenticated session.
- Public Resources: Certain tasks, brands, or assets may be made viewable via secure public links (see Asset Sharing).
- Wonderful uses a resource-based access model (ReBAC) rather than simple role hierarchies.
- Access is determined per resource — for example, a workspace, team, brand, task, or item.
- Permissions cascade downward — if you have edit rights at the workspace level, you also have edit rights on teams, tasks, and assets inside it.
- Each resource has roles such as Admin, Editor, Reviewer, or Viewer, defining what actions you can perform.
- Use strong, unique passwords or SSO where possible.
- Review your workspace members regularly.
- Do not share login credentials—use invitations for new users instead.
- When sharing public links, confirm you’re using the correct privacy level (see below).