Account Security | Wonderful

Wonderful takes account security seriously. All users and collaborators are authenticated and authorized using a fine-grained, role-based access model that ensures only the right people can view or modify content.

Authentication

Secure Login: Users sign in using email and password or organization-approved authentication providers.
Session Security: Sessions are managed securely, and idle sessions may expire automatically.
Protected Resources: Any attempt to access private content requires a valid, authenticated session.
Public Resources: Certain tasks, brands, or assets may be made viewable via secure public links (see Asset Sharing).

Authorization

Wonderful uses a resource-based access model (ReBAC) rather than simple role hierarchies.
Access is determined per resource — for example, a workspace, team, brand, task, or item.
Permissions cascade downward — if you have edit rights at the workspace level, you also have edit rights on teams, tasks, and assets inside it.
Each resource has roles such as Admin, Editor, Reviewer, or Viewer, defining what actions you can perform.

Recommended Practices

Use strong, unique passwords or SSO where possible.
Review your workspace members regularly.
Do not share login credentials—use invitations for new users instead.
When sharing public links, confirm you’re using the correct privacy level (see below).

Authentication

Secure Login: Users sign in using email and password or organization-approved authentication providers.
Session Security: Sessions are managed securely, and idle sessions may expire automatically.
Protected Resources: Any attempt to access private content requires a valid, authenticated session.
Public Resources: Certain tasks, brands, or assets may be made viewable via secure public links (see Asset Sharing).

Authorization

Wonderful uses a resource-based access model (ReBAC) rather than simple role hierarchies.
Access is determined per resource — for example, a workspace, team, brand, task, or item.
Permissions cascade downward — if you have edit rights at the workspace level, you also have edit rights on teams, tasks, and assets inside it.
Each resource has roles such as Admin, Editor, Reviewer, or Viewer, defining what actions you can perform.

Recommended Practices

Use strong, unique passwords or SSO where possible.
Review your workspace members regularly.
Do not share login credentials—use invitations for new users instead.
When sharing public links, confirm you’re using the correct privacy level (see below).