Skip to main content
This is the friendly, no-jargon version. For the engineering view see Architecture; for the strategy view see Trust & Security.

The 30-second version

Think of kombify like a secure office building:
  1. Reception (Login). You sign in once at the front desk — login.kombify.io. You prove who you are (password, passkey, or a second factor). Reception hands you a badge.
  2. The badge (Token). Your badge says who you are and which plan you’re on. It expires, so it can’t be reused forever, and it’s stamped so it can’t be faked.
  3. The doors (Gateway). Every room checks your badge at the door (api.kombify.io). No badge, no entry — the door stays shut by default.
  4. Floor access (Plan & permissions). Your badge opens the doors your plan includes. Higher plans open more doors. Some special rooms do an extra check right at the door.
That’s the whole idea: sign in once, carry a tamper-proof badge, and every door checks it.

What happens when you sign in

1

You open a kombify app

The Cloud dashboard, the Workbench, or the mobile app.
2

You're sent to reception

The app redirects you to the kombify login page. You never type your password into the app itself — only into the official login page. That’s deliberate and safer.
3

You prove who you are

Password, passkey, or multi-factor. kombify uses a managed identity provider (Auth0) so this part follows the same rules banks and enterprises use.
4

You get your badge

The app receives a short-lived, signed token. It’s kept safe on the server side, not left lying around in your browser.
5

You use the product

From now on the app quietly shows your badge at each door. You don’t notice it — it just works.

Why can’t I use feature X?

Because your plan decides which doors open. When something is not included, you won’t get a confusing dead-end. You get a clear message that says:
  • what you tried to do,
  • why it’s not available (which plan or feature is needed), and
  • what to do next (e.g. “upgrade to unlock this”).
We treat a “no” as a helpful signpost, not a wall.

The three kinds of “you”

kombify keeps these clearly separate:
WhoExampleWhat they can do
A customerYou, using the productWhatever your plan includes
A staff memberA kombify team memberOperational tools, kept separate from customer plans
An AI agent acting for youAn assistant doing a task on your behalfOnly what you are allowed to do — never more
That last one matters: when an AI agent does something for you, it inherits your permissions and nothing extra. It can’t quietly do more than you could yourself.

Good to know

One sign-in

Sign in once; the same identity works across kombify products.

Closed by default

If anything is unclear or a token is missing, the answer is “no”. Safety first.

Short-lived badges

Tokens expire, so a leaked one stops working quickly.

Clear denials

Every “not available” comes with the reason and the next step.
Want the details? Continue to the technical architecture.