This is the friendly, no-jargon version. For the engineering view see
Architecture; for the strategy view see
Trust & Security.
The 30-second version
Think of kombify like a secure office building:- Reception (Login). You sign in once at the front desk —
login.kombify.io. You prove who you are (password, passkey, or a second factor). Reception hands you a badge. - The badge (Token). Your badge says who you are and which plan you’re on. It expires, so it can’t be reused forever, and it’s stamped so it can’t be faked.
- The doors (Gateway). Every room checks your badge at the door
(
api.kombify.io). No badge, no entry — the door stays shut by default. - Floor access (Plan & permissions). Your badge opens the doors your plan includes. Higher plans open more doors. Some special rooms do an extra check right at the door.
What happens when you sign in
You're sent to reception
The app redirects you to the kombify login page. You never type your password
into the app itself — only into the official login page. That’s deliberate and
safer.
You prove who you are
Password, passkey, or multi-factor. kombify uses a managed identity provider
(Auth0) so this part follows the same rules banks and enterprises use.
You get your badge
The app receives a short-lived, signed token. It’s kept safe on the server side,
not left lying around in your browser.
Why can’t I use feature X?
Because your plan decides which doors open. When something is not included, you won’t get a confusing dead-end. You get a clear message that says:- what you tried to do,
- why it’s not available (which plan or feature is needed), and
- what to do next (e.g. “upgrade to unlock this”).
The three kinds of “you”
kombify keeps these clearly separate:| Who | Example | What they can do |
|---|---|---|
| A customer | You, using the product | Whatever your plan includes |
| A staff member | A kombify team member | Operational tools, kept separate from customer plans |
| An AI agent acting for you | An assistant doing a task on your behalf | Only what you are allowed to do — never more |
Good to know
One sign-in
Sign in once; the same identity works across kombify products.
Closed by default
If anything is unclear or a token is missing, the answer is “no”. Safety first.
Short-lived badges
Tokens expire, so a leaked one stops working quickly.
Clear denials
Every “not available” comes with the reason and the next step.
Want the details? Continue to the
technical architecture.
