Access Control
Who can do what, in which entity
Operator roles scoped to specific merchants, branches, or terminal groups -- because in acquiring, who sees what is just as critical as who does what.
Access security
Every action, authorized
In an acquiring platform with processors, banks, merchants, and operators sharing the same infrastructure, access control is critical infrastructure. SUGA ACL defines who can view settlements, who can initiate refunds, who can onboard merchants, and within exactly which entity hierarchy.
Configurable roles, granular per-operation permissions, entity-based authorizations, and complete access auditing.
Capabilities
Roles scoped to entities, operations, and data -- built for multi-tenant acquiring hierarchies.
Role management
Role creation and configuration with predefined permission sets.
Granular permissions
Access control at individual operation level within each module.
Entity authorization
Contextual permissions that vary based on the entity being operated on.
Access auditing
Complete log of every action with user, timestamp, entity, and result.
Multi-tenant isolation
Strict data and permission separation between platform tenants.
API Key management
API key creation, rotation, and revocation with associated permissions.
Access control built for multi-entity acquiring operations
Granular security for enterprise operations.