Loading TxnShield...
Runtime transaction protection
Transaction trust for sensitive SaaS workflows. TxnShield sits after authentication and authorization, then decides whether the current action should proceed, step up, redact, throttle, or stop based on operation, risk, policy, and runtime context.
Your app
1
Your app
A protected action starts
A signed-in user attempts a concrete sensitive operation, such as customer.read_pii, invoice.export, bank_account.update, or payment_transaction.create.
Your backend
2
Your backend
Evaluate before committing
Your trusted server sends operationKey, actor, resource, requestData, session, metadata, and optional challengeResult through the Node SDK or /api/evaluate.
TxnShield
3
TxnShield
Resolve policy and decide
TxnShield resolves the protected operation, assigned reusable policy, and current policy version, scores risk with operation context, and returns allow, allow_redacted, step_up_required, throttle, or deny.
Shared
4
Your app + TxnShield
Enforce and keep evidence
Your app enforces the result before data is changed or returned. TxnShield records the transaction event, decision log, reasons, score, policy version, and challenge or redaction metadata.
Complements your auth stack instead of replacing it.
Keep your identity provider, RBAC, and application permissions. TxnShield adds a transaction-aware control plane for moments where a valid user can still create risk: exports, PII reads, payment changes, permission changes, and approvals.
Operation-aware
Policies target concrete business operations, not brittle route names.
Evidence-first
Every protected transaction creates event and decision evidence.
Production-ready
Usage, plans, alerts, webhooks, roles, and billing state are tenant-scoped.
Controlled rollout
Use development, staging, and production environments with separate keys.