Workspace isolation
Every request is scoped to a single workspace by Connect, our control plane. Mismatched scope is rejected, and the behaviour is documented in the proof bundle.
Security
Commerce infrastructure
you can audit.
Turaxia is built for enterprise review. Workspaces are isolated, primitives emit typed audit events, and secrets stay under your control.
Today
What is live now.
Typed audit events
Every primitive (Parse, Localize, Price, Route) emits typed events so you can trace each decision end-to-end from the dashboard or the API.
Independent fallback paths
Our retry path runs without third-party provider dependencies, so a degraded upstream does not take your workflow down with it.
Secrets stay in your boundary
API keys are workspace-scoped and managed through Connect. We never ask for your supplier credentials during self-serve onboarding.
Roadmap
Compliance plan.
- Workspace isolationLive
- Audit event coverageLive
- Secrets policy and rotationLive
- Incident response runbookLive
- SOC 2 Type IPlanned
- SOC 2 Type IIPlanned
- ISO 27001Evaluating
Responsible disclosure
Reporting a vulnerability.
Email [email protected] with a description, reproduction steps, and impact assessment. We acknowledge within one business day and welcome good-faith security research that follows our disclosure guidelines.