Security Features Your Security Team Will Love
This title could be clearer and more informative.Try out Clickbait Shieldfor free (5 uses left this month).
Railway has shipped a suite of enterprise security features over the past six months. Key additions include workspace-wide 2FA enforcement, enterprise SSO via SAML 2.0 (Okta, Azure AD, Google Workspace, etc.), three-tier role-based access control (Admin, Member, Deployer), OAuth 2.0/OIDC-based 'Login with Railway' for third-party integrations, comprehensive audit logs exportable via API, automatic Docker image patching with configurable maintenance windows, and a Trust Center at trust.railway.com hosting SOC 2 Type II reports, pen test results, DPA, and subprocessor lists. BAAs for HIPAA and EU DORA documentation are available on enterprise plans.
Table of contents
Table of ContentsFirst: lock the front doorThen: scope what people can actually doUse “Login with Railway” over TokensNow: see everything that happensUnder the hood: keep your images patchedFinally: prove it to the auditorThe conversation should be easier nowSort: