Microsoft Entra SSO
Sign in with Entra ID; refresh-token rotation with replay detection. Per-tenant RBAC across dev, admin and platform roles.
Enterprise
Single sign-on, recorded approvals, non-bypass.
Forge is built for teams whose releases face an auditor. Entra SSO, tenant-scoped registries, and a four-layer non-bypass guarantee that no single credential can defeat.
Enterprise
Controls that survive an audit.
Tenant-scoped registries
Every audit and release is scoped by client_id. Per-client policy floors layer on top of the framework — stricter, never weaker.
Recorded approvals
Admin-only sign-off with an append-only audit trail. The push-service polls and ships only after approved=true.
Non-bypass by design
No --force flag, anywhere. The verdict is the gate, and the gate is enforced on four independent layers.
Non-bypass guarantee
Four layers. No single credential ships code.
- 1
Agent refuses
Forge will not release without a fresh GO verdict on the same SHA.
- 2
Admin approves
A human admin signs off in-app; the approval is recorded, tenant-scoped.
- 3
Push-service ships
A separate service performs the push with its own scoped deploy key.
- 4
Git host rejects
Server-side push rules reject a push from any other identity.
Bring your compliance team.
We'll walk through the non-bypass guarantee and how Forge evidence maps to your control framework.