Security & Permissions

5 min read

Updated May 2026

Wekraft Team

Wekraft uses a robust Role-Based Access Control (RBAC) system to ensure your project data is only accessible to the right people.

Project Visibility

Every project has a visibility setting that determines who can find and join it:

Public: Discoverable via search. Anyone can see the project overview and request to join.
Private: Hidden from search. Users can only join if they have a direct invite link or are added by an Admin.

There are four primary roles within a Wekraft project:

Role	Permissions
Owner	Full control. Can delete the project, manage billing, and transfer ownership.
Admin	Can invite/remove members, update project settings, and manage sprints.
Member	Can create, edit, and complete tasks/issues. Can use Kaya AI (if enabled).
Viewer	Read-only access. Can view tasks, calendars, and heatmaps but cannot make changes.

Action	Viewer	Member	Admin	Owner
View Tasks/Issues	✓	✓	✓	✓
Create/Edit Tasks	—	✓	✓	✓
Start/End Sprints	—	—	✓	✓
Manage Team Members	—	—	✓	✓
Configure Integrations	—	—	✓	✓
Delete Project	—	—	—	✓

Wekraft uses secure OAuth providers (GitHub, Google) for authentication. we never store your passwords.

All data is encrypted at rest and in transit using industry-standard TLS 1.3 and AES-256 encryption.

When you connect a GitHub repository, Wekraft only requests the minimum permissions required to:

We do not store your source code on our servers.

Use the Viewer role for stakeholders who need to stay informed but aren't actively developing.
Limit Admin roles to 1-2 trusted team members to prevent accidental configuration changes.
Review Join Requests regularly in the "Manage Team" tab to ensure only authorized users have access.