# Security and Permissions ## What this is This page explains how to think about access, scope, and governance for Hookshot in a company setting. ## When to use it Use it when connecting apps, preparing for rollout, or reviewing risk with technical stakeholders. ## What you need first * A proposed workflow * At least one integration you plan to connect ## Steps ### 1. Use least privilege Connect only the integrations you need and keep the boundary as narrow as practical. Examples: * One team instead of every team * One repo instead of every repo * One channel instead of every channel ### 2. Separate trigger access from tool access Ask two different questions: * What should be allowed to start this Protege? * What should the Protege be allowed to do? Review both before launch. A healthy integration connection does not prove that the trigger path and action path are both correct. ### 3. Choose the right connection scope Use team-scoped connections for shared production workflows. Use personal connections only when the Protege needs one person's account context. For chat surfaces, confirm the team-level chat configuration and the exact channels, projects, or portfolios Hookshot should monitor. ### 4. Make ownership visible Before rollout, confirm: * Which team owns the Protege * Who can change integrations * Who is responsible for Audit review when something goes wrong ### 5. Pair security with observability The safer workflow is the one you can quickly inspect: * Event Feed shows the incoming signal * Audit shows the resulting action {% hint style="info" %} **Engineer note:** For company automations, good governance usually means narrow scope, clear ownership, and a reliable rollback path more than it means maximum complexity in the first version. {% endhint %} ## How to verify * Connected integrations are limited to the intended workflow * Trigger Access and Tool Access match the business need * The owning team can inspect Event Feed and Audit * Admin-only workspace actions are limited to the people who should manage workspace settings and credentials ## Common failures * Overscoped integrations * Shared ownership with no clear reviewer * Treating a successful connection as a completed security review * Using a personal connection for a workflow that should belong to a team ## Next step * [Quickstart for automation engineers](/overview/quickstart-engineer.md) * [Safe rollout](/event-feed/safe-rollout.md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.tryprotege.com/workspace-settings/security-and-permissions.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.