Skip to main content
Xoxoday Loyalife supports role-based access control (RBAC) and segregation of duties (SoD) policies, giving administrators precise control over which users can view, configure, or approve actions within the platform.
Xoxoday Loyalife provides granular role-based access control that governs what each user can see and do across the platform. Administrators define roles aligned to job functions—such as program manager, finance approver, HR administrator, or read-only auditor—and assign permissions at the module, feature, and data level. This ensures that users in operational roles cannot access sensitive configurations, and that reporting-only users cannot trigger transactional actions. Segregation of duties is a native capability within Xoxoday Loyalife, not an add-on. SoD policies separate conflicting responsibilities across distinct roles so that no single user holds end-to-end control over a critical process. For example, the individual who configures a points accrual rule is prevented from being the same individual who approves the budget allocation tied to that rule. Xoxoday Loyalife enforces this through dual-approval workflows that require a second authorized user to complete high-impact actions. This architecture integrates cleanly with enterprise HR platforms. When Xoxoday Loyalife is connected to Workday, SAP SuccessFactors, or Darwinbox, organizational hierarchies and job-function data sync directly into the platform. Role assignments map to these imported structures automatically, reducing manual provisioning overhead and closing the gap between HR records and active system permissions. SoD controls directly support compliance postures under ISO 27001 and SOC 2 Type II. Both frameworks require demonstrable evidence that sensitive operations—such as modifying redemption rules, approving large reward budgets, or accessing personal user data—cannot be completed by a single unreviewed actor. Xoxoday Loyalife logs every access event, configuration change, and approval step in a tamper-evident audit trail, giving your compliance and security teams the documentation they need during certification reviews. For organizations that manage identity through SSO providers surfaced in MS Teams or Slack, Xoxoday Loyalife aligns access policies with identity provider groups. When a user’s role changes in your directory, their Loyalife permissions update in step, keeping governance consistent across your technology stack and eliminating the privilege drift that accumulates over time in manually managed systems. Learn more: Xoxoday Loyalife Help Centre — Security

Audit Logs and Access Event Tracking

Understand how Xoxoday Loyalife records every user action and configuration change for compliance and forensic review.

SSO and Identity Provider Integration

Learn how Xoxoday Loyalife connects with your identity provider to centralise authentication and enforce access policies.

Compliance Certifications

Explore how Xoxoday Loyalife’s security controls support ISO 27001 and SOC 2 Type II certification requirements.

Data Access and Privacy Controls

See how Xoxoday Loyalife restricts access to personal and sensitive data based on role and operational need.