Xoxoday Loyalife provides secure access for approved non-enterprise users — including vendors, partners, and contractors — through a dedicated portal interface governed by granular Role-Based Access Control (RBAC).
Secure Access Beyond Your Enterprise Boundary
Not every user who needs access to your loyalty programme is a full-time employee on your corporate directory. Xoxoday Loyalife recognises this and extends its security model to cover approved non-enterprise users — such as channel partners, agency staff, third-party vendors, and contract workers — without compromising on access governance. Xoxoday Loyalife supports a separate, purpose-built portal that can be provisioned for non-enterprise users. This portal is distinct from the primary enterprise interface, ensuring that external users operate within a clearly bounded environment with only the permissions they are explicitly granted.Role-Based Access Control for External Users
RBAC in Xoxoday Loyalife is applied at a granular level. Administrators can define roles specific to non-enterprise users — for example, a read-only view for a vendor auditing reward redemptions, or a restricted manager role for a channel partner overseeing their own team’s points. Each role maps to precise access scopes: which modules are visible, which data can be exported, and which actions can be performed. Permissions are additive and principle-of-least-privilege by design. A vendor representative logging into the non-enterprise portal cannot access employee PII, internal programme configurations, or cost-centre data belonging to your organisation. This separation is enforced at the data layer, not just the UI layer.Practical Example: Channel Partner Onboarding
Consider a scenario where your organisation runs a channel incentive programme alongside its employee loyalty initiative. Xoxoday Loyalife can provision a dedicated partner portal — with its own branded URL and login flow — where channel partner administrators log in to track their team’s performance, view leaderboards, and manage redemptions. Their RBAC profile grants access only to the partner module; the enterprise rewards catalogue, HR data synced from systems like SAP SuccessFactors or Darwinbox, and internal admin settings remain entirely out of scope. Authentication for the non-enterprise portal can be configured independently. Xoxoday Loyalife supports SSO, MFA, and token-based authentication flows, so non-enterprise users can be verified through your preferred identity provider without being added to your core enterprise directory.Compliance and Audit Readiness
All access events for non-enterprise users are captured in Xoxoday Loyalife’s audit logs, maintaining the same traceability expected under compliance frameworks such as ISO 27001 and SOC 2 Type II. Administrators can review login activity, permission changes, and data access events for external users at any time, giving your security and compliance teams full visibility across both enterprise and non-enterprise access tiers. Role assignments for non-enterprise users can be time-scoped, ensuring that access is automatically revoked or flagged for review when a vendor engagement or contract period ends. Learn more: Xoxoday Loyalife Help Centre — SecuritySSO and Authentication Options
Explore the authentication methods Xoxoday Loyalife supports for enterprise and non-enterprise users, including SSO, MFA, and token-based flows.
Audit Logs and Access Tracking
Learn how Xoxoday Loyalife captures and surfaces audit trails for all user activity, including external and partner portal access.