Who you are
- Token-based, OAuth-style authentication for every API call
- Short-lived, signed access tokens, limited blast radius if leaked
- Support for enterprise identity (SSO) in managed and private deployments
A trading platform holds a firm’s positions, prices, and counterparties, among its most sensitive data. Gravitas is built so that authentication, authorization, encryption, and a complete audit trail are properties of the platform, not features added later.
Every material change, to trades, reference data, and configuration, passes through a governed control plane that validates, versions, and records it. That is what makes the platform auditable and reproducible as-of any point in time.
New commodities, workflows, and reports are configuration on top of a governed core, change stays fast and low-risk.
Because every change flows through the control plane, Gravitas produces a complete audit trail by construction, every material action is attributable to a user and reproducible as-of any point in time. This is the foundation for regulatory reporting and internal governance alike.
The same platform runs as managed SaaS, in your private cloud, or fully on-premises, so security and residency requirements shape the deployment, not the feature set.
Gravitas deploys where your data needs to live, fully managed SaaS, your private cloud, or entirely on-premises.
Depending on deployment, in a managed environment, your own private cloud tenancy, or on-premises. Private-cloud and on-premises options give you direct control over data residency.
Through token-based authentication and role-based authorization scoped to least privilege. The same model governs both the UI and the API.
Yes. Every material change passes through a governed control plane that versions and records it, producing a complete, queryable audit trail that is reproducible as-of any date.
The governed data model and audit trail are designed to support regulatory reporting (such as EMIR and Dodd-Frank). A demo is the best way to map specifics to your obligations.
We’ll walk your security and compliance teams through the architecture, deployment options, and controls.