Security & Compliance
Lynx Compliance - Federated Trust Network
Issue scoped compliance trust grants to external partners — they get a token-based read-only view of your ISMS posture without an Odoo login.
lynx_compliance_federated_trust
· v19.0.2.3.1
· Premium
What this solves
Lynx Compliance - Federated Trust Network
Issue cryptographically sealed compliance attestations to external parties - auditor, customer, prospect, integrator - without giving them an Odoo login or a static PDF that goes stale the day you sign it.
Today every prospect security review ends with you emailing a six-month-old SOC 2 report and a filled-out questionnaire. This module replaces both with a scoped trust grant: an access token that returns a live JSON snapshot of compliance status (framework, coverage, last attestation) sealed with a SHA-256 hash so the recipient can prove it came from you and was not tampered with. Future Lynx releases will let trust chain across tenants.
Key Features
Trust grants - lynx.compliance.trust.grant carries scope (full / framework / profile), audience label, expiry, and state (draft / active / revoked / expired).
Public token endpoint - /compliance/trust/grant/<token> returns a scoped JSON snapshot with hash seal.
Tamper-evident access log - every grant access lands in the hash-chained audit log.
Optional countersigned grants - high-stakes attestations can be linked to a lynx_sign request for legal evidence.
Expiry & revocation - daily cron expires past-due grants; revoke is one click.
Future trust chains - the JSON shape supports transitive grants so partners can publish their own posture under the same protocol.
Integrates With
lynx_compliance - reads framework, profile, and assessment data.
lynx_compliance_audit_log - access events go into the chain.
lynx_compliance_trust_portal - grants surface the same view used by your public trust page.
Try Lynx Compliance - Federated Trust Network on your team.
Free trial, no credit card. Talk to sales when you're ready.