Trust and operational assurances

Trust & Assurance

Controls first, automation second

Delegated email is not just about handling more messages. It is about preventing bad actions before they happen, while still keeping work moving.

If you are starting today, pick one path: copy the Gent inbox address into To/CC on a current thread, or use a scoped API token for direct integration. Inbound is active immediately; send/reply actions stay draft/review-only right now.

What we protect against

Trust pipeline

01 Verify

Identity checks validate domain ownership and sender intent.

02 Authorize

Scope and policy gating ensure each action has permission.

03 Review

Approval gates pause sensitive responses before any outbound action is released.

04 Record

Event and action logs capture who, what, and why.

Unauthorized actions

Scoped tokens, explicit permissions, and endpoint-level controls prevent agents from doing work outside the inbox intent.

Unwanted replies

Approval gates and action policies let teams block, pause, or require human sign-off on critical responses.

Lost context

Cross-touchpoint records track message state, events, and action history for replay and audit.

Configuration drift

Explicit controls over tokens, scopes, and webhooks keep operational behavior predictable over time.

Operational assurances

Access and identity

Workspace admin control, token rotation, and session-aware actions reduce privilege exposure in production flows.

Governance

Approval workflows are first-class: define exactly what routes, labels, domains, or actions require review.

Retention and traceability

Action logs and records are available for troubleshooting, issue resolution, and audit workflows.

Start safely

If your use case changes, you can start with stricter policies and progressively widen permissions as confidence grows. The default position is not “faster at any cost”; it is “faster where it is safe.”

Read onboarding and safety FAQ