AdvisorLevel scales from a solo advisor to a multi-BD enterprise without losing the compliance posture regulators expect. Single-tenant primitives, multi-tenant operations, regulator-ready evidence on day one.
SP-initiated and IdP-initiated flows. Just-in-time user provisioning with attribute mapping. Works with Okta, Azure AD, OneLogin, ADFS, Google Workspace.
Standard /Users + /Groups endpoints with bearer auth. Your IdP creates, updates, and deactivates users automatically when they join or leave a desk.
Define org-specific permission bundles on top of the built-in roles. Inherit from a base, add explicit grants — no waiting on us to ship a role for you.
A user can belong to many orgs (e.g. an OSJ supervisor at multiple BDs). Active org is encoded in the JWT — switch with one click.
Authenticator-app TOTP by default. SMS as a fallback. 10 single-use backup codes for lost-device recovery. Fully self-serve in account settings.
See every browser and device signed into your account. Revoke individually or "sign out all other sessions" from the security panel.
Parent BD compliance officers see review queues, lexicon hits, and messaging volume across every member firm in one console. Single export for FINRA exams: the whole BD's audit trail in one CSV.
One-click regulator-ready PDF of every message, document, note, call, and consent change for a single client. WORM-archived with 7-year retention and SHA-256 fingerprint. Ready for the next 8210 letter.
Run AdvisorLevel under your own domain (compliance.acmecapital.com) with your logo and brand color. CNAME-verified, TLS-terminated, no AdvisorLevel chrome.
Issue scoped API keys per integration with their own request budget. See real-time utilization. Prevent runaway scripts from chewing through your quota.
Subscribe your CRM, data warehouse, or in-house tools to message.sent, review.escalated, consent.granted, and more. Stripe-style signature header — verify with constant-time HMAC.
Client-credentials grant for service-to-service. Long-lived API keys for partner integrations. Both scoped, both auditable, both revocable instantly.
Real-time route timings, error rates, and slow-request log right inside the app. OTel exporter for your existing Datadog/NewRelic.
WORM archive write health, replication state, last full + incremental backup, off-site copy status. One screen, one decision.
SOC 2 Type II in progress. SIG, CAIQ, and pen-test report available under NDA.
Request a security packet →