For IT, platform & security teams

Your people already publish what AI builds. The only question is whether you govern it.

AI now writes the reports, dashboards, and briefings your teams share every day. Without a governed target, that output lands in chat windows, screenshots, and unmanaged servers — outside SSO, outside audit, outside your control. publishwith.ai is the governed publishing layer: single sign-on, per-artifact access control, a full audit trail, EU data residency, and revocable sharing, applied the moment your AI hits publish.

Review the controls Talk to us

SSO / OIDC · per-artifact ACL · audit log with CSV export · hosted in Germany. Free during open beta.

publishwith.ai / governance Tenant policy
Single sign-on enforced
OIDC · Azure AD, Okta, Google, Keycloak
Per-artifact access control
Owners, editors, viewers by user or group
Data residency: Germany (EU)
No data leaves European infrastructure
13:42Claude Codepublished v12
13:43Accessfinance-team · viewer
13:44AuditCSV export ready

Right now, AI output leaves your teams two bad options.

Neither is governed. Both create risk you inherit. This is the false choice publishwith.ai removes.

Rebuild it by hand.

Slow, and it defeats the reason they reached for AI. So most people don't. They take the shortcut instead.

Dump it on a server you don't control.

A static host, a personal cloud account, a link pasted into Slack. Fast, but no SSO, no access control, no audit, no revocation. This is shadow AI distribution, and you own the consequences.

The third path: publish into governance.

publishwith.ai gives the agent a controlled publishing target. The artifact is authenticated, access-controlled, versioned, and audited from version one, with none of the manual work.

The controls your security review asks for.

Governance is not a setting you switch on later. It is the publish path itself.

Single sign-on (OIDC)

Plug into Azure AD, Okta, Google Workspace, Keycloak, and other identity providers. Per-tenant configuration.

Per-artifact ACL

Grant owner, editor, or viewer access by individual user or group. Access is enforced on every request, including share links.

Audit log with CSV export

Who published what, when, with which version, and who accessed it. Filter by artifact, user, event, or time. Export as CSV.

Access-aware search

Full-text search across published content returns only what each user is permitted to see. Results are filtered by per-artifact ACL, so search never becomes a data-leak path.

Revocable share links

External sharing is opt-in, uses high-entropy random tokens, optionally time-limited, and revocable at any time. No standing bearer credentials.

Tenant isolation

Each tenant is isolated end to end: data, auth configuration, and user management. No cross-tenant data path.

EU data residency

Workspaces, databases, share links, and audit logs are hosted in Germany on EU infrastructure. Data does not leave the EU.

Encryption at rest

Published artifact files are encrypted with AES-256-GCM and per-artifact keys. Databases rely on encrypted disk and volume controls in production.

Account lifecycle

Inactive free accounts are deleted after 30 days. Paid workspaces stay active while the subscription is current. You remain the data controller.

Evidence you can hand to an auditor.

Every publish and every access is recorded, attributed, and exportable.

1

Who published what

Each artifact version is attributed to an identity and timestamped. Five versions retained per artifact.

2

Who accessed it

Authenticated views and share-link access are logged. Owners review access events without exposing viewer PII.

3

Retained by tier

Audit log retention is 7 days on Free, 30 days on Team, and 1 year on Enterprise. Auto-pruned.

Engineered for trust, not just configured for it.

How the platform is built. These are not the headline. They are the reasons the headline holds up under review.

Declarative, not arbitrary code

Artifacts are defined by manifests and named SQL queries, not executable code. There is no arbitrary code execution path for an agent to abuse.

Per-artifact database isolation

Each artifact gets its own isolated SQLite database. A fault in one artifact cannot reach another tenant's data. Blast radius is a single artifact.

Guarded SQL

Destructive operations require an explicit confirmation token. An agent cannot drop a table on a stray instruction.

Minimal MCP surface

A single, schema-constrained MCP tool with action dispatch. One audited entry point instead of a sprawling API to secure.

Hashed, revocable links

Public share links use high-entropy random tokens, stored only as SHA-256 hashes. A leaked database exposes no usable link, and any link is revocable at any time.

Defense-in-depth rendering

Published HTML is served under a strict Content-Security-Policy as the primary protection against injected content.

What we claim, and what we don't.

A governance vendor that overstates its controls is a liability. Here is the precise scope.

Encryption at rest, scoped honestly

Artifact files are encrypted with AES-256-GCM and per-artifact keys. Databases and backups rely on encrypted disk and volume controls in production, not application-level encryption. We say so plainly.

Audit evidence, not a compliance badge

We give you the audit trail and export that GDPR and emerging AI oversight expect. We do not claim a certified compliance mapping. The evidence is yours to use inside your framework.

Data minimization by default

Leak-detection records viewer IP and User-Agent to flag exfiltration. That personal data is deleted automatically after 30 days. The platform is in open beta and free during beta, with advance notice before billing begins.

Bring AI publishing inside your perimeter.

Give your teams the speed of AI output with the controls your organization already runs on.

Start free in open beta Talk to us