The AI-native low-code platform built for

air-gapped, zero-trust enterprise deployments

The  AI-native low-code platform built for

air-gapped, zero-trust enterprise deployments

While legacy platforms require constant internet connectivity and offer limited security controls and retrofitted AI copilots, ToolJet delivers true AI-native platform with enterprise-grade security.

Talk to our product experts
G2 High Performer
4.9/5 ⭐⭐⭐⭐⭐
36,558 Stars
on GitHub
Enterprise Ready
SOC2 · GDPR · ISO · Self-hosted
Case Study
Case Study
Case Study

Enterprise-grade security and compliance

ToolJet follows global standards including GDPR, SOC 2, and ISO 27001 to keep your data secure. It offers SSO, RBAC, encryption, and audit logs so teams can build safely with full IT control.

Access control and identity

Keep access tight and traceable across every workspace, app, and page.

RBAC and granular permissions

Uses built-in or custom roles with app-level and page-level controls. Scopes access for datasources and secrets.

Versioning and releases

Syncs with Git branches and PR workflows. Moves apps from dev to staging to production with approval gates before publishing.

Directory and policy controls

Applies password and session policies via IdP, enforces workspace-level SSO, and manages custom terms and audit acceptance.

Single Sign-On (SSO)

Supports SAML 2.0, OpenID Connect, and OAuth2 with providers like Okta, Azure AD, Google Workspace, Auth0, Ping, and Keycloak. Enforce SSO-only logins, enable MFA via IdP, and apply session policies.

SCIM and group sync

Automates user lifecycle management with group-based role mapping and just-in-time (JIT) provisioning.

LDAP / Active directory

Integrates with enterprise directories, syncs roles automatically, and maps groups to ToolJet roles for consistent access.

Compliance and assurance

Operate with the certifications and controls your auditors expect.
Built for enterprise trust
  • SOC 2 Type II controls
  • ISO 27001 alignment
  • GDPR-ready data protection
  • Regular third-party penetration testing
  • Encryption in transit (TLS 1.2+/1.3) and at rest
  • DPA and data residency commitments
  • Vulnerability management (SLAs for CVEs)
  • Audit log retention windows & export to SIEM
Security and procurement pack
We provide a consolidated bundle for enterprise review (under NDA):
  • Pen-test summaries and remediation
  • Security policies and controls overview
  • Architecture and data-flow diagrams
  • Business continuity and incident response
Request the pack
View security docs

Deployment options

Choose how you deploy ToolJet - from fully managed SaaS to air-gapped environments.

ToolJet cloud
Fully managed SaaS offering hosted and operated by ToolJet, Automatic updates, security patching, and scaling included, Ideal for teams that want zero operational overhead.
Managed hosting
ToolJet sets up and maintains deployments in your chosen cloud provider and region, We manage upgrades, patches, and monitoring under your security policies, Supports AWS, Azure, GCP, OpenShift, and private cloud environments.
Air-gapped self-hosting
Deploy ToolJet in fully isolated networks - no outbound internet required, Supported setups include ECS, EKS, AKS, Cloud Run, Kubernetes, and Docker, Perfect for regulated industries needing complete data control.
Marketplace availability
Available directly on AWS Marketplace and Azure Marketplace, Procure using your existing enterprise billing and compliance workflows, Verified listings ensure faster vendor onboarding and security validation.
Built for uptime and control
ToolJet deployments support high availability, zero-downtime upgrades, and secure integration with your existing infrastructure - from private VPCs to Kubernetes clusters.

Modern & AI-native alternative to legacy low-code platforms

ToolJet delivers the speed of low-code with the governance, compliance, and deployment flexibility enterprises expect - reimagined for the AI era with self-hosting, air-gapped deployments, and bring-your-own LLMs.
Book a demo

Data and secrets protection

Secrets and identity management
  • Least-privilege connections to DBs and APIs
  • Secrets management for credentials and env vars
  • Rotation policies and short-lived tokens
  • Field-level masking and log redaction where applicable
Network and runtime security
  • TLS everywhere; HSTS and modern ciphers
  • IP allowlisting and workspace-level network rules
  • Optional private networking and egress controls
  • Container isolation and signed images

Auditability and monitoring

Prove who did what, when and why.

Audit logs
  • Auth, config, deploys, and data events
  • User, timestamp, and change details
Release history
  • Version lineage and approver identity
  • Rollback to known-good versions
Observability
  • SIEM integrations(Splunk, Datadog, Elastic)
  • API access logs and session tracking

Enterprise Operations

Enterprise-grade reliability
  • High Availability (HA) and Disaster Recovery (DR) patterns
  • Backups/restore with clear RPO/RTO guidance
  • Multi-workspace management for large orgs
  • Branding and white-label options
SLAs and support
  • Custom SLAs and named support
  • 24×7 incident response
  • Optional private networking and egress controls
  • Enterprise onboarding and success playbooks

Frequently asked questions

1. Does ToolJet support fully offline, air-gapped installs?
2. Can we enforce SSO-only access and MFA?
3. How are secrets stored?
4. Do you have pen-test reports and security documentation?
AI-powered apps, built with AI
Product
Competitors
Services & support
Integration
Platform
Company
Learn
Explore
Office address
ToolJet Solutions Inc 1160 Battery St, Suite 100, San Francisco, California, 94111
Contact us
hello@tooljet.com
support@tooljet.com
Copyright © 2025 ToolJet Solutions Inc. All rights reserved.
Privacy Policy
Terms of Service
AI-powered apps,
built with AI
Product
App builder
ToolJet Database
Agent builder
Competitors
Retool
Appsmith
Superblocks
DronaHQ
Services & support
Partners
Professional service
Compliance
Integration
Open AI
Anthropic
Mistral
Weaviate DB
Hugging Face
Gemini
Platform
Development lifecycle
Built-in security
Authentication & authorization
Company
About us
Careers
Events
Learn
Documentation
Academy
Explore
Blogs
Customer success stories
Slack Community
Office address
ToolJet Solutions Inc, 1160 Battery St, Suite 100, San Francisco, California, 94111
Contact us
hello@tooljet.com
support@tooljet.com
Copyright © 2025 ToolJet Solutions Inc. All rights reserved.
Privacy Policy
Terms of Service