Security

Security controls for your reef data

Practical controls already built into Coralynx — no compliance theater.

Get started Features

TOTP two-factor authentication

Protect accounts with authenticator-app codes for an added layer beyond email and password.

Role-based permissions

Use owner, admin, member, and viewer roles to limit what collaborators can see or change.

Verified email access

New accounts must verify email before entering the app, and invitations are tied to intended recipients.

Reef separation

Records are scoped to your reef so personal tanks and shared / team reefs stay isolated.

Configurable image storage

Use local filesystem storage in development and S3-compatible object storage in production.

Import and portability foundations

CSV workflows reduce spreadsheet lock-in and keep a clean path for moving operational data.

Production-ready by design

The deployment model is built for a single Next.js service with host-based routing, PostgreSQL, Prisma migrations, and environment-driven integrations.

Host split

Marketing and app routes share one deployment while host rewrites keep each experience separated.

Auth foundation

Credentials, social providers, email verification, invitations, and 2FA are handled in the app host.

Storage adapters

Environment selection supports development storage and S3-compatible production object storage.

Database migrations

Prisma migrations and seed flows keep schema changes explicit across local and production environments.