Integration Security Overview
Access Control
Fine-grained access control is available for all available features and users’ access to the content.
Shared drive integrations support automatic permission mapping to mirror your organization access and sharing settings within AlphaSense.
We provide APIs for customers to control the access to the documents within AlphaSense.
User Uploads
For trials, files uploaded to AlphaSense are stored during the active trail period and are then removed 30 days after the end of trial.
Files are parsed and scanned for malware before being stored within the cloud project. Any files with detected malware or exceeding our size limits will have an error for upload.
Files uploaded will only be accessible to the user who uploaded them. Users can then opt to share these files with other users within their account through our sharing capability.
✔ Individual File Limit: The maximum file size allowed is 100 MB per file.
✔ Upload Session Limit: There is no cumulative size limit for a batch as long as it does not exceed 100 documents per upload and each document is within the 100 MB individual file limit.
✔ AlphaSense supports a diverse array of file formats, including: .txt, .html, .htm, .pdf, .doc, .docx, .ppt, .pptx, .xls, .xlsx, .msg, .eml, .csv, .xlsb, .xlsm, .one, .tsv, and .ods.
✔ We do not support image, audio, video file types, and any other files outside of the list above for upload.
Integration Security
✔ Integrated documents are encrypted in our secure S3 buckets. We also store metadata to improve retrieval quality.
✔ If a file is deleted or unshared in the source (e.g. Google Drive), it’s also removed from AlphaSense.
✔ You choose exactly which folders and files you want to sync using our Selective Sync feature.
✔ We use industry-standard OAuth 2.0 as the default method for user-level authentication.
✔ AlphaSense provides real-time monitoring of data ingestion, with a live summary of files being synced, skipped, or failed.
✔ Clients can generate detailed reports within AlphaSense to review and audit the ingestion process at any time.
✔ We mirror the source system’s permissions (e.g., Google Drive, SharePoint), so users only see documents they already have access to.
✔ Client admins can further manage content permissions within AlphaSense using individual, shared, and workspace connections.
✔ Clients can disconnect any integration at any time, immediately revoking the access token and stopping all data syncing.
✔ When an integration is removed, all associated data is automatically deleted from our system.
Read More
Content Ingestion
Uploaded files are stored under users My Workspace -> Upload section. Users can delete those files from that section.
For Generative Search, users can delete uploaded files before submitting their first query. Once a query is submitted, the files cannot be deleted directly from the Gen Search session but will be temporarily removed when the session is ended.
Authentication & Authorization
We use OAuth 2.0 as the default method for user-level authentication. For enterprise setups, we support service accounts and delegated access where applicable.
Managing Access
We mirror the source system’s permissions (e.g., Google Drive, SharePoint), so users only see documents they already have access to. This includes RBAC, ACLs, and other native models - ensuring secure, permission-respecting search across your organization.
