Skip to main content
QLane is built for engineering teams from day one. SSO, role-based access, and audit logs are available on every paid plan.

Roles

RoleCan do
AdminManage members, billing, projects, environments, integrations. Delete the organization.
MemberCreate and edit projects and test cases. Run sessions. Cannot manage billing or members.
ViewerRead-only. View projects, sessions, and reports.
There must be at least one admin at all times.

Inviting teammates

From Settings → Members:
  1. Click Invite member.
  2. Enter the email and pick a role.
  3. Send.
The recipient gets a sign-in link. If your org uses SSO, they sign in through your identity provider; otherwise, they sign in with their email.

Single sign-on (SSO)

On paid plans, you can require SSO for everyone in your organization. From Settings → Authentication:
  1. Pick your identity provider — Google Workspace, Okta, Microsoft Entra, and any SAML 2.0 IdP are supported.
  2. Follow the configuration wizard.
  3. Verify your domains. Once verified, users at those domains are routed through your IdP automatically.
Just-in-time provisioning creates users on first sign-in. Directory Sync (SCIM) keeps your member list in lockstep with your IdP — when someone leaves the company, their QLane access is revoked automatically.

Audit logs

Every meaningful action — sign-ins, role changes, test case edits, environment updates, integration changes — is recorded with the actor, timestamp, and the change made. Available on Pro plans and above under Settings → Audit log, with optional streaming to your SIEM.

Secrets

Secrets you store on environments (database URLs, API keys, test credentials) are encrypted at rest. They’re decrypted into the sandbox at session time and never appear in agent transcripts or stored logs. Redaction is applied to every captured screenshot before storage.

SOC 2

QLane is on a SOC 2 path. Security review documents are available on request from the Security page or by emailing support@qlane.ai.