GCCAPCold chain. Clear evidence. Confidence.

Internal GCCAP operating surface

This page is retained behind the public client website.

GCCAP does not delete operating records, trial packs, hardware activation surfaces or evidence automation layers. They are preserved for authorised client portal, command-centre and internal operating use while the public website stays clean for airline first impressions.

Open portal access

Internal GCCAP surface

Harden identity before GCCAP moves from pilot users to enterprise clients.

Internal system phase creates the identity control layer needed before GCCAP can safely onboard external airline and caterer users at scale. It defines the migration path from pilot passwords and admin tokens toward managed identity, MFA, SSO, hardened sessions, user lifecycle controls and access reviews.

Return to public platform Open portal access

StatusInternal / restricted surface. Not part of the public client walkthrough.

GCCAP
Sensor
Gateway
Evidence
Watchdog
Journey intelligenceRepresentative demo
IdentityMFA + SSO foundation
Accesstenant roles + reviews
Boundarypilot now, production gated

Operational layer

What Build 17 controls

The identity foundation does not pretend GCCAP has final enterprise identity already connected. It creates the control plane that decides when GCCAP can move from local pilot access to production MFA and SSO.

Identity provider register

Tracks local pilot identity, future OIDC provider and enterprise client SSO paths.

MFA requirements

Defines which users must have MFA before external or production use.

Session hardening

Defines HTTPS-only cookie sessions, idle timeouts, revocation, audit and session secret requirements.

User lifecycle and role matrix

Defines creation, role changes, disablement, quarterly reviews and least-privilege role boundaries.

Decision clarity

Pilot identity vs production identity

Build 17 keeps the distinction explicit so GCCAP does not mistake local test access for enterprise-grade identity.

Admin accessToken and policy readiness checks
Client accessTenant-scoped portal users
SessionsPilot sessions and revocation concept
RolesLeast-privilege role matrix
External onboardingReadiness blockers visible