Ask any AI platform how they handle credentials and you will hear some version of the same answer: shared workspace keys. One API key per integration, shared across everyone on the team. The same connection to Salesforce, the same connection to QuickBooks, the same connection to your database.
That is a compliance nightmare.
When 25 employees share one set of credentials, every action is attributed to the same service account. The audit trail shows that "the Salesforce connection" accessed a record, but it does not show which person asked for it, what they were trying to do, or whether they should have had access to that record in the first place.
Shared credentials break auditability
An auditor asks: "Who accessed customer financial data through your AI system last quarter?" With shared credentials, the honest answer is that you do not know. You know the AI accessed the data and you know it went through a shared API key, but you cannot tell which of the 25 people on that workspace initiated the request.
This is not a theoretical problem. SOC 2 requires traceability of data access to individual users, GDPR requires knowing who accessed personal data and why, and HIPAA requires audit trails tied to specific individuals. Shared service account credentials fail all three.
Most AI platforms were designed for small teams experimenting with automation, and shared credentials were fine for that. They are not fine for a company deploying AI across departments where compliance is a requirement.
Per-user isolation is the foundation
In a per-user credential vault, IT provisions API keys centrally and each user gets their own isolated set of credentials. The AI operates with each user's specific permissions. Finance analysts access finance systems with finance credentials, sales reps access CRM with sales credentials, and nobody sees raw keys or shares access.
When someone asks "show me last month's revenue by region," the AI connects to NetSuite using that specific user's credentials. The audit trail shows exactly who asked, what system was accessed, what data was returned, and when. No ambiguity.
When someone leaves the company, their vault is disabled. Their automations stop, their access is revoked, and the audit trail shows exactly when it happened. Clean, immediate, auditable.
Why nobody else built this
Per-user credential vaults are architecturally expensive. Every user needs isolated storage, every API call needs credential injection at runtime, every action needs per-user attribution in the audit log, and the system needs to handle provisioning, rotation, and revocation at the individual level.
Shared workspace credentials are simpler to build. One key per integration, one connection everyone shares. It works for a demo and it works for a prototype, but it does not work for a company that answers to auditors.
We built the vault because governance without per-user traceability is theater. You can log every action, but the logs are meaningless when every action is attributed to the same shared account. Per-user isolation is what makes the audit trail real, and that is the architectural foundation every other feature in Orin is built on.