Tenancy & isolation
Every request acts within one tenant, and data never crosses tenant boundaries.
Datasets & schema
Datasets hold your records and expose a queryable schema and readiness state.
Search model
One envelope spanning text, SQL, and semantic search.
Handles & cursors
Page, export, and re-run queries from a handle instead of copying results.
Views
Save a query or freeze a result set for repeatable analysis.
Provenance
Trace every result back to the source object and line it came from.
Roles at a glance
Access within a tenant is role-based. The same tenant header selects the workspace; the token’s role within that workspace decides what it can do.| Plane | Who | What they can do |
|---|---|---|
| Member | Any tenant member | Read and query: search, list datasets and runs, read schemas, create and read views, run exports, upload to a source. |
| Admin | Tenant admins | Everything members can, plus create, change, and delete data: sources, connectors, detections, datasets, ingest tokens, reindex and DLQ operations. |
| Staff | Splendor employees | A separate platform plane (for example, workspace provisioning) that is not part of the customer API. |