Glossary
Quick definitions for the acronyms and industry terms used throughout the Nembl documentation. Each entry includes how the term applies in Nembl specifically.
A
ABAC — Attribute-Based Access Control
A way to grant or deny access based on attributes (tags, properties, context) of the user, the resource, and the request — instead of just static roles. In Nembl, ABAC is layered on top of RBAC: you can write policies like "Allow read on Services where tag = 'PII' only if the user's clearance = 'high'." See Policies & ABAC.
B
B2B — Business-to-Business
A relationship where one company provides services to another company (vs. selling to consumers). Nembl supports B2B through the Service Registry — companies publish public-audience services that connected partner companies can consume.
BPMN — Business Process Model and Notation
The industry-standard graphical notation for modeling business processes — boxes for tasks, diamonds for decisions, arrows for flow. Nembl's workflow builder uses a BPMN-style canvas without requiring you to learn the formal spec.
BYOK — Bring Your Own Key
A model where a customer supplies their own API keys (e.g. Anthropic / OpenAI keys) instead of using the vendor's pooled credentials. Nembl's managed AI agents use BYOK so prompt traffic and billing flow through your own provider account. See BYOK Setup.
I
IAM — Identity and Access Management
The collective system that decides who can do what in a software product — users, groups, roles, permissions, policies, and audit. Nembl's IAM combines RBAC, ABAC, and the RACI responsibility model. See Roles & Permissions.
ISO 9001
An international standard for Quality Management Systems (QMS). It defines requirements for documented processes, audit trails, and continuous improvement. Many SMBs pursue ISO 9001 certification to win larger customer contracts. Nembl's audit trail and process-versioning features map directly to ISO 9001 clauses 7.5 (documented information), 9.1–9.3 (monitoring and review), and 10.2 (nonconformity and corrective action).
L
LLM — Large Language Model
The class of AI model that powers Nembl's agents — Claude (Anthropic), GPT (OpenAI), and others available through Bedrock. LLMs generate text, reason about inputs, and call tools. See AI Agents.
M
MCP — Model Context Protocol
An open protocol (introduced by Anthropic in 2024) for connecting AI assistants to external tools and data sources in a standard way. Nembl exposes an MCP server so that AI assistants you use elsewhere (Claude Desktop, IDE assistants) can read and act on Nembl resources without bespoke integration code. See MCP Server.
MFA — Multi-Factor Authentication
Requiring more than one credential factor (password + a code from an authenticator app, etc.) to sign in. Nembl supports TOTP-based MFA for users on deployments that include it. See Profile Settings → MFA.
O
OAuth — Open Authorization
The standard protocol for letting one application authorize another to act on a user's behalf without sharing the password. Nembl's Connectors use OAuth 2.0 to integrate with vendors like Salesforce, Microsoft Teams, and DocuSign.
R
RACI — Responsible, Accountable, Consulted, Informed
A widely-used responsibility model for assigning ownership of work:
| Letter | Meaning |
|---|---|
| Responsible | Does the work |
| Accountable | Owns the outcome (signs off) |
| Consulted | Provides input before the decision |
| Informed | Notified after the decision |
Nembl uses an extended RACI (adding Approver and Backup) on every workflow phase. See Responsibilities.
RBAC — Role-Based Access Control
Granting permissions through named roles (e.g. admin, inbox-triage-agent, workflow-author) instead of assigning individual permissions to each user. Nembl combines RBAC with ABAC for finer-grained control. See Roles & Permissions.
S
SaaS — Software as a Service
Software delivered over the internet as a subscription, instead of installed locally. Nembl is itself a SaaS product.
SLA — Service Level Agreement
A commitment about response time, uptime, or quality — typically between a service provider and a consumer. In Nembl's B2B mode, you can attach SLA targets to service offerings; missed SLAs are tracked in B2B Analytics and the audit trail.
SMB — Small and Medium-sized Business
The market segment Nembl is built for — companies that need real process automation but don't want enterprise-platform complexity or pricing.
SOC 2 — Service Organization Control 2
A compliance attestation widely required by enterprise customers before they'll buy from a vendor. SOC 2 covers security, availability, processing integrity, confidentiality, and privacy. Audit trails, access controls, and documented processes (all built into Nembl) are core to passing SOC 2.
SSO — Single Sign-On
Signing in once and getting access to multiple applications without re-entering credentials, typically via OIDC or SAML. Plan-Admin and the main Nembl app share an SSO identity on production deployments.
T
TOTP — Time-based One-Time Password
The 6-digit rolling code generated by authenticator apps like 1Password, Authy, or Google Authenticator — used as the second factor in MFA.
V
Vault
A named, encrypted store for sensitive values (API keys, tokens, passwords) scoped to a single company. Vaults are referenced by name from connectors, workflow phase environment variables, and agent BYOK configuration; the stored value is never exposed in logs, audit trails, or API responses. Two permissions split metadata access from value access: secret:read (see name, tags, last-rotated) and secret:reveal (see the decrypted value). See Creating & Managing Vaults.