Closed account access
Public registration is disabled. During private beta, account creation is restricted by server- and database-enforced policy.
Security & trust
Rillor separates the public site, authenticated application, legal data services, and research runtime. Access and coverage claims are enforced by system policy rather than interface convention.
Public registration is disabled. During private beta, account creation is restricted by server- and database-enforced policy.
The research worker receives only the approved legal-source tools. Personal connectors, cloud credentials, shell access, browser control, and unrelated MCP configuration are not exposed.
Sessions are checked against PostgreSQL and can be revoked immediately. Cookies are HTTP-only, secure on the public HTTPS origin, and host-scoped to the application.
Conversation and research-job access is resolved from the authenticated user and organization inside row-level database policies—not from a client-supplied organization identifier.
The application, queue, worker, and database accept the isolated Codex runtime only. Unsupported provider values are rejected rather than relabeled.
Rillor does not equate a recent fetch with a complete source. It tracks identity, version, missing records, failed hydration, and reconciliation evidence separately.
Current launch posture
Private-beta access follows the same account, email, legal, billing, and entitlement controls as self-service access. A paid account cannot start research until Stripe confirms an active subscription.
Source availability is limited to the collections enabled for the current release. The global, practice-neutral product direction is not a claim that every court, country, or practice area is already connected. Known gaps remain visible and exhaustive-source readiness is withheld until exact reconciliation succeeds.
Rillor is a research system, not a law firm, and its output requires professional review.