Hard tenant isolation
PostgreSQL row-level security enforces client separation at the storage engine. A misconfigured query can’t leak data across tenants — the database physically refuses.
Beta · Onboarding partner MSPs
IT asset management built for MSPs.
One platform to track every asset, credential, and service request across every client — with strict tenant isolation enforced at the database layer, not just the application code.
Why MSPs choose Synthera
ITAM tools were built for one company. Synthera was built for many.
Most asset management platforms assume one organization, one identity provider, one credential store. MSPs run dozens of clients in parallel — with overlapping technicians, separate billing, and audit requirements that vary per customer.
Encrypted credential vault
AES-256-GCM encryption with per-tenant access policies. Customer credentials are never stored in plaintext — not in your database, not in your backups, not in your logs.
Granular role-based access
Seven built-in roles plus per-membership grant/deny overrides. Your senior tech sees everything; the helpdesk contractor sees only the tickets they’re assigned. No bolt-on plugins.
Asset discovery agent
A lightweight .NET 8 collector walks your clients’ Windows endpoints and reports inventory automatically — signed, tenant-scoped, and idempotent.
Onboarding & offboarding workflows
Reusable equipment packages and templated work orders turn every new-hire and termination into a tracked, auditable process — not an email chain.
Floor plan builder
Drop assets onto uploaded site plans with drag-and-drop, draw walls and zones, and let technicians find the right server in the right rack the first time.
Built for the way MSPs actually work.
Most ITAM tools assume one company. Yours doesn’t. Synthera was designed from day one around dozens of clients, overlapping technician pools, separate credential vaults, and audit trails you can hand to a regulator without flinching.
Apply for beta access
Common questions
Quick answers
Who is Synthera ITAM for?
Managed service providers, internal IT teams supporting multiple business units, and any operation that needs strict isolation between distinct customer or organizational data sets while keeping a single pane of glass for technicians.
Is it really in beta?
Yes. We’re actively onboarding a small group of MSP partners ahead of general availability. Beta partners help shape the roadmap and get locked-in pricing once we exit beta.
How is tenant data kept separate?
Every tenant-scoped table has PostgreSQL row-level security policies that filter on a session-local tenant ID. The application sets that ID per request based on the authenticated user’s active membership, and the database refuses to return rows that don’t match. It’s defense in depth at the storage layer.
Can I bring my own credentials store?
The credential vault is integrated. Per-tenant access policies, AES-256-GCM at rest, and full audit trails on every read and write. We don’t require you to wire up an external password manager — though we expose webhooks and APIs if you want to.
What integrations are available?
Outbound HMAC-signed webhooks, a per-tenant REST API with scoped API keys, and a .NET 8 Windows agent for automated discovery. We’re prioritizing additional integrations based on beta partner feedback.
How much will it cost?
We’re working with our beta partners to set fair, value-based pricing before we open up generally. Beta partners get free access during the beta period and locked-in pricing after. More on pricing →