Security And Data Handling

Dashboard APIs use authenticated user sessions, workspace-aware client records, and superuser-only gates for operator analytics.

Public automation uses client API keys. API keys are intended to be shown once, stored hashed, scoped to the owning client, and revocable from the dashboard.

Plans define API availability, rate limits, monthly quotas, style analysis limits, and webhook access from a shared plan source.

The API gateway records quota rejections and threshold events so support can investigate usage disputes without silently accepting over-limit work.

Webhook deliveries are signed, tracked, retried with delivery records, and exposed to customers for operational visibility.

Receivers should validate signatures, enforce idempotency, and treat webhook payloads as untrusted input until verified by the receiving system.

Production secrets such as Stripe keys, webhook secrets, API provider keys, database credentials, and CMS credentials must be supplied through deployment environment variables or secret stores.

Docker Compose profiles separate development, smoke, E2E, monitoring, WordPress smoke, and production validation paths so release evidence can be reproduced without host-local tooling.

The product records jobs, webhook deliveries, product events, revenue KPIs, support KPIs, and integration failures for launch review and incident triage.

Support runbooks require Docker-based reproduction before code or data changes, and incidents touching payments, privacy, security, or account ownership require escalation.

This security page describes implemented product controls and release gates. Formal security review, procurement questionnaires, DPAs, and enterprise SLAs are contract-dependent until separately reviewed.