Security
Security protects AeThex users, integrations, communities, and infrastructure.
Core Principles
- Least privilege
- Scoped access
- Server-side verification
- Secret rotation
- Auditability
- User control
- Safe defaults
Developer Rules
- Keep API keys out of clients.
- Validate webhooks.
- Use HTTPS.
- Store minimal user data.
- Log security events.
- Rotate secrets after exposure.
Reporting Security Issues
Use the support/security channel through Support. Include enough detail to reproduce the issue safely.