Security

Passwords are hashed. Sessions use secure cookies. We recommend strong passwords and protecting your login credentials.

API keys are stored encrypted. Keys can be scoped with permissions, rotated, and revoked from your dashboard. Never expose production keys in client-side code.

Delivery webhooks can be signed with HMAC so you can verify authenticity before processing events in your systems.

We apply rate limits, monitoring, and audit logs to detect abuse and protect platform stability.

Report security concerns to support@tecunitgh.com. We investigate credible reports promptly.