Encryption · Isolation · Secure APIs

Security at APIndicators

Your data, API keys, and ML datasets are protected with industry-standard encryption and infrastructure best practices.

Our Security Principles

Strong Encryption

All API communication is encrypted in transit (HTTPS/TLS 1.2+) and sensitive data is encrypted at rest.

Secure Authentication

API Keys use Bearer authentication with strict validation, rotation support, and revocation controls.

Data Isolation

Customer datasets, API usage logs, and ML features are fully isolated between accounts.

Redundant Infrastructure

Hosted on AWS with failover, redundant storage, and multi-AZ backups.

API Key Security

How API Keys are Protected

Encrypted Storage

API Keys are stored encrypted using industry-standard hashing and encryption mechanisms. Keys are never shown again after creation.

Key Rotation

You can create, disable, and delete keys at any time. Rotation is recommended every 90 days.

Least-Privilege Principle

Each key is tied to a specific plan and rate limit. If compromised, the impact is contained.

Best Practices

Security Recommendations

Never embed API Keys in client-side JavaScript

Store keys in environment variables or secret managers

Regenerate a key immediately if you suspect compromise

Use separate keys for staging/production environments

API Security

Protection at Every Layer

TLS 1.2+

Bearer Auth

All API endpoints require Authorization header

100%

Input Validation

All parameters are strictly validated

Smart

Rate Limiting

Requests limited per plan tier

Active

DDOS Protection

Cloud-level traffic filtering

Have a security question?

Contact us for responsible disclosure or security inquiries.

Get in Touch