Session management
- Secure, encrypted session tokens.
- Automatic token expiration.
- Refresh tokens used where applicable.
- Logout invalidates all active sessions.
Multi-device support
Users can sign in on multiple devices, and admins may invalidate sessions if required.
Security controls
OTP requests are rate-limited and sign-in attempts are monitored. All authentication attempts are logged, failed attempts are tracked, and suspicious behavior triggers alerts.
Compliance & privacy
- Authentication data is encrypted in transit.
- OAuth tokens are handled securely.
- No passwords are stored.
- Email addresses are treated as sensitive data.
- Supports compliance with common data protection standards.
Was this helpful, or still need a hand? Contact support — we respond within 1 business day.
← Back to Sign-in & Security
