Authentication & Security
Audience:
Technical Teams
Overview
Pruuvn® integrations use secure authentication and request validation to protect sensitive data and prevent unauthorized access.
Key Security Principles
- HTTPS required for all API and webhook endpoints
- Authenticated API requests only
- Signature verification for webhooks
- Least-privilege access recommended
Authorization Tokens
Some integrations may include an Authorization Token header for additional endpoint protection.
Signature Keys
Webhooks use HMAC SHA-256 signatures to verify request authenticity.
Best Practices
- Never expose credentials client-side
- Rotate credentials regularly
- Validate all incoming requests
Powered by