Security and compliance
Apian Labs Relay is built with security-focused controls around API keys, webhooks, and message metadata. This page outlines the baseline protections and how to request additional assurance.
API key safety
Store API keys in a secure secret manager and rotate them on a regular cadence. Apian Labs Relay keys are scoped to a workspace so you can limit blast radius for each environment.
Webhook integrity
Apian Labs Relay signs webhook payloads using timestamped signatures to prevent tampering. Always verify signatures before processing events in production.
Data handling
Apian Labs Relay stores message metadata and trace artifacts needed to explain routing decisions. If you have data retention or privacy requirements, contact Apian Labs for guidance on configuration options.
Compliance posture
Apian Labs can share security documentation and compliance roadmaps on request. If you need a specific certification or vendor assessment, let the team know early in your onboarding process.