> ## Documentation Index
> Fetch the complete documentation index at: https://docs.apollospace.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Security

> How Apollo Space protects your data, credentials, and operations — auth model, encryption, audit trail, and incident response.

An agent drafts a follow-up, resolves your WhatsApp credential, and sends
the message — in a few seconds, while you're in a meeting. For that to be
safe, every step has to be authenticated, scoped to your organization, and
written to a log you can read back later.

That's what this page covers: the auth model, encryption, audit trail, and
incident response sitting underneath every action an agent takes on your
behalf. The work leaves your plate; the accountability stays on the record.

## Principles

Security at Apollo Space follows three principles:

<CardGroup cols={3}>
  <Card title="Defense in depth" icon="layer-group">
    Multiple independent layers — if one fails, the next one still holds.
    We don't rely on **a single** line of defense.
  </Card>

  <Card title="Auditable" icon="clipboard-list">
    Every access, every change, every billable call generates an
    append-only log. You (and external auditors) can reconstruct any event.
  </Card>

  <Card title="No sensitive data in transit" icon="lock">
    Third-party credentials, payment data, secrets — all stored encrypted.
    Apollo Space only decrypts at the moment and in the context where it's
    needed.
  </Card>
</CardGroup>

## Authentication and authorization

<AccordionGroup>
  <Accordion title="Authentication — how login works" icon="key">
    * **Cognito** (AWS) as the identity provider — federated with Google,
      email/password + optional MFA
    * Tokens with **short expiration** (id-token expires in hours; refresh
      expires in days)
    * Sessions in one org are isolated from sessions in other orgs (login
      carries no cross-org context)
    * **MFA strongly recommended** for all Owners + Admins
  </Accordion>

  <Accordion title="Authorization — roles and permissions" icon="shield-halved">
    * **Hierarchical roles** per org: Owner > Admin > Member > Viewer
    * Each operation checks the required role before executing
    * **Admins cannot modify Owners** — guards against privilege escalation
      from a compromised account
    * Reads and writes that touch customer data pass through an additional
      isolation layer in the database (see [Multi-tenant](/en/trust/multi-tenant))
  </Accordion>
</AccordionGroup>

## Encryption

| Where                                                     | How                                                                        |
| --------------------------------------------------------- | -------------------------------------------------------------------------- |
| **Data in transit**                                       | TLS 1.3 on all client ↔ server communication                               |
| **Data at rest (database)**                               | Provider-managed encryption (AWS RDS with KMS)                             |
| **Third-party credentials** (Tavily, Twilio, Apify, etc.) | Encrypted with a dedicated key — Apollo Space decrypts only at time of use |
| **Infrastructure secrets**                                | AWS Secrets Manager + IAM with least-privilege                             |

No Apollo Space operator can read third-party credentials in plain text
by manually inspecting the database — the encryption key lives in a
separate system with audited access.

## Third-party credentials

<AccordionGroup>
  <Accordion title="How they are stored" icon="database">
    When you connect integrations ([WhatsApp/Twilio](/en/integrations/whatsapp),
    [Tavily](/en/integrations/tavily), [Apify](/en/integrations/apify),
    [Composio](/en/integrations/composio)), credentials (API keys, OAuth
    tokens) are:

    * **Encrypted in the database** with a dedicated key
    * **Isolated per organization** — another Apollo Space customer cannot
      see your credentials
    * **Accessed only by the backend** when a legitimate call requests it —
      never sent to the frontend
    * **Audit-logged** — every time a credential is resolved for use, a
      record is kept: which user/agent, which operation, when
  </Accordion>

  <Accordion title="Rotation and revocation" icon="rotate">
    You can **rotate** credentials at any time (just paste the new one) or
    **revoke** them by disconnecting the integration (deletes the credential
    from the database).

    We recommend rotating keys for critical integrations (Twilio, Apify)
    periodically or whenever a team member with access leaves the team.
  </Accordion>
</AccordionGroup>

## Audit log

Every relevant action generates an entry in the org's audit log:

* User login / logout
* Role changes (who promoted whom)
* Integration connections / disconnections
* Outbound message delivery (email, WhatsApp)
* Lead modifications
* Administrative billing operations

The log is **append-only** — nothing is deleted or edited retroactively.
Owners + Admins can inspect it at any time; external auditors can be
provisioned as Viewer + read access to the audit log.

## Incident response

If you suspect any security incident (unauthorized access, leaked
credential, unusual behavior):

<Card title="Report immediately" icon="bell">
  Email: **[security@apollospace.ai](mailto:security@apollospace.ai)**. Response within 24 business hours.
</Card>

For incidents affecting **customer data**, Apollo Space follows:

1. Identification + containment (first hours)
2. Notification to affected parties per applicable regulatory timeline
3. Public postmortem after resolution (no sensitive data included)

## Compliance

<AccordionGroup>
  <Accordion title="LGPD and privacy" icon="scale-balanced">
    Apollo Space designs its privacy and security practices with the LGPD
    as the primary reference — a documented data protection model, processes
    for exercising data subject rights, and a contact channel for the data
    protection officer.
  </Accordion>

  <Accordion title="Certifications (roadmap)" icon="certificate">
    Other certifications (SOC 2, ISO 27001) are under consideration on the
    roadmap as the product matures and enterprise customer demand grows.

    Additional privacy and security documentation is available under NDA —
    contact **[security@apollospace.ai](mailto:security@apollospace.ai)** if your compliance program requires
    formal evidence.
  </Accordion>
</AccordionGroup>

## Next steps

<CardGroup cols={2}>
  <Card title="Multi-tenant" icon="shield-check" href="/en/trust/multi-tenant">
    Isolation detail between organizations.
  </Card>

  <Card title="Organizations" icon="building" href="/en/concepts/organizations">
    The role model in detail.
  </Card>
</CardGroup>