Tenant Isolation
Logical separation of tenant data, channel accounts, routing configuration, and operational evidence.
Security & compliance
Security, privacy and audit controls by design.
The website and product posture are aligned around clear user rights, platform-safe messaging, secure identity handling, tenant isolation, and evidence-based operations.
No Secret Exposure in URLs
Tokens, provider credentials, callback assertions, and identity-bound state are not designed for browser-visible URLs.
RBAC & Audit
Role-based administrative access, tenant membership boundaries, and privileged action audit trail.
Secure Opaque Grant Links
Short-lived server-side grants protect documents, media, identity binding, and continuation flows.
Privacy & Data Handling
Data minimization, controlled access, deletion request handling, and strict operational evidence rules.
Security principles
NexisGate avoids exposing raw secrets, raw tokens, raw file paths, direct document URLs, callback assertions, and identity-bound actions in URLs or public UI.
- Server-side session and opaque grants for sensitive flows.
- Administrative access designed for RBAC and audit.
- Provider credentials are not rendered in public pages.
- Data deletion and privacy rights are clearly published.
- Abuse, spam, and policy bypass are prohibited.