Security model

Security

Ai social poster is designed with preview-first workflows, safety gates and server-side token handling.

Security principles

OAuth tokens and Telegram bot tokens are stored server-side and never shown in the frontend.
Provider integrations stay behind approval gates until production readiness is confirmed.
Publishing jobs are queued, auditable and can be blocked by workspace safety checks.
Customers can disconnect accounts and request data deletion.
Admin/debug tools are not exposed in the customer-facing portal.

Email security@ai-social-poster.com. Please do not include secrets, access tokens or passwords in email.