Unified.to
Blog

Unified.to's Security


January 3, 2024

When trusting any developer tool for your application, security becomes paramount as it can kill your customer's trust in your product if that tool has poor security practices.

At Unified.to, we have more than a dozen years of experience in the security industry and more than 20 in building secure software systems.

Our security features includes:

  • Your customers' data from their connections are never stored on Unified.to's servers. While Unified.to's calls the vendors APIs directly, the data that we retrieve is sent directly to your application and not stored nor cached.
  • Your customers' integration authentication is usually based off of OAUTH-2 and does not include their user credentials (email/password). Those OAUTH-2 access tokens expire and can be revoked by the customer at any time.
  • The customers' OAUTH2 access tokens can be stored in your AWS Secrets Manager account and not stored on the Unified.to's servers. If you have other secured storage needs, please let us know so we can add support for it.
  • You can also use your own OAUTH-2 clientId/clientSecret for your customers' authorizations. This gives your application more control over branding of those authorization pages plus more security in terms of utilizing those access tokens in the future without Unified.to.
Blog