Manifold
Manifold
Manifold
Plan Builder
What is it?
How does it work?
Pricing and Packaging
Quickstart
Integration
FAQ
Reference
GraphQL APIs
Web Components
Enterprise
Sell in Marketplaces
Launch a Marketplace
Authentication
Integration guide
Privacy and Security
OAuth 2
Web Components
GraphQL APIs
Webhooks
Learn More
Powered by GitBook

Privacy and Security

Privacy

Manifold does not store any personal information from your end users. We store only the subject (the identifier for the end user provided by the UserInfo endpoint).

Security

Manifold relies on the HTTP referrer to determine which platform is making the request in our auth component.

We recommend that you set a Content Security Policy header that includes a frame-src directive which specifies our authentication service domain: login.manifold.co.

Manifold encrypts all stored tokens, with a token specific to each end user. These tokens are in turn again encrypted with a master key, which is only accessible to the underlying service which needs access. To learn more, see our blog.

Previous
Integration guide
Next
OAuth 2
Last updated 8 months ago
Contents
Privacy
Security