Security Overview

AxoDesk is designed as a multi-tenant platform with organization and workspace boundaries. Protected backend paths use authentication, membership checks, and role-based permissions. Tenant identifiers supplied by a client must be validated against backend access rules before protected operations.

The platform supports account authentication, session handling, OAuth flows, and scoped workspace membership. Provider secrets and connected-channel credentials belong on the server side and must not be exposed in browser bundles, public documentation, or logs.

Connected channels and integrations use provider callbacks, OAuth state, verification tokens, and signature validation where supported. Public webhook endpoints should remain narrow, validate provider authenticity, and avoid exposing raw sensitive payloads.

AxoDesk uses scoped realtime delivery and background queues for messaging, notifications, workflows, and related operations. Tenant and user context should remain attached to protected jobs and realtime events so data is not broadcast outside the intended workspace or user room.

The service uses a database, object storage for files, Redis-backed operations, and configurable monitoring. Security depends on production configuration as well as application code. Access should follow least privilege, and logs should avoid raw secrets, tokens, and unnecessary personal data.

• Use strong credentials and protect administrator accounts.
• Assign least-privilege roles and remove access promptly when no longer needed.
• Review connected providers, OAuth grants, templates, and automation behavior.
• Test workflows and AI agents before enabling customer-facing automation.
• Report suspected incidents promptly to support@axodesk.io.

This public page does not represent that AxoDesk holds a particular certification, audit report, data-residency option, or regulated-industry addendum. Enterprise customers should request the current verified security package and contractual commitments from sales@axodesk.io.