Security Reference

Authenticated context is only useful if it is trustworthy. This page summarises the guarantees Buddy makes around identity and the Business API tool.

Token handling

• User tokens reach the widget over an origin-locked postMessage handshake and are held only in memory.
• Tokens are never placed in URLs, cookies, or local storage.
• A token is forwarded once, over the X-User-Auth-Token header, and verified server-side.

Secret storage

• Shared secrets, callback secrets and API credentials are encrypted at rest (AES-256-GCM with per-purpose derived keys).
• Secrets are write-only — configuration reads never return them.

Identity data & PII

• Verified identity is presented to the model as authoritative business-asserted facts.
• Identity PII is never written to application logs or returned to the end user's browser.
• Free-form attributes from your callback are treated as untrusted text by the model.

Egress & the SSRF guard

• All outbound calls (JWKS fetch, identity callback, Business API) pass through a guard that rejects private, loopback, link-local and metadata addresses.
• Outbound traffic originates from the platform's fixed egress range — contact support for the current IP allow-list to restrict access on your side.

Session revocation

Revoke a user's authenticated session at any time, server-to-server, using a platform API key (issued under Connections → User authentication). The agent stops serving account data within seconds.

POST /api/public/sessions/revoke
Authorization: Bearer bpk_…

{ "agentId": "agt_…", "userId": "user_123" }

Error codes