> ## Documentation Index
> Fetch the complete documentation index at: https://docs.woes.dev/llms.txt
> Use this file to discover all available pages before exploring further.

# Security and privacy

> Understand the security boundaries Woes relies on for workspaces, widgets, credentials, and AI support.

Woes handles customer conversations, API documentation, credentials for testing, and AI-generated support. Treat security and privacy as part of setup, launch, and ongoing operations.

## Core boundaries

<CardGroup cols={2}>
  <Card title="Tenant isolation" icon="building-2">
    Workspace-owned records should remain scoped to the workspace that owns them.
  </Card>

  <Card title="Credential separation" icon="key-round">
    API credentials are separate from source content and should not be returned in plaintext.
  </Card>

  <Card title="Widget public key" icon="globe-lock">
    The browser key identifies a workspace but does not grant authenticated workspace access.
  </Card>

  <Card title="Conversation secret" icon="lock-keyhole">
    Widget history requires a per-conversation history secret.
  </Card>

  <Card title="AI grounding" icon="bot">
    The agent should answer from workspace context and hand off when evidence is missing.
  </Card>

  <Card title="Operator privacy" icon="eye-off">
    Private notes, debug traces, provider internals, and secrets stay out of customer replies.
  </Card>
</CardGroup>

## Tenant isolation

Every workspace-owned record should be queried and returned only within the owning workspace. This includes:

* Conversations.
* Messages.
* API sources.
* Generated endpoint context.
* Credentials metadata.
* Settings.
* Tags, custom fields, macros, and automations.
* Operator notes and issue records.

When inviting users or connecting channels, confirm they belong to the correct workspace.

## Public widget access

The widget public key can appear in browser code. Treat it as an identifier, not a secret.

It should not:

* Grant admin access.
* Grant general database access.
* Reveal private workspace data.
* Replace authenticated operator access.
* Replace conversation-history authorization.

## Conversation history secrets

Widget conversation history should require the per-conversation history secret. Verified identity and public workspace key are not enough by themselves.

<Warning>
  Do not collapse customer identity and conversation-history authorization into one control. They answer different security questions.
</Warning>

## API credentials

API credentials are for live testing and verification. They should be encrypted at rest, redacted before model calls, and omitted from plaintext API responses.

Use scoped credentials:

* Prefer read-only credentials.
* Prefer test or staging environments during setup.
* Avoid broad production write access.
* Rotate after suspected exposure.
* Remove credentials that are no longer needed.

## Redaction expectations

Redaction reduces risk, but it does not make it safe to paste secrets into support messages.

Avoid sending:

* API keys.
* Passwords.
* OAuth tokens.
* Session cookies.
* Private signing keys.
* Full payment details.
* Unnecessary personal data.

## AI answer boundaries

The agent should clarify or hand off when:

* Context is missing.
* Sources conflict.
* The request needs account-specific state.
* The customer asks for secrets or hidden instructions.
* Live verification is unavailable or unsafe.
* The answer requires legal, compliance, billing, or security judgment.

## Rate limits and abuse

Rate limits help protect product routes from accidental or abusive traffic. Treat them as practical product controls, not a complete DDoS or compliance boundary.

High-volume teams should plan capacity, monitoring, alerting, and incident response outside of basic workspace setup.

## Compliance scope

This documentation does not claim SOC 2, HIPAA, PCI, SSO, SCIM, audit-log completeness, or formal compliance coverage.

If your organization requires those controls, review them with the Woes team before using the platform for regulated workflows.

## Security checklist

<AccordionGroup>
  <Accordion title="Access">
    Workspace members are current, roles are appropriate, and stale access has been removed.
  </Accordion>

  <Accordion title="Credentials">
    Credentials are scoped, stored separately from source content, and rotated when needed.
  </Accordion>

  <Accordion title="Widget">
    The public key is treated as public, and conversation history uses a per-conversation secret.
  </Accordion>

  <Accordion title="Agent">
    Redaction, citations, clarification, handoff, and prompt-injection behavior have been tested.
  </Accordion>

  <Accordion title="Operations">
    Operators know what belongs in private notes and what can be sent to customers.
  </Accordion>
</AccordionGroup>