How should I store my OneInfer API key?

Store your API key as an environment variable, never hardcode it in source code or commit it to version control. Use secrets managers in production.

Are API requests to OneInfer encrypted?

Yes. All API traffic uses TLS 1.2+ encryption in transit. Your API key and data are never transmitted over unencrypted connections.

How long does a Bearer token last?

Bearer tokens have a configurable expiry. Exchange your API key for a fresh token before expiry using the authentication endpoint.

Security FAQ

Data protection and platform security

Data Protection

How is my data protected from other clients?

Clients are isolated in unprivileged Docker containers and only have access to their own data. Each container is completely separate from others on the same host machine with:

Separate namespaces and cgroups
Network isolation
File system isolation
Process isolation

How is my data protected from providers?

Provider security varies significantly:

Tier 4 datacenters have extensive physical and operational security
Individual hosts may have less formal security measures

Is my traffic encrypted?

Yes. All control-plane traffic uses TLS 1.2+ encryption. Instance-to-instance or user application traffic is encrypted depending on your own configuration.

Do you store my data after my instance is deleted?

No. Once you terminate an instance, its attached storage is removed permanently. We do not retain backups unless explicitly created by you.

How can I improve my security further?

Use SSH keys instead of passwords
Store API keys securely (never commit them)
Enable firewalls or private networking
Encrypt your own datasets before upload