Security model

Target Audience: Developers, security reviewers, and technical decision-makers integrating Toucan AI.

TL;DR

Toucan AI protects data with layered controls: short-lived embed tokens, organization isolation, row-level security on queries, encrypted database credentials, and clear boundaries between platform data and your connected data.

What this section covers

Data access boundaries — who can access what
Data storage & retention — what Toucan stores, query data flow, caching
PII & personal data — where personal data can appear and how to minimize it
Secrets & encryption — credentials and tokens
Token security — embed authentication
API security — access controls for APIs
AI assistant data handling — conversations and AI workflows
Third-party subprocessors — external providers that may process data

For embed-specific responsibilities, see also Security boundaries.

PreviousManage organization and users NextData access boundaries

Last updated 9 days ago

Was this helpful?