EgoXDocs
Security

Overview

How EgoX protects your data, your credentials, and your integration.

Security is a product property at EgoX, not an afterthought. This section explains what EgoX does on its side to keep your project, its data, and its integrations safe — and points to the policies that put it in writing.

Shared responsibility

EgoX secures the platform; you secure your account. Your two jobs: keep your API keys and MCP tokens secret, and verify webhook signatures on your tool endpoints (see Integrating securely with the SDK).

In this section

The foundations

These guarantees underpin everything in the pages above.

Tenant isolation

Isolation between projects is enforced at the data layer, not just the UI. Every persisted row, every read, and every cache key is scoped by tenant — there is no "global" data path that bypasses tenancy, so one project can never read or write another's config, tools, knowledge, or conversations.

Credentials

CredentialWhere it's usedHow it's protected
API key (egox_live_… / egox_test_…)Your backend → /egox/askSent as X-API-Key; scoped to one project; rotatable and revocable.
Access tokensConsole / API sessionsGenerate, list, extend, and revoke on demand.
MCP token (egox_mcp_…)Agents → the MCP serverScoped per-project and per-permission; revocable from the Console.
Your provider key (BYOK)EgoX → your model providerEncrypted at rest (AES-256-GCM). Details →

MCP access control

The MCP server that lets agents manage your tools and knowledge holds zero secrets — it forwards the connection's token to EgoX, and all authentication, scope checks, and audit happen on the backend. Token scopes (tools:read, tools:write, rag:read, rag:write) are enforced server-side, every connection is revocable, and agent-created content lands as a reviewable draft (source = 'mcp').

Reliability & abuse protection

Critical guarantees layer multiple independent backstops, so no single failure can take the system down:

  • Tool-call storm protection — dedup, a per-tool call cap, error classification, bounded transient retries, and an iteration cap stop runaway loops.
  • Rate limits on the public API.
  • Prompt-injection and RAG safety rails around retrieved content and model output.
  • Locked vocabularies — fields with a finite value set are enforced by database CHECK constraints, so invalid state can't be written.

Observability & audit

Every meaningful runtime event surfaces as a metric, an audit row, or an operator signal — security-relevant activity is never invisible. Thread auditing in the Console gives a read-only, turn-by-turn view of every conversation, and usage analytics make anomalous traffic easy to spot.

Reporting a vulnerability

Found a security issue? Please report it privately to security@egox.io rather than filing a public issue. We investigate every report and will acknowledge receipt.

On this page