Authentication
Doris uses a managed identity platform for authentication and session security:- Signed token validation with managed key rotation
- Session and credential revocation controls for account security events
- Account-level session invalidation to support offboarding and incident response
- Session telemetry including login tracking and security-relevant audit events
Access Control
- Role-based access control (RBAC) at system and tenant scope
- Server-side privilege checks for sensitive and administrative actions
- Escalation monitoring for suspicious or unauthorized privilege use
- Least privilege — Internal services use scoped authentication and permissions
API Security
Rate Limiting
Rate limiting and abuse protections are used to reduce brute-force and misuse risk:- Rate limits may be applied by user, tenant, IP, or endpoint characteristics
- Thresholds and protective responses can vary by workload and risk profile
- Standard client signaling may be returned when requests are throttled
Security Headers
API responses are configured with defensive browser and transport controls, which may include:- Restrictive content loading policies where applicable
- MIME sniffing protections
- Clickjacking protections
- Referrer handling controls
- Limited server fingerprinting where practical
Input Validation
Request payloads are validated before processing using a combination of schema, type, and boundary checks:- Schema-based validation for expected request shapes
- Length and format constraints on user-controlled fields
- Control character filtering for high-risk inputs and logs
- Nested structure limits to reduce resource-exhaustion risk
- CORS — Explicit origin controls are used in production environments
Webhook Security
Inbound webhooks use signature verification and replay-resistant validation before processing.OAuth CSRF Prevention
OAuth flows use server-validated anti-forgery state and related integrity checks.Multi-Tenant Data Isolation
Doris is a multi-tenant platform. Customer data separation is supported through tenant-aware authorization and scoped data-access controls:- Data-access paths are designed to scope requests to the authenticated tenant context
- Tenant isolation controls are enforced in application and service layers
- Administrative access to customer data is restricted, logged, and governed by least-privilege policies
Secure Development Lifecycle
- Code review — Material changes are expected to undergo peer review before release
- Automated security scanning — Static analysis and dependency checks are integrated into development workflows
- Pre-commit controls — Developer tooling helps detect secrets and common unsafe patterns
- Environment separation — Production and non-production environments use separate credentials and infrastructure boundaries
- CI/CD security — Deployment workflows use short-lived or federated authentication where supported