API key security
FeedbackFlow is built so that a leak of our database would not expose your keys or your connected credentials.
API keys are hashed, never stored raw
When you create a project, we generate an API key and store only its SHA-256 hash. The raw key is never written to our database. When the widget submits feedback, we hash the incoming key and compare it to the stored hash.
Because we only keep the hash, we cannot show you the key again after creation.
Your key is shown once
The raw key is displayed a single time, at project creation. Copy it then and keep it somewhere safe. If you lose it, regenerate it from the project page: this creates a new key, shows it once, and invalidates the old one immediately.
Integration credentials are encrypted
The credentials you enter for integrations (signing secrets, API tokens) are encrypted at rest with AES-256-GCM before being stored, using a key held only in our server environment (ENCRYPTION_KEY) and never sent to the browser. They are decrypted only in memory, on the server, when we need to verify a webhook or file a ticket.
For where to find each credential, see the integration guides.