SupportPrivacy & Security
Protect user data with role-aware access controls and secure operational practices.
ZerothCAD is designed with practical security foundations including authenticated access, tokenized flows, audit events and platform governance boundaries.
Credential authToken safetyRBAC routesAudit logging
Identity and access
Only authorized users can reach protected platform surfaces.
- Credentials authentication with password hashing.
- Email verification and reset token flows with expiration windows.
- Role-aware middleware for dashboard and admin boundaries.
Data handling
Project and asset operations enforce ownership context.
- Project APIs validate owner or collaborator scope.
- S3 uploads use short-lived presigned URLs.
- Sensitive settings and platform actions are admin-gated.
Operational governance
Create traceability for critical actions.
- Audit logs capture admin and key project events.
- Prompt jobs persist generation state and failures.
- Health and status endpoints support proactive monitoring.
Frequently asked questions
Do admins have unrestricted access?
Admins have broad governance rights, but actions are designed to be auditable and intentional.
How are password resets protected?
Reset tokens are hashed, expire quickly and are one-time use.