Credential handling
Security
Webbership Tracking is designed around explicit credential boundaries, inspectable delivery, and restricted browser event intake.
Server-side credentials
Server-side destination credentials are encrypted at rest in the project secret vault or loaded from server-side environment configuration. Browser public keys are not server secrets.
Browser safety
Server secrets must never be placed in browser JavaScript. Browser collection uses public keys and allowed-domain controls.
Sanitized delivery logs
Destination payloads and attempts are sanitized so OAuth tokens, developer tokens, and raw credential values are not written into request payload logs.
Controlled activation
Destination delivery can be tested before project delivery is enabled. Project delivery is paused by default for new projects.
Browser event restrictions
Domain allowlists and collector CORS checks restrict browser event intake to configured first-party domains.