Skip to content

Security model

How Sluicio secures the keys that authenticate telemetry ingestion and programmatic API/MCP access — storage, rotation, and handling.

This page covers how Sluicio secures the keys that authenticate access: the ingest keys used to send telemetry, and the tokens used for programmatic API and MCP access. It reflects the actual implementation, not aspirations.

The OTLP ingest endpoint authenticates every batch against a per-org ingest key. Keys are managed in Settings → Ingestion, hashed at rest, and can be rotated or revoked without redeploying senders. A request with a missing or invalid key is rejected with 401.

Tokens for the HTTP API and the MCP endpoint are long, high-entropy random strings, stored as SHA-256 hashes at rest — a fast hash is appropriate for high-entropy secrets, since there’s nothing low-entropy to brute-force. The plaintext is shown exactly once at creation and never again, and any token can be revoked at any time.