Wikilect
Security
Wikilect is designed to protect OAuth tokens and customer data used in AI workflows.
Token protection
Refresh tokens are encrypted at rest, never exposed in the user interface and never written to application logs. Access is limited to backend services that need the token to perform an authorized action.
Access controls
Administrative and support access is role-based. Sensitive actions should be auditable and limited to authorized personnel.
Auditability
Wikilect keeps operational logs for consent, refresh, revoke and integration events. Logs do not include raw OAuth tokens.