Security
Designed around controlled document retrieval.
Obeil keeps the public workflow narrow: recipients provide a code, the backend resolves the delivery, and protected files stream through controlled routes.
Security posture
- Protected uploads
- Uploaded files are resolved through backend delivery routes instead of being presented as raw public folder links.
- Access codes
- Codes are short for recipient use, so sensitive deliveries should still use sensible retention and sharing rules.
- Sessions and keys
- Dashboard account routes use browser sessions, while integrations can use API keys for owner-level delivery workflows.
- Audit events
- Open, click, and frontend error records are written on a best-effort basis through the configured backend event route.