---
title: "Security"
canonical_url: "https://www.nutrient.io/guides/dws-accessibility/security/"
md_url: "https://www.nutrient.io/guides/dws-accessibility/security.md"
last_updated: "2026-06-09T10:24:29.130Z"
description: "Security fundamentals for DWS Accessibility API, including encryption and authenticated API access."
---

# Security

DWS Accessibility API includes security controls for production document workflows.

## Encryption

The API protects data in transit and at rest:

- Data in transit is protected with HTTPS/TLS.

- Data at rest is encrypted in managed infrastructure.

## Access control

Use token-based authentication to control API access:

- API access requires a valid bearer token.

- You manage token distribution and rotation from the dashboard.

## Operational guidance

Use the practices below to reduce security risk in production:

- Use short-lived credentials and secure secret storage in your backend.

- Restrict who can create or rotate API credentials in your organization.

- Avoid exposing permanent keys in client-side code.

---

## Related pages

- [Getting started with DWS Accessibility API](/guides/dws-accessibility/getting-started.md)
- [DWS Accessibility API](/guides/dws-accessibility.md)
- [Privacy](/guides/dws-accessibility/privacy.md)
- [Pricing](/guides/dws-accessibility/pricing.md)
- [Support](/guides/dws-accessibility/support.md)