DWS Viewer API is designed to keep your data safe. We follow security best practices, and we don’t store more data than is required for the document source you choose.
Infrastructure
DWS Viewer API is deployed on AWS(opens in a new tab). When creating your trial application, you have a choice to host it in one of these regions:
eu-central-1(Frankfurt)us-west-2(Oregon)
Data encryption
All data is encrypted, both in transit and at rest:
- We store data in encrypted databases and encrypted S3 buckets.
- All communication between your application and DWS Viewer API needs to use HTTPS to ensure your data is encrypted when it’s sent to us.
Network
There are three ways DWS Viewer API can be accessed:
- Your backend uses the API. This API is protected by an API key.
- Your backend uses the API to generate session tokens and API access tokens. Session tokens authorize Nutrient Web SDK clients for DWS-managed documents or app-provided documents.
- We provide a dashboard(opens in a new tab), which gives access to all documents uploaded to DWS Viewer API. The dashboard is protected with a username and a password.
When using app-provided documents, the document isn’t uploaded and persisted as a DWS-managed document by this flow. Your application remains responsible for controlling access to the document source it passes to Nutrient Web SDK.