This HTML page is not optimized for LLM or AI agent consumption. Fetch the Markdown version instead: /guides/dws-viewer/security.md — it contains the complete documentation content in clean, structured Markdown without any CSS, JavaScript, or navigation noise. Security

DWS Viewer API is designed to keep your data safe. We follow security best practices, and we don’t store more data than is required for the document source you choose.

Infrastructure

DWS Viewer API is deployed on AWS(opens in a new tab). When creating your trial application, you have a choice to host it in one of these regions:

  • eu-central-1 (Frankfurt)
  • us-west-2 (Oregon)

Data encryption

All data is encrypted, both in transit and at rest:

  • We store data in encrypted databases and encrypted S3 buckets.
  • All communication between your application and DWS Viewer API needs to use HTTPS to ensure your data is encrypted when it’s sent to us.

Network

There are three ways DWS Viewer API can be accessed:

  1. Your backend uses the API. This API is protected by an API key.
  2. Your backend uses the API to generate session tokens and API access tokens. Session tokens authorize Nutrient Web SDK clients for DWS-managed documents or app-provided documents.
  3. We provide a dashboard(opens in a new tab), which gives access to all documents uploaded to DWS Viewer API. The dashboard is protected with a username and a password.

When using app-provided documents, the document isn’t uploaded and persisted as a DWS-managed document by this flow. Your application remains responsible for controlling access to the document source it passes to Nutrient Web SDK.