Layered controls for tool-enabled AI. EEA-first data residency by design.
Obsigen is designed with layered controls — from transport encryption to content safeguards to sandboxed code execution.
All communications encrypted with TLS (HTTPS). No plaintext data in transit.
JWT (HS256) based authentication. Secure client-server sessions with configurable expiry.
Role-based access control (user/admin). Granular permissions for tools and features.
Injection and jailbreak detection, safety filters, and context analysis for sensitive requests.
Docker isolation with no network access, enforced timeouts, and per-run container teardown.
Redis-based throttling prevents abuse. Per-user and per-endpoint limits configurable.
| Layer | Control |
|---|---|
| Transport | TLS (HTTPS) |
| Authentication | JWT (HS256) |
| Authorization | Role-based (user / admin) |
| Content safeguards | Injection/jailbreak detection, safety filters |
| Risk detection | Context analysis flags sensitive requests |
| Code execution | Docker isolation, no network, timeouts |
| File handling | MIME checks, size limits, controlled storage |
| CORS | Strict origin policy |
| Rate limiting | Redis-based throttling |
| Secrets | Environment variables (no keys in code) |
Obsigen is designed to keep persistent data under your control, EEA-first. No data leaves the European Economic Area without explicit configuration.
| Data Type | Stored Where | Notes |
|---|---|---|
| Chat history | MySQL (EEA) | Full control & retention |
| Sessions / rate limits | Redis (EEA) | Fast + configurable TTL |
| Uploaded files | Temp storage (EEA) | Controlled retention |
| Generated artifacts | Local output (EEA) | PPTX, images, code outputs |
| Inference prompts | Transient (EEA inference) | No PII/secrets forwarded |
Our team can provide detailed documentation and discuss your specific requirements.