Security & Trust
Security is not a feature at JengaFlow — it is our foundation. Our zero-trust architecture ensures that your business secrets remain private, audited, and ephemeral.
AES-256 Fernet Encryption
All sensitive credentials are encrypted at rest using industry-standard Fernet encryption. Decryption keys are managed via secure rotation policies.
Zero-Persistence Runtime
Your automation workers never store static secrets. JengaFlow dispatches credentials ephemerally during execution via HMAC-signed handshakes.
Clerk JWT Isolation
Every API request is verified against Clerk's JWKS. Multi-tenancy is enforced at the database level using strict tenant scoping.
Comprehensive Audit Logs
Every credential access, payment initiation, and sync event is logged with a full trail of the actor, timestamp, and IP address.
Our Security Philosophy
We believe that the weakest link in any automation chain is the storage of long-lived secrets in execution environments. JengaFlow was designed to decouple your business logic from your sensitive credentials.
By acting as a secure, signed bridge, we provide a unified control plane for your entire automation ecosystem, from M-Pesa payments to Odoo syncs.