This guide addresses security considerations throughout your journey with Pipecat Cloud, from account creation to running production agents. Each section focuses on practical security measures you can take and explains how Pipecat Cloud protects your agents.

Account & Organization Security

How do I secure access to my Pipecat Cloud account?

Pipecat Cloud implements different authentication mechanisms depending on how you interact with the platform:
InterfaceAuthentication MethodSecurity Notes
DashboardEmail + OTPTwo-factor authentication by default
CLIJWT via ClerkToken-based auth with automatic expiration
REST APIBearer token (public API keys)Scoped to specific organizations and agents
For CLI usage, we recommend running pcc auth login regularly to refresh your credentials.

How do I manage access for my team?

Organizations provide a secure way to collaborate with team members:
  • Create separate organizations for different teams or environments
  • Invite members with appropriate permission levels
  • Use organization-specific API keys for automation
Each organization has its own isolated environment with separate resources, agents, and secrets.

Development Security

How do I keep API keys and secrets secure during development?

Never include sensitive credentials in your agent code or images: 
# DON'T do this
api_key = "sk_1234567890abcdef"  # Hardcoded keys are a security risk

# DO this instead
import os
api_key = os.environ.get("SERVICE_API_KEY")  # Use environment variables
During local development, use environment files (.env) and ensure they’re in your .gitignore. For deployment, use Pipecat Cloud’s secrets management: 
# Create a secret set with your API keys
pcc secrets set my-agent-secrets \
  OPENAI_API_KEY=sk_... \
  ANTHROPIC_API_KEY=sk_...

# Reference in deployment
pcc deploy my-agent my-image:latest --secret-set my-agent-secrets
Secrets are encrypted at rest and in transit, then securely injected as environment variables in your agent’s runtime.
When you update or rotate API keys in a secret set, you must redeploy your agent to apply these changes. Updated secrets are not automatically propagated to running deployments.

Is my agent code secure during development?

Your local development environment and version control security are your responsibility. We recommend:
  • Using private repositories
  • Implementing branch protection
  • Scanning code for security issues
  • Never committing secrets or credentials

Deployment Security

How do I secure my agent container?

Follow these container security best practices:
  1. Start with our official base image for a pre-hardened configuration
  2. Include only necessary components to reduce attack surface
  3. Keep dependencies updated to patch vulnerabilities
  4. Use container scanning tools before deployment

Are my private container images secure?

If you use private container registries, Pipecat Cloud supports secure image pulls: 
# Create an image pull secret for private registry
pcc secrets image-pull-secret dockerhub https://index.docker.io/v1/

# Alternatively, use base64 encoding for credentials
pcc secrets image-pull-secret dockerhub https://index.docker.io/v1/ --base64encode

# Use it during deployment
pcc deploy my-agent my-private-repo/image:latest --credentials dockerhub
Credentials are securely stored and only used during image pulls.
The optional --base64encode flag provides an additional layer of obfuscation when entering credentials in environments where terminal history or session logging might be a concern.

How does Pipecat Cloud protect my agent code?

Your deployed code remains private and protected through multiple layers:
  • Containers run in isolated Kubernetes pods
  • Network policies restrict cross-agent communication
  • Each organization has separate namespaces
  • Access controls prevent unauthorized access to running containers

Runtime Security

Can other customers access my agents or data?

Pipecat Cloud implements strong multi-tenant isolation:
  • Organizational namespacing creates logical boundaries between customers
  • Network policies prevent cross-namespace communication
  • Kubernetes RBAC controls limit access to running pods
  • Authentication is required for all API access

How are my agents protected at runtime?

Pipecat Cloud provides several runtime security measures:
  • Network Controls: Restrict egress to necessary services
  • Access Monitoring: Track authentication and access patterns
  • Secret Injection: Environment variables for secure credential access

Who can start sessions with my agents?

Only clients with valid API keys for your organization can start agent sessions. For security best practices:
  1. Use server-side code to start agent sessions, keeping API keys secure on your server
  2. Never expose API keys in client-side code
# Create a public API key for client applications
pcc organizations keys create

# Associate with specific agents
pcc organizations keys use
While called “public API keys,” these should still be treated as sensitive credentials and not shared with end-users or embedded in client-side code. They are “public” only in the sense that they have limited permissions compared to admin keys.
We recommend implementing a server-side endpoint that starts sessions on behalf of your users, similar to how you might handle other sensitive API operations.

Data Security

Is my data encrypted?

Pipecat Cloud encrypts your data throughout the platform:
  • In Transit: TLS 1.3 encryption for all API communications
  • At Rest: AES-256 encryption for stored data
  • Database: Hardware-level encryption for database content, such as public API keys which developers control the rotation of

Where is my data stored?

All Pipecat Cloud infrastructure is currently located in the US (AWS us-west-2 region). Contact us at help@daily.co if you have specific data residency requirements.

What happens to my data when agents terminate?

Ephemeral data used during agent sessions is removed when the session ends. By default, stdout and stderr logs are stored in Pipecat Cloud. You have control over what is logged and where the logging is stored. Refer to Logging & Observability for more information.

Monitoring & Incident Response

How does Pipecat Cloud detect security issues?

We maintain comprehensive logging and monitoring:
  • Administrative API calls are logged and retained for 1 year
  • Authentication attempts and access patterns are monitored
  • System events are tracked for security analysis
Request access to Daily’s Trust Center to learn more about our incident response and security practices.

How do I report security vulnerabilities?

If you discover a potential security vulnerability:
  1. Email us at disclosures@daily.co (we’ll acknowledge within one week)
  2. Provide reasonable time for us to resolve the issue before disclosure
  3. Make a good faith effort to avoid violating privacy or degrading service
Reporting security findings directly to Daily helps to ensure continued protection for all users.

Security Responsibilities

Security in cloud environments works best as a partnership. Pipecat Cloud follows a shared responsibility model where we secure the underlying infrastructure and platform, while you maintain responsibility for your application code and configuration. Understanding these boundaries helps ensure comprehensive protection for your agents and data.

What security aspects does Pipecat Cloud handle?

Pipecat Cloud is responsible for:
  • Infrastructure and platform security
  • Network security and isolation
  • Secret storage and injection
  • Authentication systems
  • Platform monitoring and logging

What security aspects am I responsible for?

As a customer, you’re responsible for:
  • Application code security
  • API key management
  • Agent configuration security
  • Following container security best practices
  • Proper secrets management
While Pipecat Cloud secures log storage, you should ensure your agent code doesn’t log sensitive information like credentials, personal data, or proprietary content in stdout/stderr streams.

Additional Resources

For security-related questions or to report security issues: