> ## Documentation Index
> Fetch the complete documentation index at: https://docs.pipecat.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Security Guide

> Securing your agents on Pipecat Cloud

This guide addresses security considerations throughout your journey with Pipecat Cloud, from account creation to running production agents. Each section focuses on practical security measures you can take and explains how Pipecat Cloud protects your agents.

## Account & Organization Security

### How do I secure access to my Pipecat Cloud account?

Pipecat Cloud implements different authentication mechanisms depending on how you interact with the platform:

| Interface | Authentication Method          | Security Notes                              |
| --------- | ------------------------------ | ------------------------------------------- |
| Dashboard | Email + OTP                    | Two-factor authentication by default        |
| CLI       | JWT via Clerk                  | Token-based auth with automatic expiration  |
| REST API  | Bearer token (public API keys) | Scoped to specific organizations and agents |

<Tip>
  For CLI usage, we recommend running `pipecat cloud auth login` regularly to
  refresh your credentials.
</Tip>

### How do I manage access for my team?

Organizations provide a secure way to collaborate with team members:

* Create separate organizations for different teams or environments
* Invite members with appropriate permission levels
* Use organization-specific API keys for automation

Each organization has its own isolated environment with separate resources, agents, and secrets.

## Development Security

### How do I keep API keys and secrets secure during development?

Never include sensitive credentials in your agent code or images:

```python theme={null}
# DON'T do this
api_key = "sk_1234567890abcdef"  # Hardcoded keys are a security risk

# DO this instead
import os
api_key = os.environ.get("SERVICE_API_KEY")  # Use environment variables
```

During local development, use environment files (`.env`) and ensure they're in your `.gitignore`.

For deployment, use Pipecat Cloud's secrets management:

```bash theme={null}
# Create a secret set with your API keys
pipecat cloud secrets set my-agent-secrets \
  OPENAI_API_KEY=sk_... \
  ANTHROPIC_API_KEY=sk_...

# Reference in deployment
pipecat cloud deploy my-agent my-image:latest --secret-set my-agent-secrets
```

<Info>
  Secrets are encrypted at rest and in transit, then securely injected as
  environment variables in your agent's runtime.
</Info>

<Warning>
  When you update or rotate API keys in a secret set, you must redeploy your
  agent to apply these changes. Updated secrets are not automatically propagated
  to running deployments.
</Warning>

### Is my agent code secure during development?

Your local development environment and version control security are your responsibility. We recommend:

* Using private repositories
* Implementing branch protection
* Scanning code for security issues
* Never committing secrets or credentials

## Deployment Security

### How do I secure my agent container?

Follow these container security best practices:

1. Start with our [official base image](https://github.com/daily-co/pipecat-cloud-images/tree/main/pipecat-base) for a pre-hardened configuration
2. Include only necessary components to reduce attack surface
3. Keep dependencies updated to patch vulnerabilities
4. Use container scanning tools before deployment

### Are my private container images secure?

If you use private container registries, Pipecat Cloud supports secure image pulls:

```bash theme={null}
# Create an image pull secret for private registry
pipecat cloud secrets image-pull-secret dockerhub https://index.docker.io/v1/

# Use it during deployment
pipecat cloud deploy my-agent my-private-repo/image:latest --credentials dockerhub
```

Credentials are securely stored and only used during image pulls.

<Tip>
  The CLI accepts credentials as `username:token` and base64-encodes them before
  storing the image pull secret. If you create an image pull secret through the
  dashboard or API, the auth value must already be base64-encoded.
</Tip>

### How does Pipecat Cloud protect my agent code?

Your deployed code remains private and protected through multiple layers:

* Containers run in isolated Kubernetes pods
* Network policies restrict cross-agent communication
* Each organization has separate namespaces
* Access controls prevent unauthorized access to running containers

## WebSocket Security

### How do I prevent unauthorized access to my WebSocket endpoints?

Pipecat Cloud supports HMAC token authentication for WebSocket connections. When enabled, clients must obtain a short-lived, one-time-use token via the `/start` endpoint before connecting. Tokens are validated before the WebSocket connection is accepted — unauthorized requests never allocate bot resources.

New agents default to requiring token authentication. For telephony providers that connect directly (Twilio, Plivo, etc.), you can set `websocket_auth = "none"` in your deployment config.

See the [WebSocket Authentication guide](/pipecat-cloud/guides/websocket-authentication) for setup instructions and details.

## Runtime Security

### Can other customers access my agents or data?

Pipecat Cloud implements strong multi-tenant isolation:

* Organizational namespacing creates logical boundaries between customers
* Network policies prevent cross-namespace communication
* Kubernetes RBAC controls limit access to running pods
* Authentication is required for all API access

### How are my agents protected at runtime?

Pipecat Cloud provides several runtime security measures:

* **Network Controls**: Restrict egress to necessary services
* **Access Monitoring**: Track authentication and access patterns
* **Secret Injection**: Environment variables for secure credential access

### Who can start sessions with my agents?

Only clients with valid API keys for your organization can start agent sessions. For security best practices:

1. **Use server-side code** to start agent sessions, keeping API keys secure on your server
2. **Never expose API keys** in client-side code

```bash theme={null}
# Create a public API key for client applications
pipecat cloud organizations keys create

# Associate with specific agents
pipecat cloud organizations keys use
```

<Warning>
  While called "public API keys," these should still be treated as sensitive
  credentials and not shared with end-users or embedded in client-side code.
  They are "public" only in the sense that they have limited permissions
  compared to admin keys.
</Warning>

We recommend implementing a server-side endpoint that starts sessions on behalf of your users, similar to how you might handle other sensitive API operations.

## Data Security

### Is my data encrypted?

Pipecat Cloud encrypts your data throughout the platform:

* **In Transit**: TLS 1.3 encryption for all API communications
* **At Rest**: AES-256 encryption for stored data
* **Database**: Hardware-level encryption for database content, such as public API keys which developers control the rotation of

### Where is my data stored?

All Pipecat Cloud infrastructure is currently located in the US (AWS us-west-2 region). Contact us at `help@daily.co` if you have specific data residency requirements.

### What happens to my data when agents terminate?

Ephemeral data used during agent sessions is removed when the session ends. By default, stdout and stderr logs are stored in Pipecat Cloud. You have control over what is logged and where the logging is stored. Refer to [Logging & Observability](../fundamentals/logging) for more information.

## Monitoring & Incident Response

### How does Pipecat Cloud detect security issues?

We maintain comprehensive logging and monitoring:

* Administrative API calls are logged and retained for 1 year
* Authentication attempts and access patterns are monitored
* System events are tracked for security analysis

<Info>
  Request access to [Daily's Trust Center](https://trust.daily.co/) to learn
  more about our incident response and security practices.
</Info>

### How do I report security vulnerabilities?

If you discover a potential security vulnerability:

1. Email us at [disclosures@daily.co](mailto:disclosures@daily.co) (we'll acknowledge within one week)
2. Provide reasonable time for us to resolve the issue before disclosure
3. Make a good faith effort to avoid violating privacy or degrading service

<Note>
  Reporting security findings directly to Daily helps to ensure continued
  protection for all users.
</Note>

## Security Responsibilities

Security in cloud environments works best as a partnership. Pipecat Cloud follows a shared responsibility model where we secure the underlying infrastructure and platform, while you maintain responsibility for your application code and configuration. Understanding these boundaries helps ensure comprehensive protection for your agents and data.

### What security aspects does Pipecat Cloud handle?

Pipecat Cloud is responsible for:

* Infrastructure and platform security
* Network security and isolation
* Secret storage and injection
* Authentication systems
* Platform monitoring and logging

### What security aspects am I responsible for?

As a customer, you're responsible for:

* Application code security
* API key management
* Agent configuration security
* Following container security best practices
* Proper secrets management

<Tip>
  While Pipecat Cloud secures log storage, you should ensure your agent code
  doesn't log sensitive information like credentials, personal data, or
  proprietary content in stdout/stderr streams.
</Tip>

## Additional Resources

For security-related questions or to report security issues:

* **Security Issues**: Email [disclosures@daily.co](mailto:disclosures@daily.co) to report potential vulnerabilities
* **General Support**: Contact [help@daily.co](mailto:help@daily.co) for security questions