Security

the eai enforces multiple layers of security to protect your data and ensure safe system to system communication transport security https only — all api requests must be made over https plain http requests are rejected access control tenant isolation — each eai account is bound to a specific company tenant cross tenant access is not possible an account provisioned for acme teleskope io cannot access data on globex teleskope io module scoping — each account is scoped to a specific module (graph or uploader) an account authorized for the graph api cannot access the uploader, and vice versa granular permissions — each account has fine grained permissions controlling which endpoints it can access unauthorized requests return 403 forbidden available permissions permission description get zones list zones by application type get groups list groups within a zone get group chapters list chapters within a group get group channels list channels within a group get members list members in a group, chapter, or channel get leads list leads in a group, chapter, or channel get events list events within a scope get audit logs retrieve membership audit logs get user look up a single user get all users list all users (paginated) create user create a new user update user update an existing user post user data sync upload user data for sync (uploader) post user data delete upload user data for deletion (uploader) network security ip whitelisting — optionally restrict api access to specific ip addresses or cidr ranges when configured, requests from non whitelisted ips are rejected with 403 forbidden contact your teleskope administrator to configure allowed ips rate limiting and abuse prevention rate limiting — certain endpoints (e g , getallusers ) include built in rate limiting to protect platform stability token limits — oauth2 accounts are limited to 10 active tokens to prevent credential abuse monitoring audit logging — all eai requests are logged for security monitoring and troubleshooting logs include the authenticated account, endpoint called, request parameters, and response status