Security at OpenAtman

We use layered controls for authentication, access management, request validation, and operational monitoring. Sensitive actions are restricted to authorized roles and tracked where applicable.

OpenAtman uses integration scopes and controlled access patterns for connected platforms. Customers must secure platform credentials and follow official provider policies to prevent account risks.

Some service functions depend on third-party providers such as Meta, X, AWS, and GPT APIs. While we implement secure integration practices, upstream provider outages, policy changes, or account-level restrictions can affect feature availability.

To reduce account flagging or blocking risks, we recommend permission-based outreach, compliant message frequency, accurate opt-in handling, and policy-safe campaign content. OpenAtman does not intentionally block compliant users; enforcement may come from provider policy systems.

We maintain an operational response process to investigate suspicious activity, contain potential issues, and restore service integrity as quickly as possible.

Security is shared. Customers are expected to protect account credentials, monitor automations, review connected permissions, and report suspected misuse immediately.