Security
AtlasCore handles government data and climate disclosure outputs that may be subject to regulatory scrutiny. Security is built into the platform architecture.
Authentication
- Bearer token auth on all API endpoints
- Separate
ac_test_(sandbox) andac_live_(production) key prefixes - Admin operations require separate admin tokens
- Tenant-scoped operations enforced through middleware
Tenant isolation
- Every API request is scoped to a tenant identity
- Pack entitlements control which datasets and operations are available
- Cross-tenant data access is prevented at the middleware layer
- Admin cross-tenant operations require explicit
X-AtlasCore-On-Behalf-Of-Tenant-Idheader
Data handling
- Government data only — AtlasCore ingests from authorised government sources with documented licences
- No PII storage — the platform stores corporate entity data (ABN, company name), not personal data
- Provenance trail — all data transformations are traceable to source government publications
- Deterministic outputs — no stochastic models or AI-generated content in data outputs
Webhook security
Outbound webhook deliveries are signed with HMAC-SHA256:
X-AtlasCore-Signature: sha256=<hmac_digest>
Recipients should validate this signature against their registered webhook secret before processing the payload.
Infrastructure
| Layer | Approach |
|---|---|
| API transport | HTTPS (TLS 1.2+) |
| Database | PostgreSQL with connection pooling and advisory locks |
| Object storage | Filesystem or S3 with configurable driver |
| Queue | Redis-backed job queue (rq) |
| Rate limiting | Per-tenant-pack-event window quota enforcement |
Disclosure artifact integrity
Generated evidence bundles include checksums.json with SHA-256 hashes for every file. This enables tamper detection — if any file is modified after generation, the checksum mismatch provides evidence of alteration.