Skip to main content
Security is a core part of BrandsAPI. We use industry-standard security practices to protect our infrastructure, secure API requests, and keep your brand data usage safe.

API Authentication

All requests to the Brand API must be authenticated using a Secret API Key. Use the following authorization header with every API request:
  • Header Name: Authorization
  • Format: Bearer <YOUR_API_KEY>
curl --request GET \
  --url https://api.brandapi.com/v2/brands/github.com \
  --header 'Authorization: Bearer YOUR_API_KEY'
Keep your Secret API Key private. Never share it publicly or commit it to version control. If your API key is exposed or compromised, rotate it immediately from the Developer Portal.

Data Security

BrandsAPI uses encryption and secure infrastructure practices to help protect data across the platform.

Encryption

  • At Rest: All data stored in our databases is encrypted using AES-256 encryption.
  • In Transit: All API traffic is served over HTTPS using TLS 1.2 or higher. This ensures data remains encrypted while traveling between your application and the BrandsAPI platform.

Isolation

BrandsAPI uses strict multi-tenant isolation. Your API usage data, account settings, and configurations are logically separated from other customers to help maintain privacy and security.

Infrastructure Security

BrandsAPI is hosted on AWS, Amazon Web Services, using secure cloud infrastructure designed for reliability, scalability, and protection.
  • DDoS Protection: We use AWS Shield and Cloudflare to help protect the platform against large-scale distributed denial-of-service attacks.
  • Vulnerability Scanning: We perform regular automated vulnerability scans across our infrastructure and application code to identify and address potential security risks.

Compliance

BrandsAPI is committed to maintaining a secure and trusted environment for customers and developers. We are currently working toward SOC 2 Type II compliance, with expected completion in 2026.

Reporting Vulnerabilities

If you believe you have found a security vulnerability in BrandsAPI, please report it to our security team. Contact us at: hello@devshineteam.com We appreciate responsible reports that help keep BrandsAPI secure for everyone.