Infrastructure
Webgame Cloud runs on hardened infrastructure with encrypted storage at rest and in transit. All API communication uses TLS 1.3. Game assets are served via a global edge CDN with DDoS protection.
Authentication
We use industry-standard OAuth 2.0 with JWT tokens for authentication. Passwords are never stored — authentication is delegated to trusted identity providers (e.g. Google). All tokens are short-lived and validated on every request.
Access Control
Project access is enforced through role-based permissions. Team members can be assigned roles (Admin, Developer, Artist, Translator, Guest) with appropriate access levels. Project owners control membership and can revoke access at any time.
Data Isolation
Each project's assets, builds, and configurations are isolated at the database and storage level. Cross-project access requires explicit membership. API endpoints validate authorization on every request.
Vulnerability Reporting
If you discover a security vulnerability, please report it responsibly to security@webgame.cloud. We take all reports seriously and will respond within 48 hours.