Security Model
KeyRunner is built with a security-first mindset, from local development to enterprise deployment. This section breaks down the mechanisms that ensure your data, secrets, and workflows stay protected.Understand how KeyRunner secures your APIs using KeyConnector, SSO, KCSV, audit logs, and zero-trust execution models.
Zero Trust by Design
KeyRunner doesn't assume trust at any point in the request lifecycle. Every request, variable resolution, or execution is bound by authentication, scoping, and environment isolation.
- No cloud storage for sensitive data: Secrets, tokens, and credentials are never stored or synced.
- Shared workspaces: We store non-sensitive data like collections and requests to enable collaboration.
- Execution remains local: Even when collaborating, all requests are still executed in the client environment or via KeyConnector, ensuring no sensitive data is exposed or leaving the boundary.
- Access tokens required: Even machine-machine interactions require valid auth
- Secrets never exposed: Secrets are fetched and used without ever being visible
Secret Management Without Exposure
Whether you're working locally or in a tightly controlled production environment, secrets are managed without being seen:
| Variable Type | Who Can See It | Where It Lives | Usage Context |
|---|---|---|---|
| Non-Sensitive | Everyone | Local (encrypted) | Headers, Base URLs |
| Sensitive | Masked | Local (encrypted) | Auth tokens, passwords |
| KCSV (KeyConnector) | No one | Secret store (Vault, AWS, etc) | Enterprise/prod/local via secure execution |
KeyConnector ensures no user or developer ever sees the secret, regardless of environment.
KeyConnector as a Security Gateway
- Deployed as a Docker container in your infra
- Validates requests using access tokens
- Enforces project-level and secret-level access control
- Executes requests internally and returns only the response
🔍 All executions are logged for audit — including who triggered them, when, and against which secrets.
Least Privilege by Default
Every operation is scoped:
- Workspace-level roles: Who can run or modify requests
- Project-level access: KCSV only works within its project boundary
- Secrets access: KeyConnector enforces permission checks before resolving any variable
This ensures even with full UI access, no one can misuse or extract secrets.
Compliance & Auditability
KeyRunner’s security model supports:
- SOC 2, ISO 27001, HIPAA-aligned practices
- Secrets never leave your infra
- Audit logs for every request execution
- Local encryption for all stored data
Summary
KeyRunner is not just an API client — it's a secure execution environment. From local testing to CI in regulated environments, the same request structure runs safely, with access tightly controlled and secrets completely invisible.
Let us know if you need to extend KeyConnector or enforce advanced policies. We’re here to help design a setup that fits your security model.