12. 🛡️Security Considerations
The Kleber App follows essential security practices to protect user data and ensure secure communication with the InvestGlass backend. Below is a summary of how authentication, token handling, caching, and secure communication are implemented.
🔐 Token-Based Authentication
- All API requests are authenticated using an access token
- Token behavior:
- ⏱️ Expires after 15 minutes of inactivity
- 🕛 Invalidated automatically after 24 hours
- If the token is expired or missing:
- The app receives a
401 Unauthorized
response - The user is redirected to the login/onboarding screen
- The app receives a
🧾 Two-Factor Authentication (OTP)
- The app supports OTP verification for enhanced login security
- Relevant endpoints:
/portal_auth/send_otp
/portal_auth/verification_code
- Used post-login for verification
📦 Caching Policy
- Only non-sensitive data is cached:
- Selected theme (dark / light / system)
- Selected language
- Temporary file/image previews
- On logout:
- All cached data is cleared
- Only theme and language settings are preserved
📡 Secure API Communication
- All communication is encrypted via HTTPS
- Base API endpoints:
https://staging.investglass.com/client_portal_api/
https://app.investglass.com/client_portal_api/
- Used for login, documents, portfolios, transactions, etc.
🚫 Local Data Storage
- No sensitive personal or financial data is stored on the device
- Token and session data are short-lived and securely cleared
- Local preferences are stored only when required (e.g., theme)
✅ Summary Table
Feature | Description |
---|---|
🔑 Access Token | Required for all API requests; expires after 15 min idle or 24h total |
🧾 OTP | Two-factor authentication supported using verification endpoints |
📦 Local Caching | Limited to UI preferences and temporary previews |
🧹 Cache on Logout | Cleared on logout except for theme/language |
🔒 HTTPS Communication | All API traffic is secured via HTTPS |
❌ Local Financial Storage | No persistent storage of personal or financial data on device |
Updated 4 days ago