Privacy Policy

Last updated: January 2025

Overview

AuthnzNet is a development tool designed to help developers test OAuth 2.0 integrations locally. This privacy policy explains how we handle information when you use AuthnzNet.

Important: AuthnzNet is intended for development and testing purposes only. Do not use it in production environments or with real user data.

Data Collection

When you use AuthnzNet, the following information may be stored locally on your development machine:

  • Tenant information (names, domains)
  • OAuth client credentials (client IDs, secrets, redirect URIs)
  • User accounts created for testing (email addresses, hashed passwords)
  • OAuth tokens and authorization codes
  • Server logs and debug information

Data Storage

All data is stored locally on your development machine. AuthnzNet does not:

  • Send data to external servers
  • Share data with third parties
  • Collect analytics or telemetry
  • Store data in the cloud

By default, data is stored in a SQLite database in your user profile directory. You can configure the database location using the CLI.

Security

While AuthnzNet implements OAuth 2.0 security best practices, it is designed for development use only:

  • Passwords are hashed using industry-standard algorithms
  • OAuth tokens are securely generated and stored
  • HTTPS is supported but not required for local development
  • The database is stored locally and not encrypted by default
Security Warning: Do not use real user credentials or sensitive data with AuthnzNet. Use test data only. AuthnzNet is not hardened for production use.

Email Communications

AuthnzNet can send email verification messages when configured with SMTP settings. These emails are sent directly from your development machine using your provided SMTP server. We recommend using email testing services like Mailhog or Papercut for development.

Third-Party Services

This website uses:

  • Tailwind CSS (via CDN) - For styling
  • Alpine.js (via CDN) - For interactive UI components

The AuthnzNet server itself does not use any third-party services or analytics.

Data Deletion

You have full control over your data:

  • Delete individual tenants, clients, or users using the CLI
  • Remove the entire database file to delete all data
  • No data is retained outside your local machine

Open Source

AuthnzNet is open source software. You can review the source code to verify how data is handled: github.com/noundry/authnznet

Changes to This Policy

We may update this privacy policy from time to time. Significant changes will be announced through the project's GitHub repository.

Contact

If you have questions about this privacy policy or AuthnzNet, please: