WhiteBooks Security

Defense in depth across transport, authentication, authorisation, and audit. Every layer hardened to standards expected by enterprise procurement: TLS 1.2+ in transit, AES-256 at rest, OAuth 2.0 + bearer tokens with 1-hour expiry, optional IP allow-listing and SHA256-RSA request signing on Enterprise, RBAC across dashboard users, full audit logs retained 7 years per GST law.

Transport security

• TLS 1.2 minimum, TLS 1.3 preferred. HTTP, SSL, TLS 1.0, TLS 1.1 rejected at the edge.
• HSTS with 1-year max-age and includeSubDomains.
• Certificate transparency: all certs logged to CT logs; pinning available on Enterprise.
• Perfect Forward Secrecy via ECDHE key exchange.

Authentication

• OAuth 2.0 client_credentials grant. 1-hour bearer-token expiry. Tokens issued against rotateable client_id + client_secret pairs.
• Optional IP allow-listing per client_id — requests from non-allowed IPs receive HTTP 403.
• Optional SHA256-RSA request signing on Enterprise. Customer signs request body with private key; WhiteBooks verifies against registered public key. Prevents request tampering even if a bearer token is leaked.
• Webhook delivery includes HMAC-SHA256 signature (X-WhiteBooks-Signature) using a shared secret.

Authorisation (RBAC)

• Dashboard users have one of: Owner, Admin, Filer, Read-only.
• Owner can manage billing + API credentials; Admin can manage everything except billing; Filer can submit GST returns / generate IRN but not change settings; Read-only can view but not act.
• Multi-GSTIN scoping — users can be restricted to specific GSTINs within a single account.
• SSO via SAML 2.0 or OIDC on Enterprise.

Data protection

• All data at rest encrypted with AES-256 (customer-master keys or AWS KMS).
• Database snapshots encrypted; backups stored encrypted in a separate AWS account with restricted IAM access.
• Privileged access logged + reviewed monthly.
• Production data is never copied to non-production environments. Sandbox uses synthetic data.

Audit logging

Every state-changing API call writes to an append-only audit log retained for 7 years (matches GST Act retention requirements). Customers can pull their audit log via GET /accounts/api/v1/audit-log. Each entry includes timestamp, requestId, client_id, action, target, IP, user-agent, result.

Vulnerability disclosure

RFC 9116 policy at /.well-known/security.txt. Email security@whitebooks.in. Acknowledgement within 2 business days; high-severity patches within 30 days.

Related

Part of the WhiteBooks Enterprise cluster. Last updated 27 May 2026.