Comment on page
Bubble's security features
This article provides a general overview of the different security features Bubble as a platform offers.
Note: Should there be any inconsistencies between the content provided below and Bubble's official terms of use or other policy documents, the terms and provisions specified in Bubble's official documents shall take precedence and prevail. Always refer to Bubble's official legal documents for definitive guidance.
Bubble provides robust security measures for your account, including industry-leading authentication methods, two-factor authentication (2FA), and Single Sign-On (SSO) capabilities.
With Bubble's privacy rules, you can set specific conditions on who can search for, view, and modify data. By applying these rules, you make sure that sensitive information remains protected and accessible only to the intended users, safeguarding the integrity and confidentiality of your data.
Bubble's secure file hosting ensures that all your uploaded files, such as images, documents, or other media, are stored safely. These files can also be protected with privacy rules to prevent unauthorized access, making sure only you and permitted users can view or interact with them.
Workflow conditions in Bubble's editor give you the power to set particular criteria under which a certain action or workflow will operate. This means specific actions within your app will only run if your set conditions are met.
Bubble's user authentication mechanism facilitates the verification of your end-users identity according to the most up-to-date security standards. By employing robust account creation and sign-in procedures and combining it with other security tools such as privacy rules and conditions, you have a high degree of control over who can access what in your app.
Article: User authentication
Bubble uses Cloudflare and an in-house DDoS (Distributed Denial of Service) protection system to monitor, track, and block even the most granular attacks so that your Bubble applications remain resistant to malicious disruption attempts.
Bubble employs HTTPS encryption to ensure all data transmitted between your browser and Bubble's servers is encrypted.
With Bubble's Data API and Workflow API authentication, you're assured that any external requests to your Bubble applications are both authenticated and authorized. By setting up secure tokens or specific authentication methods, you maintain control over who has the ability to access your app's data and initiate workflows.
Bubble offers server logs, to capture various interactions and activities within the platform. These logs are invaluable for monitoring, troubleshooting, and ensuring your application's security and performance.
By default, Bubble's apps require a username and password to preview.
Last modified 3mo ago