Signed URL Validation
Each request is verified against a client secret and timestamp window.
Security
Signed delivery and operational control by default
Trust controls surfaced clearly for campaign, engineering, and compliance stakeholders.
Core model
Requests include client ID, timestamp, and signature before rendering is allowed.
Client-Level Isolation
Access is scoped by client identity and active secret state.
Rate & Abuse Controls
Designed to support rate limits and optional origin allowlisting.
Operational Logging
Event logging supports troubleshooting and usage visibility.
Data Handling
Simple and pragmatic
Rendered assets
Images are generated on demand from request parameters.
Credentials
Client secrets are stored server-side and never exposed in templates.
Telemetry scope
Usage events support service health and client-level monitoring.