Skip to content


This section describes the basic security features of Quix.

Data in flight


  • Our APIs are authenticated using OAuth 2.0 token. We are using Auth0 as our provider.

  • Each Kafka server is authenticated using certificate, which is provided for each project created and can also be downloaded from topics view. The client is authenticated using SASL (username, password).


  • The APIs is using RBAC. You are limited in what you can do based on your token and the role configured for your user.

  • Each kafka client is authrozied to only read and write to the topics or query consumer group information regarding topics owned by the organization the client belongs to.


  • All our APIs communicate with TLS 1.2

Data at rest

  • Your data is encrypted at rest using cloud provider (Azure) managed keys.

  • Your data is phyisically protected at our cloud provider’s location.