Security

How ContextDock protects your workspace.

ContextDock is built so teams can keep context private, share it intentionally, and connect AI clients without turning the workspace into a public dump of prompts and documents.

Visibility controls

Context visibility is limited to private and team workspaces in the app UI.

Authenticated access

Sessions use JWT authentication, while supported MCP clients use OAuth and other tools can use scoped API keys.

Operational hygiene

Rotate keys regularly, use least-privilege team roles, and disable access when a key or session is no longer needed.