What is AM Pilot's security architecture?

AM Pilot operates on a shared platform architecture designed for multi-tenant environments with tenant-scoped isolation. The backend is powered by a Node.js API service, data is stored in PostgreSQL with strict tenant scoping, and files are stored in tenant-scoped paths using Cloudflare R2 object storage. Organizations with higher security requirements can deploy AM Pilot on their own infrastructure.

What authentication method does AM Pilot use?

AM Pilot uses managed authentication through Auth0 for tenant login flows. Sessions are stored server-side with secure HTTP-only cookies for session handling. Access tokens include tenant and role-based claims for proper authorization.

How does AM Pilot handle file security?

Manufacturing files are treated as sensitive data. Uploads are stored in tenant-scoped locations, supported file types are validated (STL, STEP, 3MF), upload size limits are enforced, and file paths are normalized to prevent unsafe handling.

Security

Security – AM Pilot

Last updated: 2026, 24th April

1. Overview

AM Pilot is designed as a tenant-aware platform for managing additive manufacturing operations. Security is built into the architecture to ensure that customer data, workflows, and integrations remain isolated, controlled, and protected.

AM Pilot is designed around tenant-scoped isolation with optional self-hosted deployments.

Customers operate in isolated workspaces within the shared platform, while organizations with higher security requirements can deploy AM Pilot on their own infrastructure to retain full control over data and environment.

2. Architecture and Hosting

AM Pilot operates on a shared platform architecture designed for multi-tenant environments.

Customer portals, admin portals, and internal tools are separated at the application level
The backend is powered by a Node.js API service
Data is stored in a shared PostgreSQL database with strict tenant scoping
Uploaded files are stored in tenant-scoped paths using Cloudflare R2 object storage

Tenant routing is domain-based, ensuring that each workspace operates within its own isolated context.

3. Tenant Isolation

AM Pilot is designed around tenant isolation. Each workspace is resolved from its tenant domain, and all customer, order, model, configuration, and integration data is scoped to that workspace.

Access control mechanisms ensure that tenant users cannot access data from other tenants. Administrative actions are restricted to users belonging to the corresponding tenant.

4. Authentication and Sessions

AM Pilot uses managed authentication through Auth0 for tenant login flows.

Sessions are stored server-side
Secure HTTP-only cookies are used for session handling
Access tokens include tenant and role-based claims

This allows API requests to be validated and authorized against the correct tenant workspace.

5. Access Control

AM Pilot enforces role-based access control across the platform.

Customer users access only their own data and orders
Tenant administrators manage their own workspace
Platform-level access is restricted and controlled

All administrative operations require authentication and tenant validation.

6. File and Model Upload Security

Manufacturing files are treated as sensitive data and handled accordingly.

Uploads are stored in tenant-scoped locations
Supported file types are validated (e.g. STL, STEP, 3MF)
Upload size limits are enforced
File paths are normalized to prevent unsafe handling

7. Integration Security

AM Pilot integrates with third-party services such as payment providers, logistics platforms, and communication tools.

Webhook events from external services are signature-verified
Integration credentials are managed per tenant where supported
Sensitive credentials are not exposed in client-side applications

8. Application Security Controls

The platform applies standard web security practices to protect users and data.

Security headers are enforced (including content protection and transport security)
Cross-origin requests are restricted to approved tenant and platform domains
Authenticated write operations validate request origin

9. Monitoring and Reliability

AM Pilot includes operational monitoring to support reliability and incident response.

Request identifiers are assigned to API calls
Slow or failing requests are tracked
System events are logged with tenant context where available
Health checks are used to monitor service status

10. Data Ownership and Control

Customers retain full ownership of their data within AM Pilot.

For self-hosted deployments, all data remains entirely under the customer’s control. AM Pilot does not access or process such data unless explicitly authorized for support or maintenance.

11. Compliance Approach

AM Pilot is designed with modern data protection principles in mind, including data minimization, access control, and secure processing practices.

We provide a Data Processing Agreement (DPA) to define responsibilities for handling personal data between AM Pilot and its customers.

We do not claim specific certifications unless formally obtained.

12. Contact

For security-related questions or concerns, contact:

AM Pilot
hello@am-pilot.com