Security & Data

Phantasmo is designed with consistent authentication and secure data handling across all clients.

Authentication

• Web uses Clerk session cookies for authenticated requests.
• Mobile uses OAuth bearer tokens issued by Clerk.
• Chat apps (MCP) use OAuth 2.1 for tool access.

Token Security

• OAuth tokens for cloud storage connectors are encrypted at rest using AES-256-GCM.
• Tokens are decrypted only when needed to access your connected services.

Account Data Controls

In Settings > Account, you can access:

• Subscription management
• Data export
• Account deletion flows

Related Docs

• Chat App Integrations
• Cloud Storage
• Settings & Preferences