How does DreamFactory enforce AI data security?
DreamFactory creates a self-hosted, governed data API layer where all AI models and enterprise applications must pass through the same authentication, authorization, and threat-protection controls before touching enterprise data. DreamFactory's AI data gateway uses identity passthrough, role-based access control (RBAK), and row-level policies so AI data governance, artificial intelligence security, and AI data security are enforced at the gateway instead of scattered across applications.
Self-hosted security perimeter
Keep the AI data governance layer inside your network and under your policies
Authentication federation
Reuse existing identity providers for consistent artificial intelligence security
Granular authorization and identity passthrough
Enforce least-privilege, field/row controls, and downstream identity
Threat protection
Stop common attacks and malformed requests at the data API edge
Auditability and governance visibility
Capture who accessed what, when, and how across AI and applications
Self-Hosted Security Perimeter
DreamFactory keeps your AI data governance and data access layer inside your own network boundary so your security and compliance policies—not a vendor's SaaS—define the rules.
On-prem and private cloud first
Deploy on Linux servers, private cloud, or containers instead of multi-tenant SaaS
Air-gapped and regulated environments
Run with no internet access where regulations require strict AI data security
Edge and hybrid control
Place the data API layer near plants, branches, or devices with centralized policy enforcement
Authentication Federation
DreamFactory plugs into your existing identity providers so AI systems, services, and users authenticate the same way everywhere, strengthening overall artificial intelligence security.
API key and token auth
Support for API keys, OAuth 2.0, OpenID Connect, and JWT validation
Enterprise directory integration
Map LDAP/Active Directory and SAML/SSO users and groups into roles
Strong client identity
Add mutual TLS and optional MFA for high-value APIs and sensitive operations
Granular Authorization and Identity Passthrough
DreamFactory enforces least-privilege access down to individual fields and rows and passes identity through to data systems so existing policies and AI data governance controls continue to work.
Role-based access control
Govern which APIs, methods, and resources each user, service, or AI agent can call
Attribute-based policies
Use user, resource, and contextual attributes for fine-grained decisions
Field-level security
Mask, redact, or block sensitive fields by role and attribute
Row-level security
Enforce per-row entitlements so consumers only see allowed data
Identity passthrough
Preserve real user identity and groups for downstream RLS and audit policies
Threat Protection
DreamFactory stops common attack patterns and malformed requests at the data API edge, protecting databases and services behind the AI data gateway.
SQL injection prevention
Controlled query patterns and validation to block injection attempts
Web security controls
Cross-site scripting protection, CORS management, and payload-level encryption options
Network-aware controls
IP allow/deny lists and geo-blocking via scripting for origin-based filtering
Request validation
Schema and rule checks on incoming payloads to reject unsafe input before execution
Auditability and Governance Visibility
DreamFactory records who accessed what, when, and how—even when AI agents are in the loop—so AI data governance and AI data security are observable, not assumed.
Audit logging
Track security events, configuration changes, and data API usage across AI and applications
Usage analytics
See which APIs, data sources, teams, and AI workloads consume which data and how often