Security policy - mathcoll/t6 Wiki

Various level of security

Authentification process

All of these modes generates a signed JWT from the server and can be used fo a limited time.

Session duration

Sessions on t6 is using JWT short life Bearer tokens. Session last 5 minutes before token expires itself. Additionally, during authentication process a refreshToken is provided by t6 (this token last 24hours) giving the ability to refresh the token.

Data hosting

t6 on Saas is hosting data in Europe. And 2 alternatives are available to bypass this behaviour :

CWE - Common Weakness Enumeration

t6 tend to follow Common Weakness Enumeration list. Here are the specific declarative list of mitigation efforts completed on t6: