Features Integrations Security Contact Book a Walkthrough

Built to protect your order data

Vendorsline runs your dealers, vendors, orders, and pricing — so isolation, encryption, and access control are designed in, not bolted on.

Multi-tenant data isolation

Your data stays yours
  • Every record is scoped to a tenant ID, enforced on every request
  • Database access is request-scoped, so tenant context is injected automatically
  • A separate, read-only demo tenant keeps evaluations away from live data

Encrypted credentials

Secrets never sit in the clear
  • Vendor store API keys are encrypted at rest with AES-256-GCM
  • Stored secrets are never sent back to the browser — only a "configured" status
  • Integration credentials can be paused without being exposed or deleted

Session authentication

Verified accounts only
  • Session-based login backed by server-side, PostgreSQL-stored sessions
  • Email verification before an account becomes active
  • Self-service password reset over time-limited, single-use links

Device trust

New device? Verify first
  • Logins from an unrecognized device or IP trigger an extra verification step
  • Trusted devices are remembered so day-to-day access stays frictionless
  • Verification links expire and can't be reused

Role-based access

Admin, rep, and dealer roles
  • Admins, sales reps, and dealers each see only what their role allows
  • Permissions are enforced at the API, not just hidden in the UI
  • Users can be deactivated or have their role changed at any time

Hardened & tested

Defense in depth
  • Security headers, rate limiting, CORS, and input sanitization on the API
  • Automated tests assert that protected endpoints reject unauthenticated access
  • Demo mode blocks writes, so a public demo can't mutate data

You own your data

Your orders, dealers, products, and pricing belong to you. Catalog data can be exported to a spreadsheet at any time, and dealer lists export to Excel directly from the app. There's no lock-in on the data you put into Vendorsline.

Have a security or compliance question that isn't answered here? Get in touch — we're happy to walk your team through how Vendorsline handles your data.