Security & Authentication

Remnus uses OAuth 2.0 with Google and GitHub as identity providers — we never store passwords. When you click "Sign in with Google", your credentials go directly to Google's servers. We only receive a verified email address and profile name. Sessions are managed via secure, httpOnly cookies using Auth.js v5.

AI agents (Claude Desktop, Cursor, Windsurf, etc.) authenticate to the MCP API using Personal Access Tokens (PATs). Tokens are prefixed rmns_ and the secret portion is stored only as a bcrypt hash — we cannot recover the plaintext. Tokens support read or write scope, optional expiry, and can be revoked at any time from Workspace Settings → Tokens.

Remnus supports the MCP OAuth 2.1 standard (RFC 9728). Compatible clients (Claude Desktop, etc.) open a browser login flow instead of requiring you to paste a token. Access tokens expire after 1 hour; refresh tokens rotate on every use and expire after 30 days. The PKCE S256 challenge prevents authorization code interception. Clients register dynamically via RFC 7591.

Every token — whether a PAT or OAuth — is locked to a single workspace and carries one of two scopes. Read scope allows listing pages, querying databases, and searching content. Write scope additionally allows creating, editing, and deleting pages and database rows. No token can ever access workspaces it was not explicitly granted.

Every MCP tool call is recorded in an immutable audit log (agent_activity table) with the tool name, status, timestamp, and token identifier. The last 60 entries are visible in the Workspace Settings → Tokens panel. Audit logs are retained for 7 days on the free plan and 90 days on Pro.

If you discover a security vulnerability, please email security@remnus.com with a description and reproduction steps. We aim to respond within 48 hours and will credit researchers with their consent. Please do not publicly disclose issues until a fix has been released.