The SnapLogic Agentic Integration Platform is built to meet enterprise-grade security and compliance expectations, delivering trusted and secure data integration. See our security standards.

SnapLogic Platform Architecture — SnapLogic Platform for Agentic Integration Architecture

Cloud application security

The SnapLogic platform prioritizes security and customer control, enabling users to manage access rights. It does not collect personal data or pipeline content. Metadata and logs are hosted on the secure AWS cloud, and the platform is agnostic regarding AI and LLM models, giving customers the flexibility to choose solutions that meet their specific business and compliance needs.

Access the Security and Privacy Overview White Paper

Data management and data encryption

SnapLogic safeguards sensitive customer data with encryption (including disk-level) and access controls. Data is not persisted by default; it is encrypted at the account level and only processed via customer-defined pipelines. The platform supports Bring Your Own Key (BYOK) for encryption.

Runtime data security

SnapLogic’s stateless platform stores only customer metadata, while runtime security is supported through secure connectors using encrypted protocols such as JDBC, HTTPS-based REST/SOAP, and MCP, along with standards-based authentication including OAuth 2.0 and OpenID. Additional protections include data masking, obfuscation, access controls, and account encryption using a public/private key model, with enhanced options that keep private keys under customer control.

Password security management

The SnapLogic Platform server offers a robust authentication and privilege model, allowing administrators to precisely grant or restrict access to all components and pipelines. Access rules are applied to every request. It supports group assignments and industry-standard Single Sign-On (SSO) via SAML, Active Directory, Open AM, OKTA, Ping, and more.

Meet with our integration security experts

Book a Demo

Compliance certifications

SnapLogic upholds the highest security and compliance standards so that our customers do not have to compromise data integration with security and governance.

The SnapLogic Platform for Agentic Integration is certified by third parties with SOC 1 Type 2 (ISAE 3402 / SSAE 22), SOC 2 Type 2, SOC 3, and HIPAA-HITECH. Additionally, the platform is compliant with CCPA (California Consumer Privacy Act), GDPR (EU: General Data Privacy Regulation), and general privacy standards.

The SnapLogic Platform runs on Amazon Web Services (AWS) cloud infrastructure, one of the most powerful and flexible cloud computing environments. We leverage the security and compliance capabilities of AWS, including ISO 9001, ISO 27001, ISO 27017, ISO 27018, SEC Rule 17-a-4(f), DIACAP, FISMA, ITAR, CIS, CJIS, CSA, MPAA, MTCS Tier 3, G-Cloud, and DoD CSM Levels 1-2 and 3-5.

Metadata

While SnapLogic does not store any customer data within the platform, metadata resides in the platform. The metadata is secured inside the protected SnapLogic environment, and only accessed by the SnapLogic Control Plane Services – no access is permitted by any outside service. Additionally, sensitive data, such as account information is always encrypted.

Network and facilities infrastructure security

The SnapLogic Agentic Integration Platform supports all application and data integration processes – on-premises, cloud, hybrid, or embedded. SnapLogic consists of a multi-tenant cloud service for creating, managing, and monitoring integrations – data processing can be run in a private cloud and/or behind your firewall.

Communication with endpoints

Communication between the SnapLogic Integration Cloud, the control plane, and the on-premises processing components is established via SSL encryption on port 443. Communication between the control plane and cloud-based processing components is over HTTPS. The platform communicates with the data plane over HTTPS.

Security FAQs

SnapLogic encrypts all endpoint credentials using an environment-specific asymmetric key pair before they leave the browser and transmits them securely over HTTPS. Credentials are stored encrypted at rest in the control plane and are only decrypted in memory by the Snaplex at runtime, never persisted locally. For added security, organizations can enable Enhanced Account Encryption or integrate with third-party secrets managers so SnapLogic never has access to private keys or stored credentials.

SnapLogic uses admin-controlled user accounts and groups to manage access to the platform and shared assets. To reduce the risk of unauthorized access, SnapLogic supports Multi-Factor Authentication (MFA) and Single Sign-On (SSO) using SAML 2.0–compliant identity providers, allowing organizations to enforce strong, centralized authentication policies.

SnapLogic runs production pipelines through Triggered, Scheduled, and Ultra Tasks, each with controlled task URLs. Both the control plane and data plane authenticate Triggered Task requests, and access can be restricted using task-level authentication and permissions. This ensures only authorized users or applications can invoke pipelines, regardless of whether they run on SnapLogic-managed Cloudplexes or self-managed Snaplexes.

SnapLogic secures all communications using TLS, including TLS 1.3 for control plane traffic, to ensure strong encryption and performance. The platform regularly updates control plane certificates, while Groundplex nodes use self-signed certificates that can be trusted via client configuration or load balancer termination. This approach ensures secure, encrypted communication across cloud, on-premises, and hybrid environments.

Need to report a security issue?

If you believe you’ve discovered a vulnerability in SnapLogic security or have a security inquiry, please contact us at [email protected] and we will promptly respond.