Encryption

Langfuse employs robust encryption methods to protect your data both while it’s being transferred and while it’s stored.

This page describes the encryption practices for Langfuse Cloud. For self-hosted deployments, please refer to the Self-hosting Guide.

Encryption in Transit

All data transferred between your applications, the Langfuse SDKs, and the Langfuse server is encrypted using TLS (Transport Layer Security). This ensures that data is protected from eavesdropping or tampering during transmission.

Encryption at Rest

Data stored within the Langfuse infrastructure is encrypted at rest using AES-256, a strong industry-standard encryption algorithm.

This applies to data stored in:

ServiceEncryption Standard
Elasticache (Redis)AES-256
Aurora (Postgres)AES-256
ClickhouseAES-256
S3 / Blob StorageAES-256

Contact

For questions regarding encryption practices, please contact [email protected].

Was this page useful?

Questions? We're here to help

Subscribe to updates