Security Overview
Defense-in-depth security architecture with middleware chain, rate limiting, input validation, and security headers
Protected Routes & Middleware
Configure route protection with Clerk middleware, manage public routes, and protect API endpoints
Row Level Security
How Kit secures database access — application-layer security model and optional Supabase RLS policies
Webhooks & Customer Portal
Lemon Squeezy webhook events, HMAC-SHA256 signature verification, and customer portal integration