Platform-compliant publishing

Security & Trust at Scalyn

The #1 question teams ask: “Will my accounts be safe?”
Scalyn uses official APIs and secure OAuth flows so platforms recognize Scalyn as a legitimate integration — not a bot or unusual tool.

Official APIsOAuth tokensNo passwords storedEncryption2FA / RBAC

OAuth → Official APIs

Platform-approved publishing pipeline

You

Authorize

Platform

You log in on the platform (OAuth)

Platform

Issues

Token

A scoped access token is granted

Scalyn

Publishes

Via API

Content is sent to official endpoints

Scalyn does not ask for your social passwords. You can revoke access at any time from the platform settings.

Official integrations

We publish via platform-approved OAuth + API endpoints — not via extensions, scraping, or bot techniques.

Defense-in-depth

TLS in transit, encryption at rest, RBAC/MFA, audit logs, and continuous monitoring.

Clear guidance

Safe-use tips, token refresh guidance, and fast support if something looks off.

What keeps your accounts safe

If you're managing hundreds or thousands of channels, safety comes down to one thing: staying inside platform rules. That's why Scalyn is built on official OAuth + APIs.

Official APIs Only (No bots, no scraping)

Scalyn connects and publishes through platform-approved OAuth and official API endpoints — never by password scraping, browser automation, or unofficial workarounds.

Recognized as Legitimate Activity

Because publishing happens through official APIs, platforms can attribute actions to an approved integration (Scalyn), not suspicious automation.

Your Credentials Stay With the Platform

You authenticate via each platform’s login flow (OAuth). Scalyn never asks for or stores your social media passwords.

Least-Privilege Access

We request only the permissions required to publish and manage content. Tokens are scoped and can be revoked any time from the platform side.

We'll recommend best practices for large-scale publishing.

Official API surfaces

We publish and fetch metadata through platform-approved endpoints.

Meta

Instagram Graph API & Facebook Pages API

LinkedIn

LinkedIn Marketing Developer Platform

X

X (Twitter) API v2

YouTube

YouTube Data API

TikTok

TikTok Business/Marketing APIs

Pinterest

Pinterest API

Each platform has its own requirements (account type, page permissions, token refresh, and rate limits). Scalyn follows platform rules to keep publishing stable and compliant.

Core protections

  • Encryption: TLS in transit, AES-256 at rest.
  • Authentication: Email/OAuth logins with optional 2FA/MFA.
  • Access: RBAC, least privilege, scoped tokens.
  • Monitoring & logs: Audit trails and anomaly detection for key actions.
  • Backups & recovery: Regular backups and tested restore runbooks.

Compliance & reviews

  • Periodic security assessments and remediation of identified risks.
  • Vendor risk management for critical third-parties (payments, email, hosting).
  • Secure SDLC practices (code review, dependency monitoring, CI/CD controls).
  • Data processing aligned with regional regulations where applicable.

Two-factor authentication (2FA)

Add a second step to log in with an authenticator app or one-time code. It significantly reduces account takeover risk even if a password is compromised.

RecommendedFast setupBig impact

Questions or security reports?

Contact our support team at mailto:support@postly.ai

Contact Support

mailto:support@postly.ai

For account security questions, suspicious activity, access issues, or compliance inquiries, reach out to our support team directly.