Local media processing
File discovery, verification and organization are designed to run during ingest on the user’s workstation. Original media is not uploaded to Forge-operated storage as part of ordinary ingest.
SECURITY
Forge is designed to automate media work without turning the application into another place that stores the user’s entire archive.
File discovery, verification and organization are designed to run during ingest on the user’s workstation. Original media is not uploaded to Forge-operated storage as part of ordinary ingest.
A connected platform receives media only when the user selects that destination and starts the relevant action.
Native culling stores unreviewed, selected and rejected state inside Forge without changing ratings, flags, labels, EXIF, IPTC, embedded XMP or source files.
Forge uses internal fingerprints and file evidence for duplicate protection. It does not depend on writing Forge-specific metadata into original media.
Production integrations are designed to request only the provider permissions required for the selected action.
Available integrations will support disconnection in Forge and independent revocation through the provider’s account-security controls.
INTEGRATION SECURITY
Forge Flow files describe workflow behavior. They should not contain account passwords, OAuth client secrets or reusable access credentials. Account authorization is handled separately from portable workflow configuration.
Production integrations are designed to use HTTPS, provider-issued authorization flows and secure operating-system credential storage. Forge will update this page as controls move from design into release validation.
REPORT A SECURITY ISSUE