Deepgram Security Basics

Overview

Security best practices for Deepgram integration: scoped API keys, key rotation, Deepgram's built-in PII redaction feature, client-side temporary keys, SSRF prevention for audio URLs, and audit logging.

Security Checklist

API keys in environment variables or secret manager (never in code)
Separate keys per environment (dev/staging/prod)
Keys scoped to minimum required permissions
Key rotation schedule (90 days recommended)
Deepgram redact option enabled for PII-sensitive audio
Audio URLs validated (HTTPS only, no private IPs)
Audit logging on all transcription operations

Instructions

Step 1: Scoped API Keys

Create keys with minimal permissions in Console > Settings > API Keys:

Related skills

deepgram-security-basics

Deepgram Security Basics

Overview

Security Checklist

Instructions

Step 1: Scoped API Keys

More from jeremylongshore/claude-code-plugins-plus-skills

backtesting-trading-strategies

mindmap-generator

svg-icon-generator

performance-lighthouse-runner

tracking-crypto-prices

d2-diagram-creator