Docs : FAQ

What data does Userbase end-to-end encrypt?

Items, item ID's, files, and database names stored using the openDatabase, insertItem, updateItem, deleteItem, putTransaction, and uploadFile APIs are end-to-end encrypted. Other user data and metadata, such as usernames, timestamps, write access permissions, and user activity logs, are encrypted on the wire and at rest, but are not end-to-end encrypted.

Where is the user's encryption key stored?

The user's encryption key gets randomly generated when the user creates an account, and this key gets encrypted itself with another key derived from the user's password. The encrypted key gets stored on the Userbase server, and the user retrieves it back after every successful login. The Userbase server never sees the user's password, and it only receives an scrypt hash of the password that gets computed client-side.

Has the code been audited?

Yes, Cossack Labs - an independent team of security specialists - audited the code. See more on the security review here.

Can Userbase be used without end-to-end encryption?

Yes, Userbase offers two encryption modes for each app you create: end-to-end and server-side.

End-to-end (default)

Userbase encrypts all database operations in the browser with user-controlled keys. No one but your users and the people they share data with can access their encrypted data, not even us. This mode helps you prevent personal data misuse, and lets you offer a high level of data privacy.


Userbase encrypts data on the wire and at rest. The Userbase server has access to user data stored in this mode. This mode still protects you from personal data misuse, and offers a higher level of data privacy than most comparable services.

What happens if a user forgets their password?

In the end-to-end encryption mode (the default)...

Regaining access to end-to-end encrypted data is possible, but only when the user has provided an email address during signUp or updateUser, and when the user has previously signed in with the rememberMe option set to 'local'. In this case, the user will have the encryption key saved in the browser's local storage, and the user will be able to regain full access to their data by getting a temporary password via email. The user must still have access to a previously used device in order to be able to reset the password in this way. Therefore, if you want to allow your users to reset their password, make sure to set rememberMe to 'local' during signUp and signIn, and make sure you require an email address during signUp and updateUser. We still recommend that when you use the 'end-to-end' encryption mode, you inform your users that since their data is end-to-end encrypted, they should take care to store their password in a safe place, such as a password manager. Recovery will not be possible if the user loses access to all previously used devices.

If the user forgets their password and loses access to all previously devices, the user can still regain access to their account and delete all inaccessible end-to-end encrypted data by passing the deleteEndToEndEncryptedData parameter to forgotPassword.

In the server-side encryption mode...

The user can call forgotPassword to have a temporary password sent to their email. The user can then sign in using the temporary password, and then change their password using updateUser to regain access to their account and all their data, just like normal. Make sure you require an email address from your users during signUp and updateUser.

What can I see about my users?

You can see the list of usernames, the time the user accounts were created, the user's email address or profile if provided, custom fields set by you via Update User in the Admin API, as well as subscription data if accepting payments.

What can I do with my users?

From the Admin panel you can see all your users, permanently delete user accounts, and generate access tokens to interact with users via the Admin API. Using the Admin API, you can see all users, update custom fields on users, and authenticate users. Using userbase-js-node, you can selectively share databases with users and modify data in those databases, or interact with databases users share with you.

How can I delete my Userbase Admin account?

You can delete your Userbase Admin account from the Admin panel. Once you delete your Userbase Admin account, all your apps will stop working. If you deleted your account in error, please get in touch to check if we can still recover it.

What happens if I exceed the storage limit?

Your apps will continue to function normally, but we will ask you to upgrade to a storage plan. If you have already purchased a storage plan, we charge $0.10 / GB / month per for each GB stored above the plan's limit.

Can data be shared across users?

Yes, using the shareDatabase API.

Can data be shared globally?

Yes, by generating share tokens using the shareDatabase API and sharing those tokens.

How does Userbase help me with GDPR compliance?

Userbase helps you implement the necessary GDPR controls, avoid personal data misuse, and give your users control over their data. If you need assistance with GDPR compliance, please get in touch.

How durable is the data stored in Userbase?

Userbase only acknowledges data modification requests once the data has been successfully persisted to Amazon DynamoDB. This is a highly-durable service that synchronously replicates data to at least three isolated geographical zones before acknowledging a write operation. Userbase has continuous backups enabled on all its DynamoDB tables with a 35 day recovery window.

What services does Userbase depend on?

Userbase runs entirely on Amazon Web Services, in the us-east-1 region. The availability of the Userbase service depends on Amazon EC2, Amazon S3, and Amazon DynamoDB.