Last updated: May 2026
When you authenticate through Open Auth Bridge, the system temporarily handles the following data in memory:
state parameter provided by the initiating application to ensure tokens are routed to the correct destination webhook.Your data is used exclusively to complete the standard OAuth 2.0 flow — to deliver tokens to the initiating application and to refresh expired tokens when requested. We do not use your data for tracking, analytics, advertising, or profiling.
We do not maintain a database of your tokens. Tokens are held in-memory exclusively during the callback processing and webhook delivery phase. Once the HTTP response is sent, tokens are immediately discarded from server memory.
We do not sell, trade, or share your information with any third parties. Your data is strictly transferred between the OAuth provider (Google/Microsoft) and the application that explicitly initiated the authorization request via the configured webhook.
Our use and transfer of information received from external APIs adheres to strict provider guidelines:
Because we do not store your tokens, you cannot delete your account with us (as you do not have one). You retain full control and can revoke access at any time directly through your provider:
If you have any questions about this Privacy Policy, please contact the service administrator at arshman.me.