# Thauth Acceptable Use Policy _Last Updated: April 22, 2026_ This Acceptable Use Policy (“AUP”) governs your use of the Thauth Service. By using the Service, you agree to comply with this AUP. Violations may result in suspension or termination of access. --- ## 1. Purpose This AUP is designed to ensure that the Service is used: - Lawfully - Securely - Without harm to Thauth, its infrastructure, or other customers --- ## 2. Prohibited Activities You may not use the Service to: ### 2.1 Illegal Activity - Violate any applicable law or regulation - Facilitate criminal activity - Process data without a lawful basis --- ### 2.2 Abuse of the Service - Send excessive or abusive API requests - Attempt to degrade performance or availability - Circumvent usage limits or billing mechanisms - Exploit bugs or vulnerabilities --- ### 2.3 Security Violations - Attempt unauthorized access to the Service or systems - Probe, scan, or test vulnerabilities without authorization - Interfere with authentication or authorization mechanisms - Use stolen or unauthorized credentials --- ### 2.4 Malicious Use - Upload or transmit malware, viruses, or harmful code - Use the Service to support denial-of-service attacks - Introduce malicious payloads into API requests --- ### 2.5 Misuse of Authorization Decisions You may not: - Use the Service to simulate or fake authorization results - Use the Service in a way that misleads users about access control - Rely on the Service in safety-critical systems where failure could result in harm without implementing appropriate safeguards --- ### 2.6 Data Misuse - Submit unlawful, infringing, or harmful data - Process personal data without proper authorization - Use the Service to track or profile individuals unlawfully --- ### 2.7 Interference with Other Customers - Use the Service in a way that negatively impacts other users - Consume disproportionate system resources --- ## 3. API and Infrastructure Usage You must: - Use API endpoints as documented - Implement reasonable rate limiting on your side - Secure API Keys and credentials You must not: - Share API keys publicly - Use automated tools to overload endpoints - Attempt to reverse engineer API behavior beyond documented usage --- ## 4. Monitoring and Enforcement Thauth reserves the right to: - Monitor usage patterns - Investigate suspected violations - Suspend or restrict access - Remove or block abusive traffic We may take action without prior notice where necessary to: - Protect system integrity - Prevent harm - Comply with legal obligations --- ## 5. Reporting Violations If you become aware of misuse, you may report it to: 📧 **legal@thauth.dev** --- ## 6. Consequences of Violations Violations may result in: - Temporary suspension - Permanent termination - Legal action where applicable --- ## 7. Updates We may update this AUP from time to time. Continued use of the Service constitutes acceptance of the updated policy.