Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.attio.com/llms.txt

Use this file to discover all available pages before exploring further.

If your app uses the App SDK, your code will be reviewed by the Attio team before it can be published. This page describes a non-exhaustive list of issues our team will look for during code review.

Security and privacy

  • Sensitive data (e.g. API keys, secrets, or tokens) MUST NOT be exposed in client-side code or exist as unencrypted data anywhere in the codebase.
  • All sensitive data MUST be stored and handled securely.
  • All external API calls MUST be authenticated appropriately.
  • All webhooks received by the app MUST be verified appropriately.
  • PII MUST NOT be sent externally without appropriate consent.
  • PII MUST NOT be logged.

Quality

  • As far as is possible, your app SHOULD be free of runtime errors and unhandled exceptions.
  • Your app SHOULD handle loading and error states gracefully.
  • Your app’s UI SHOULD be responsive and consistent with Attio’s design language.
  • All form inputs MUST be validated correctly.

Production-readiness

  • Your app MUST NOT use any experimental or deprecated API features.