MasterPlan Security

The MasterPlan Online platform is built in PHP with client to server communication using AJAX technology and our data is served from a MySQL database. All data transport is secured using industry standard SSL/TLS certificates RSA-signed using 2048-bit RSA keys. The MasterPlan API is REST based using cURL client bindings, and can be accessed using all major languages. All request and response bodies, including errors, are encoded in JSON.

Content in the form of JPG images, TXT text, PDF and EPUB files may be passed to MasterPlan Online only by registered users of the Masterplan desktop app. This code signed macOS app runs alongside Adobe InDesign to prepare and communicate securely with MasterPlan Online using our API. Content is transmitted directly to and remains only on Amazon S3 storage using AWS access keys. More info https://docs.aws.amazon.com/sdk-for-php/v3/developer-guide/getting-started_basic-usage.html

MasterPlan Online admin users define and apply access controls to all client content that is managed with MasterPlan. Viewing and searching of client (publisher), jobs (titles) and individual spreads can be opened up and restricted immediately either by using the GUI or API. MasterPlan access is also controlled to the site and to the minute and can be applied to everyone, groups of users or individuals.

More info on the MasterPlan API can be found here https://masterplan.circularsoftware.com/api