React DND Builder

Security

Practical recommendations for tokens, uploads, and safe usage in production.

Token best practices

  • Use short-lived or revocable tokens.
  • Bind tokens to a customer/workspace when possible.
  • Rotate tokens if leaked.

Upload safety

  • Enforce file type allowlist (png, jpg; be careful with svg).
  • Enforce max size limits.
  • Consider antivirus scanning for enterprise plans.

Data handling

  • Store exported json to allow editing later.
  • Store exported html for sending emails.
  • If you enable image export, store image for previews in your UI.

Uploads

API Reference

Theming

Customize the builder UI using primaryColor and CSS variables.

On this page

Token best practicesUpload safetyData handling