How it works

When you create a project on Flytrap, you get three keys, a publicApiKey, secretApiKey and privateKey. The publicApiKey is the public key of a RSA 2048-bit keypair, and the privateKey is the corresponding private key.

When a bug is captured, it is first encrypted on the end-users client (or the server, depending on where the bug was captured), after which it gets sent to the Flytrap API. On the Flytrap API, it is saved as is, in encrypted state. This means that your capture data is encrypted both during transit and at rest, so no Man-in-the-Middle attacks can happen, as well as no database breaches compromise your captured data.


Because of the nature of Flytrap capturing everything prior to an error, it means that each capture potentially contains sensitive information. Because of this, it is very important to take good care of the private key.

The private key should ideally be only stored on the employees computers, and never stored on a external medium.

Learn more

Explore how you can use Flytrap to ship more confidently, solve bugs faster and increase the productivity of your QA & developer teams.