Big News! Split to be acquired by Harness. Read More

Trust & Security

Feel Confident

In serving over 200 billion experiences per month around the world, we believe that trust is central to everything we do.

const jwt = require("jsonwebtoken");

const config = process.env;

const verifyToken = (req, res, next) => {
  const token =
    req.body.token || req.query.token || req.headers["x-access-token"];

  if (!token) {
    return res.status(403).send("A token is required for authentication");

  try {
    req.user = jwt.verify(token, config.TOKEN_KEY);
  } catch (err) {
    return res.status(401).send("Invalid Token");

  return next();

module.exports = verifyToken;

Security Overview

To learn more about our security program at Split, please reference our Security Status Page below.


Split follows extensive practices to track and protect your data as it moves through Split’s services.

Our Security Practices


Split’s services are architected from the ground up with performance and high availability at the foundation.

Our Commitment to Reliability


Split is data optional. If you do decide to send us data, it becomes our responsibility and we’re committed to protecting it from unauthorized access.

Our Commitment to Privacy


Split is committed to achieving and maintaining the trust of our customers. Integral to this mission is providing a robust compliance program that ensures the confidentiality of your data.

Our Compliance Program

Frequently Asked Questions

Is your data encrypted? Do you have a backup plan? How are passwords stored? Find answers to our top questions.

Read the FAQ

Create Impact With Everything You Build

We’re excited to accompany you on your journey as you build faster, release safer, and launch impactful products.