This internal tool stores data locally on the server where it runs. It does not use advertising cookies, analytics cookies, or third-party tracking cookies.
User accounts are stored in config/users.json. Passwords are stored as salted hashes; plaintext passwords are not stored.
Application settings, including the shared AutoGen secret, are stored in config/settings.json. Session signing material is stored in private/session.key.
Generated authorization records are stored by year in data/authgen-YYYY.json. Records include auth code, auth key, UTC creation time, user, source, and any entered company, location, system, other ID, or notes.