# Token security

| [domain-whitelisting](https://docs.cloudimage.io/setup/security/token-security/domain-whitelisting "mention") | Specify which domains your Cloudimage token can download original images from. You can limit the list to a few domains that you own to make sure no one uses your token on his or her URLs. |
| ------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| [url-signature](https://docs.cloudimage.io/setup/security/token-security/url-signature "mention")             | Sign your Cloudimage URLs with an SHA hash to prevent someone else from using your Cloudimage token.                                                                                        |
| [url-sealing](https://docs.cloudimage.io/setup/security/token-security/url-sealing "mention")                 | With this feature, you can sign only part of the url which will allow you to add more parameters to the URL while protecting the sealed ones.                                               |