Installable cloud apps deployed from PowerServer adopt standard cloud-native architecture running on the .NET framework and adhere to industry best practices for security. All SQLs and DataWindows execute behind the firewall. Data is accessed through industry-standard REST APIs, secured by OAuth or JWT. The client app is encrypted, digitally signed and checked for integrity.
For more information, refer to:
Whitepaper: PowerServer 2022 R3 Security Measures