Secrets

Secrets are used for authenticating requests through hash digests or encrypted data in client-side environments where generating a consent token is too complicated. A few use-cases when secrets are used:

When passing a user ID to a Didomi SDK, a hash digest should be computed and provided to authenticate the user ID provided.
When loading proofs in a public context. For instance, if you are embedding a consent proof in emails, the proof URL will need to be authenticated via a hash digest.

The /secrets API endpoint gives access to the secrets available to an organization on the Didomi platform and that can be used when a secret is required.

We recommend using different secrets by environment (development, staging, production, etc.) and by platform (web, mobile, email, etc.).

Secrets are meant to be reused and organizations are limited to 300 secrets.

Create a secret

Send a POST /secrets request to create a new secret. You will need to specify a name to help identify what the secret is used for. The actual secret value will be automatically generated.

Example

POST /secrets

BODY
{
  "name": "User ID in Web SDK"
  "organization_id": "organization_id"
}

See the API documentation for more details on this endpoint.

PreviousTokens NextUsers

Last updated 1 month ago