Skip to main content
Gainsight Inc.

Identity HMAC Verification (SHA256)

  1. Last updated
  2. Save as PDF

Overview

The purpose of identity verification is to verify that your users are who they claim to be. When you enable identity verification, it empowers Gainsight PX to use HMAC ID so that there is a secure way to validate if a logged-in user tries to impersonate another user. This feature should be configured via account product settings. The identity verification works by using a server-side generated HMAC (Hash-based Message Authentication Code), using SHA256, on either your user’s email or user_id. Once identity verification is enabled, Gainsight PX does not accept any requests for a logged-in user without a valid HMAC.

Enable Identity verification Under Account Settings

Once your server side has implemented identity verification using the hash key, you can enable it by navigating to Administration > Identity Verification.

Security_IdentityVerfication_IdentityHMACVerification.jpeg

Pass the User Hash in the Identify Call

Use the following code to pass the user hash:

aptrinsic("identify",
  {
  //User Fields
    "id": "unique-user-id", // Required for logged in app users
    "email": "userEmail@address.com",
    "firstName": "John",
    "lastName": "Smith",
    "signUpDate": 1522697426479, //unix time in ms
    "userHash": "" // optional transient for HMAC identification
  },
  {
  //Account Fields
    "id":"IBM", //Required
    "name":"International Business Machine"
 });
  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
  2. Tags
    1. HMAC
    2. Identity verification
    3. User hash