Skip to main content
Gainsight Inc.

Identity HMAC Verification (SHA256)

ATTENTION: Documentation Updates are in Process
We are in the process of updating the screenshots, GIFs, and content to match the latest UX based on the Horizon Experience’s new look and feel. To learn more about the Horizon Experience in Gainsight PX, click here.

Enabling identity verification means Gainsight PX will use HMAC id so we can have a secured way to validate that a logged in user doesn't try to impersonate as another user - this feature should be set via account product settings. The purpose of identity verification is to verify that your users are who they claim to be. It works by using a server side generated HMAC (hash based message authentication code), using SHA256, on either your user’s email or user_id. Once identity verification is enabled, We will not accept any requests for a logged-in user without a valid HMAC.

Enable Identity verification Under Account Settings

Once your server side has implemented identity verification using the hash key you can enable it under account settings.

clipboard_e9f5d01cf10c9011e20877ee06d583e0e.png

Pass the User Hash in the Identify Call

aptrinsic("identify",
  {
  //User Fields
    "id": "unique-user-id", // Required for logged in app users
    "email": "userEmail@address.com",
    "firstName": "John",
    "lastName": "Smith",
    "signUpDate": 1522697426479, //unix time in ms
    "userHash": "" // optional transient for HMAC identification
  },
  {
  //Account Fields
    "id":"IBM", //Required
    "name":"International Business Machine"
 });
  • Was this article helpful?