Identity HMAC Verification (SHA256)

Updated 3 months ago by Michael Alon

Enabling identity verification means Gainsight PX will use HMAC id so we can have a secured way to validate that a logged in user doesn't try to impersonate as another user - this feature should be set via account product settings. The purpose of identity verification is to verify that your users are who they claim to be. It works by using a server side generated HMAC (hash based message authentication code), using SHA256, on either your user’s email or user_id. Once identity verification is enabled, We will not accept any requests for a logged-in user without a valid HMAC.

Enable Identity verification Under Account Settings:

One your server side has implemented identity verification using the hash key you can enable it under account settings.

Pass the User Hash in the Identify Call:

aptrinsic("identify",
{
//User Fields
"id": "unique-user-id", // Required for logged in app users
"email": "userEmail@address.com",
"firstName": "John",
"lastName": "Smith",
"signUpDate": 1522697426479, //unix time in ms
"userHash": "" // optional transient for HMAC identification
},
{
//Account Fields
"id":"IBM", //Required
"name":"International Business Machine"
});


How did we do?