Request Authentication

Certain actions require communication to the Sentiance Backend. to perform these request an API Key with the required permissions must be included in the the Authorization header if the request.

Authorization: Bearer e5c3b842231543f.mGCUhfi0uI4J13k010V49D2GaBZ3j1E708X4a4396XNx48X3

An Authorization header with value Bearer <token> authenticates and authorizes your request. The token can either be an API Key or an SDK User Token. see below on how these are created and what they give you access to.

SDK User Token

SDK User Tokens have access to all queries and mutations available in a single user context. this token can be generated in the app by requesting this in the SDK instance like below.

 Sentiance.shared.requestUserAccessToken { result, error in
    if let result = result {
        print("Token: \(result.token)")
    }
}

sentiance.requestUserAccessToken().addOnCompleteListener { operation ->
    if (operation.isSuccessful) {
        val token = operation.result
    } else {
        val error = operation.error
        Log.e(TAG, "Failed to get access token, reason ${error.reason.name}.")
    }
}

try {
  final tokenResult = await requestAccessToken(options);
  // 
} on PlatformException catch(e) {
  // An error occurs when communicating with the host platform.
} on UserAccessTokenError catch(e) {
  // Failed to request a user access token, find out more about the reason why
  final reason = e.reason;
}

The token is valid for a limited time (several days). Generally, requesting a token from the SDK will complete instantly by returning a cached token. But if a new one has to be obtained from the Sentiance API, there is a possibility that it will fail (e.g. no network connection).

API Keys

API Keys can access all queries and mutations for the App to which they belong. These are secure, revocable, and scope-restricted credentials used for user registration, data queries to the Sentiance GraphQL, user deletion and any other backend-to-backend operation.

Users with Developer permissions on a Sentiance App can create API Keys in ICT by specifying a name, scope, and expiry date. Each key is disclosed only once to its creator so it must be securely stored immediately. While only the creator initially sees the key, any user with Developer permissions on the App can later revoke it.

Management of API Keys is done in ICT and requires an account with Developer permissions

Expiry Period

For increased security, API Keys are self-expiring. The expiry time is 1 year from the time of creation. After 1 year, the old API Key will stop working and a new one will have to be created. We allow up to 10 active API Keys at any given time, per app. An active key is one that hasn't been revoked or expired.

Permission scopes

Scopes allow you to specify what operations an API Key can perform. A single key must have at least 1 permission scopes but is allowed to have multiple. We always strongly recommend to set as minimal scopes for a api key for security reasons, best is to use multiple api keys with different scopes instead of 1 api key with many scopes

Scope name

Scope description

USER_READ

Use this scope to read user data. This scope should be used with the Sentiance GraphQL

USER_DELETE

Use this scope to delete a user along with all historical data.

USER_LINK

Use this scope to perform User Creation & Authentication.

OFFLOADS_READ

Use this scope to list Offloads available for download.

OFFLOADS_GENERATE_URL

Use this scope to generate URLs at which offloads can be downloaded.

FAKE_DATA_INSERT

Use this scope to inject fake data. Engagement platform only!

PreviousUser Creation and Management NextData Sychronization

Last updated 1 month ago