Skip to main content

UID2 Endpoints: Summary

All UID2 endpoints require a client secret for encrypting API requests (except POST /token/refresh requests) and decrypting responses. For details, and code examples in different programming languages, see Encrypting Requests and Decrypting Responses.

UID2 Tokens

The following endpoints are for retrieving and managing UID2 tokens (identity tokens, advertising tokens), and are used mainly by publishers.

EndpointDescriptionRequest EncryptionResponse Decryption
POST /token/generateRequests a UID2 token generated from a user's DII (email address or phone number). If the DII is valid, and the user has not opted out of UID2, this operation returns a UID2 token and associated values.RequiredRequired
POST /token/validateUsed for testing, to validate that an advertising token (UID2) matches the specified email address, phone number, or the respective hash.RequiredRequired
POST /token/refreshGenerates a new token for a user for their refresh token from the POST /token/generate response.N/ARequired

Identity Maps

The following endpoints are used by advertisers and third-party data providers. Publishers do not need to use these endpoints.

EndpointDescriptionRequest EncryptionResponse Decryption
POST /identity/bucketsMonitors rotated salt buckets using their last updated timestamp.RequiredRequired
POST /identity/mapRetrieves raw UID2s and salt bucket IDs for one or more email addresses, phone numbers, or their respective hashes.RequiredRequired

Opt-Out Status

The following endpoint can be used by advertisers, third-party data providers, DSPs, and sharers. Publishers do not need to use this endpoint.

For details about the UID2 opt-out workflow and how users can opt out, see User Opt-Out.

EndpointDescriptionRequest EncryptionResponse Decryption
POST /optout/statusChecks the opt-out status of raw UID2s. This endpoint takes a list of raw UID2s as input, and returns the raw UID2s that have opted out, as well as the time that the opt-out took place.RequiredRequired