UID2 Credentials
Each UID2 participant gets a set of unique credentials. The set of credentials you get is determined by how you are participating in UID2, as shown in the following table.
| Audience | Credentials | Integration |
|---|---|---|
| Participants using a server-side endpoint | Both of the following:
| Any integration using one of these endpoints: |
| Participants using a client-side implementation | Both of the following:
| Integrations using one of these: |
If you're using the integration environment as well as the production environment, you'll get a separate set of credentials for each environment.
API Key and Client Secret
The API key and client secret allow the participant to connect to the Operator Service and call API endpoints. These values identify the participant to the service.
Here is some information about API keys and client secrets:
- One UID2 participant can have multiple keys.
- Each key has a set of permissions that determine which endpoints it can be used on.
- Each key has a corresponding client secret.
- Most API endpoints require both API key and client secret for authentication. For details, see Authentication and Authorization.
- If you're using the integration environment as well as the production environment, you'll require separate API keys for each environment.
As part of getting your UID2 account set up, one or more API keys, each with a corresponding client secret, will be issued to you. For details of who to talk to, see Contact Info.
Security of API Key and Client Secret
Security of keys and client secrets is very important. Follow these guidelines:
- When you receive your API key and client secret, store them in a secure location.
- Keep track of all places where these values are stored and used, so that if you need to rotate the key you can do it quickly.
- Establish a process for replacing the key and secret with new values if the existing ones are compromised.
We recommend that you refresh your API key and client secret on a regular cadence—for example, yearly—to help reduce the risk of your credentials being compromised.
Subscription ID and Public Key
If you're using a client-side implementation, you'll receive the following credentials:
- Subscription ID: This value identifies your site to the UID2 service.
- Public key: This value is used for encryption.
Unlike the API key and client secret, the Subscription ID and public key do not have to be kept secure.
When you're implementing UID2 on the client side, by using the UID2 JavaScript SDK or Prebid, provide the values to the SDK or to Prebid as part of configuration.
Refreshing Credentials
To request new credentials at any time, ask your UID2 contact.