| title | description | hide_table_of_contents | sidebar_position |
|---|---|---|---|
Authentication and Authorization |
Authentication requirements for the UID2 endpoints. |
false |
5 |
import Link from '@docusaurus/Link';
To authenticate to the UID2 endpoints in a server-side implementation, you need the following:
- A client API key. The API key is included as a bearer token in the request's Authorization header. For example:
Authorization: Bearer YourTokenBV3tua4BXNw+HVUFpxLlGy8nWN6mtgMlIk= - A client secret for encrypting API requests and decrypting API responses. This is needed for all endpoints except POST /token/refresh.
For details, and encryption/decryption examples in several different programming languages, see Encrypting Requests and Decrypting Responses.
:::note If you're a publisher and are implementing UID2 on the client side, the authentication and authorization is managed automatically by your implementation, such as Prebid.js (see UID2 Client-Side Integration Guide for Prebid.js) or the JavaScript SDK (see Client-Side Integration Guide for JavaScript). :::