Swift SDK

Server-Side Authentication

Secure your user identification by generating HMAC-SHA256 signatures on your server. This prevents user impersonation.

Setup

Get your Secret Key from your UserJot Dashboard → Settings → Security
Enable Require Signed Tokens
Generate signatures on your server

Generate Signature

Node.js/Express

const crypto = require('crypto');

function generateUserJotSignature(userId, secret) {
    return crypto
        .createHmac('sha256', secret)
        .update(userId)
        .digest('hex');
}

iOS Implementation

Pass the signature from your server when identifying users:

UserJot.identify(
    userId: "user123",
    email: "john@example.com",
    firstName: "John",
    lastName: "Doe",
    signature: signatureFromYourServer // HMAC-SHA256 signature
)

Other Languages

Python

import hmac
import hashlib

def generate_userjot_signature(user_id, secret):
    return hmac.new(
        secret.encode(),
        user_id.encode(),
        hashlib.sha256
    ).hexdigest()

Ruby

require 'openssl'

def generate_userjot_signature(user_id, secret)
  OpenSSL::HMAC.hexdigest(
    'sha256',
    secret,
    user_id
  )
end

PHP

function generateUserJotSignature($userId, $secret) {
    return hash_hmac('sha256', $userId, $secret);
}