Access Tokens

🚧

Re-use DataGuard JWTs

A robust mechanism for storing and re-using DataGuard JWTs (until expiry) must be employed to ensure our fair usage policy is not breached. The JWT can then be used to retrieve your Access Tokens.

What are Access Tokens?

DataGuard access tokens are secure, time bounded tokens which are used by DataGuard Contact Points to identify the customer record and present their current permission and preference state.

Provided in the Capture Point configuration, any valid token will render the Capture Template content to the customer and permit them to submit updates.

There is no limit to the number of tokens that can exist for a single customer record, but if used after the expiry date has passed this will result in the widget not rendering and triggering an onLoadError event.

Generate Individual Tokens (on-demand)

Create individual tokens on the API. On-demand tokens are best for use cases that can leverage a script (or alternative mechanism) to call the DataGuard API. This ensures that only tokens which are needed are generated. Care should be taken if there is potential for significant spikes in activity that require large volumes of individual tokens.

Generate Batches Of Tokens

🚧

Token expiry

When using tokens in links for managing permissions and preferences, you should ensure that the token still has sufficient time until expiry and we also recommend you check these links in a sample of emails.

For Targeted Customers

Create batches of tokens on the API. Batches of tokens are best for use cases where large numbers of customers are being contacted (e.g. service messages or marketing emails) where a link to managing permissions and preferences will be provided.

For All Customers

❗️

Create Everyone a Token

The UI currently creates a token for each citizen recorded in your DataGuard application. We recommend using the API to generate smaller batches (max 1k per batch) for targeted groups to avoid causing high load on the platform services.

To generate a new batch of Tokens for all customers navigate to the 'Token management' screen in the Admin UI. Here, you will see a list of your previous Token batches.

Click on the '+ Generate tokens' button.

This will bring up the Token generation screen. You will need to supply a unique reference and set the date upon which you wish the tokens to expire.

Once you are happy with these settings, click on the 'Generate tokens' button to generate the new batch of tokens. A success message will be displayed as below:

Note: If you have a large number of Citizens in DataGuard, the Tokens may take some time to generate. They will display as 'In progress' until they are complete.

Downloading Tokens from the UI

To download a batch of Tokens, click on the 'Download' button. Your Tokens will be downloaded locally as a '.CSV' file.

The CSV includes:
• Permissions Citizen ID
• External Reference Number (Your Citizen ID)
• Token
• Token Expiry Date

Managing Tokens

From the 'Token management' screen in the Admin UI, you can view all of your Active and Expired Token batches, as well as carry out some additional functions.

To Expire a batch of Tokens, simply click on the 'Expire' button. You will be shown the warning 'Expiring tokens will break the email links associated with this reference that have been (or are scheduled to be) sent to citizens'. If you are happy to proceed, click 'Expire tokens'. The batch will be expired and moved to the 'Expired' section.

Note: Expired tokens cannot be made Active again. If you mistakenly expire a batch, you will need to generate new tokens for the affected users.

To view expired Tokens, click on the 'Expired Tokens' tab.