Implementing User Verification

Get your shared secret

Firstly, get your shared secret to securely encrypt the user data in the payload.

1. Access the global settings via the Settings button in the top right of the Released overview page.

2. Go to the User verification section.

3. Copy your Shared Secret – this will be used to generate authentication tokens.

Generate an authentication token on your server

Now you can generate an encrypted AUTH_TOKEN to securely identify the user.

Send a POST request to the Released token API with your ACCOUNT_ID and the CURRENT_USER_EMAIL. The API will respond with the AUTH_TOKEN for that user.

Include this token in every request to authenticate users accessing your Released portal. The token is valid for seven days. After that, you must generate a new token.

Example Request (Node.js)

const response = await fetch("https://accounts.releasedhub.com/auth/api/token", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
    "Authorization": "Bearer SHARED_SECRET" // Your shared secret
  },
  body: JSON.stringify({
    account_id: "ACCOUNT_ID", // Your Released Account ID 
    user_email: "CURRENT_USER_EMAIL" // Email of the current authenticated user 
  }),
});

const json = await response.json();
console.log(json);

You can find the SHARED_SECRET and ACCOUNT_ID values in the User verification settings in Released. The CURRENT_USER_EMAIL value should be filled in dynamically with the details of the authenticated user in your app or site.

Pass the authentication token with the embed tag

Once you’ve generated the token, include it when embedding your portal:

<released-page auth-token="AUTH_TOKEN"></released-page>