Merge pull request #365 from IABTechLab/gwh-APIDOCS-1871-cstg-api-key…

…s-updates

Gwh apidocs 1871 cstg api keys updates

docs/getting-started/gs-account-setup.md

@@ -40,7 +40,7 @@ You'll need to provide at least the following information:
 * Company name
 * Name and contact information for an authorized individual who can sign the contract.
 
-When you've signed a contract for participating in UID2, you'll be issued with [API keys](gs-api-keys.md) and other information for getting up and running with UID2.
+When you've signed a contract for participating in UID2, you'll be issued with [UID2 credentials](gs-credentials.md) and other information for getting up and running with UID2.
 
 
 ## API Versions

docs/getting-started/gs-auth.md

@@ -7,8 +7,8 @@ sidebar_position: 05
 
 # Authentication and Authorization
 
-To authenticate to the UID2 endpoints, you need the following:
+To authenticate to the UID2 endpoints in a server-side implementation, you need the following:
 
-- A client [API key](gs-api-keys.md). The API key is included as a bearer token in the request's Authorization header. For example:<br/>
+- A client [API key](gs-credentials.md#api-key-and-client-secret). The API key is included as a bearer token in the request's Authorization header. For example:<br/>
   `Authorization: Bearer YourTokenBV3tua4BXNw+HVUFpxLlGy8nWN6mtgMlIk=`
 - A client secret for encrypting API requests and decrypting API responses. This is needed for all endpoints except [POST /token/refresh](../endpoints/post-token-refresh.md). <br/>For details and Python examples, see [Encrypting Requests and Decrypting Responses](gs-encryption-decryption.md).

docs/getting-started/gs-credentials.md

@@ -0,0 +1,64 @@
+---
+title: UID2 Credentials
+description: Learn about the credentials you'll need and how to get them.
+hide_table_of_contents: false
+sidebar_position: 03
+---
+
+# UID2 Credentials
+
+Each UID2 <a href="/docs/intro#participants">participant</a> gets a set of unique credentials. The set of credentials you get is determined by how you are participating in UID2, as shown in the following table.
+
+| Audience | Credentials | Integration |
+| :--- | :--- | :--- |
+| Participants using a server-side endpoint  | Both of the following:<ul><li>[API key](../ref-info/glossary-uid.md#gl-api-key), also called a client key</li><li>[Client secret](../ref-info/glossary-uid.md#gl-client-secret), a value known only to the participant and the UID2 service</li></ul> | Any integration using one of these endpoints: <ul><li>[POST /identity/map](../endpoints/post-identity-map.md)</li><li>[POST /identity/buckets](../endpoints/post-identity-buckets.md)</li><li>[POST /token/generate](../endpoints/post-token-generate.md)</li></ul> |
+| Participants using a client-side implementation  | Both of the following: <ul><li>Subscription ID</li><li>Public key</li></ul> | Integrations using one of these: <ul><li>[Prebid.js Express Integration Guide](../guides/integration-prebid.md)</li><li>[JavaScript Express Integration Guide](../guides/publisher-client-side.md)</li></ul> |
+
+
+
+If you're using the integration environment as well as the production environment, you'll get a separate set of credentials for each environment.
+
+<!-- It includes:
+
+* [API Key and Client Secret](#api-key-and-client-secret)
+  * [Security of API Key and Client Secret](#security-of-api-key-and-client-secret)
+* [Subscription ID and Public Key](#subscription-id-and-public-key)
+* [Refreshing Credentials](#refreshing-credentials)
+ -->
+
+## API Key and Client Secret
+
+The API key and client secret allow the participant to connect to the [Operator Service](../ref-info/glossary-uid.md#gl-operator-service) and call API endpoints. These values identify the participant to the service.
+
+Here is some information about API keys and client secrets:
+- One UID2 participant can have multiple keys.
+- Each key has a set of permissions that determine which endpoints it can be used on.
+- Each key has a corresponding client secret.
+- Most API endpoints require both API key and client secret for authentication. For details, see [Authentication and Authorization](gs-auth.md).
+- If you're using the integration environment as well as the production environment, you'll require separate API keys for each environment.
+
+As part of getting your UID2 account set up, one or more API keys, each with a corresponding client secret, will be issued to you. For details of who to talk to, see [Contact Info](gs-account-setup.md#contact-info).
+
+### Security of API Key and Client Secret
+
+Security of keys and client secrets is very important. Follow these guidelines:
+
+- When you receive your API key and client secret, store them in a secure location.
+- Keep track of all places where these values are stored and used, so that if you need to rotate the key you can do it quickly.
+- Establish a process for replacing the key and secret with new values if the existing ones are compromised.
+
+We recommend that you refresh your API key and client secret on a regular cadence&#8212;for example, yearly&#8212;to help reduce the risk of your credentials being compromised.
+
+## Subscription ID and Public Key
+
+If you're using a client-side implementation, you'll receive the following credentials:
+- **Subscription ID**: This value identifies your site to the UID2 service.
+- **Public key**: This value is used for encryption.
+
+Unlike the API key and client secret, the Subscription ID and public key do not have to be kept secure.
+
+When you're implementing UID2 on the client side, by using the UID2 JavaScript SDK or Prebid, provide the values to the SDK or to Prebid as part of configuration.
+
+## Refreshing Credentials
+
+To request new credentials at any time, ask your UID2 contact.

docs/guides/summary-guides.md

@@ -55,7 +55,7 @@ The following resources are available for publisher web integrations.
 
 | Integration Guide |  Content Description |
 | :--- | :--- |
-| [Prebid.js Integration Guide](./integration-prebid.md) | An integration guide for publishers who want to integrate with UID2 and generate identity tokens to be passed by Prebid in the RTB bid stream. This guide is for publishers who want to request UID2 tokens client-side, which is the easiest implementation approach. |
+| [Prebid.js Express Integration Guide](./integration-prebid.md) | An integration guide for publishers who want to integrate with UID2 and generate identity tokens to be passed by Prebid in the RTB bid stream. This guide is for publishers who want to request UID2 tokens client-side, which is the easiest implementation approach. |
 | [Prebid.js Advanced Integration Guide](./integration-prebid-advanced.md) | An integration guide for publishers who want to integrate with UID2 and generate identity tokens to be passed by Prebid in the RTB bid stream. This guide is for publishers who are using a private operator or who want to generate tokens server-side. |
 
 ### Google Ad Manager Integrations

docs/overviews/overview-advertisers.md

@@ -52,7 +52,7 @@ To get started, follow these steps:
    Someone will contact you to discuss your needs and advise on appropriate next steps.
 1. Decide on your [participant](../intro.md#participants) role or roles.
 1. Decide which implementation option you want to use.
-1. Receive your credentials (see [API keys](../getting-started/gs-api-keys.md)) and follow the instructions in the implementation guide for the option you chose.
+1. Receive your credentials (see [UID2 Credentials](../getting-started/gs-credentials.md)) and follow the instructions in the implementation guide for the option you chose.
 
      NOTE: Be sure to encrypt request messages to UID2. For details, see [Encrypting Requests and Decrypting Responses](../getting-started/gs-encryption-decryption.md).
 1. Test.

docs/overviews/overview-data-providers.md

@@ -55,7 +55,7 @@ To get started, follow these steps:
    Someone will contact you to discuss your needs and advise on appropriate next steps.
 1. Decide on your [participant](../intro.md#participants) role or roles.
 1. Decide which implementation option you want to use.
-1. Receive your credentials (see [API keys](../getting-started/gs-api-keys.md)) and follow the instructions in the implementation guide for the option you chose.
+1. Receive your credentials (see [UID2 Credentials](../getting-started/gs-credentials.md)) and follow the instructions in the implementation guide for the option you chose.
 
      NOTE: Be sure to encrypt request messages to UID2. For details, see [Encrypting Requests and Decrypting Responses](../getting-started/gs-encryption-decryption.md).
 1. Test.

docs/overviews/overview-dsps.md

@@ -55,14 +55,15 @@ To get started, follow these steps:
 
 1. Request access to UID2 by filling out the form on the [Request Access](/request-access) page.
 2. Implement a webhook to receive UID2 opt-out. Share the webhook with the UID2 administrator.
-3. Confirm that you are receiving the opt-out feed via the webhook.<br/>
-    When the webhook is in place, you'll receive your credentials (see [API keys](../getting-started/gs-api-keys.md)).
+3. Confirm that you are receiving the opt-out feed via the webhook.
+
+    When the webhook is in place, you'll receive your credentials (see [UID2 Credentials](../getting-started/gs-credentials.md)).
 4. Decide which implementation option you want to use.
 5. If you're using an SDK, download the SDK. Refer to the applicable SDK guide.
 6. Follow the instructions in the implementation guide for the option you chose.
 
      NOTE: Be sure to encrypt request messages to UID2. For details, see [Encrypting Requests and Decrypting Responses](../getting-started/gs-encryption-decryption.md).
-7. (Conditional) If you will be implementing a CRM onboarding solution, request a separate set of credentials for the data provider workflow. See [API keys](../getting-started/gs-api-keys.md).
+7. (Conditional) If you will be implementing a CRM onboarding solution, request a separate set of credentials for the data provider workflow. See [UID2 Credentials](../getting-started/gs-credentials.md).
 8. Test.
 9. Go live.
 

docs/overviews/overview-publishers.md

@@ -66,7 +66,7 @@ To get started, follow these steps:
 1. Request access to UID2 by filling out the form on the [Request Access](/request-access) page.
 1. Identify the properties that you want to integrate with UID2.
 1. Sign the UID2 contract.
-1. Receive the UID2 authentication keys ([API keys](../getting-started/gs-api-keys.md)).
+1. Receive the UID2 authentication keys ([UID2 Credentials](../getting-started/gs-credentials.md)).
 1. Build your integration to UID2 via an SDK or direct integration with the UID2 APIs, using the applicable documentation.
 
      NOTE: Be sure to encrypt request messages to UID2. For details, see [Encrypting Requests and Decrypting Responses](../getting-started/gs-encryption-decryption.md).
@@ -114,7 +114,7 @@ The following resources are available for publishers integrating with Google Ad
 
 | Integration Type| Documentation | Content Description | Audience |
 | :--- | :--- | :--- | :--- |
-| Prebid | [Prebid.js Integration Guide](../guides/integration-prebid.md) | An integration guide for publishers who want to integrate with UID2 and generate identity tokens to be passed by Prebid in the RTB bid stream. This guide is for publishers who want to request UID2 tokens client-side, which is the easiest implementation approach. | Publishers |
+| Prebid | [Prebid.js Express Integration Guide](../guides/integration-prebid.md) | An integration guide for publishers who want to integrate with UID2 and generate identity tokens to be passed by Prebid in the RTB bid stream. This guide is for publishers who want to request UID2 tokens client-side, which is the easiest implementation approach. | Publishers |
 | Prebid | [Prebid.js Advanced Integration Guide](../guides/integration-prebid-advanced.md) | An integration guide for publishers who want to integrate with UID2 and generate identity tokens to be passed by Prebid in the RTB bid stream. This guide is for publishers who are using a private operator or who want to generate tokens server-side. | Publishers |
 
 ### Google Ad Manager Integrations

docs/ref-info/glossary-uid.md

@@ -99,8 +99,8 @@ sidebar_position: 10
 <dd>Advertising token is another term for a <a href="#gl-uid2-token">UID2 token</a>.</dd>
 
 <dt class="jump-anchor" id="gl-api-key">API key</dt>
-<dd>Each UID2 <a href="/docs/intro#participants">participant</a> has an API key (client key) and also a secret value associated with the key, called the client secret (API secret). The client secret is known only to the participant and the UID2 service.</dd>
-<dd>For details, see <a href="/docs/getting-started/gs-api-keys">API Keys</a>.</dd>
+<dd>Each UID2 <a href="/docs/intro#participants">participant</a> using a server-side implementation has an API key (client key) and also a secret value associated with the key, called the client secret (API secret). The client secret is known only to the participant and the UID2 service.</dd>
+<dd>For details, see <a href="/docs/getting-started/gs-credentials">UID2 Credentials</a>.</dd>
 
 <dt class="jump-anchor" id="gl-api-secret">API secret</dt>
 <dd>See <a href="#gl-client-secret">client secret</a>.</dd>
@@ -116,8 +116,8 @@ sidebar_position: 10
 <dd>See <a href="#gl-api-key">API key</a>.</dd>
 
 <dt class="jump-anchor" id="gl-client-secret">Client secret</dt>
-<dd>Each UID2 <a href="/docs/intro#participants">participant</a> has an API key (client key) and also a secret value associated with the key, called the client secret (API secret). The client secret is known only to the participant and the UID2 service.</dd>
-<dd>For details, see <a href="/docs/getting-started/gs-api-keys">API Keys</a>.</dd>
+<dd>Each UID2 <a href="/docs/intro#participants">participant</a> using a server-side implementation has an API key (client key) and also a secret value associated with the key, called the client secret (API secret). The client secret is known only to the participant and the UID2 service.</dd>
+<dd>For details, see <a href="/docs/getting-started/gs-credentials">UID2 Credentials</a>.</dd>
 
 <dt class="jump-anchor" id="gl-closed-operator">Closed operator</dt>
 <dd>Closed operator is another term for a <a href="#gl-private-operator">private operator</a>.</dd>

i18n/ja/docusaurus-plugin-content-docs/current/getting-started/gs-account-setup.md

@@ -41,7 +41,7 @@ UID2 に興味を示していただいたら、詳細を詰めるために担当
 * 会社名
 * 契約書に署名できる正式な個人の名前と連絡先
 
-UID2 に参加する契約を結ぶと、[APIキー](gs-api-keys.md)と UID2 を始めるために必要な情報が提供されます。
+UID2 に参加する契約を結ぶと、[UID2 credentials](gs-credentials.md)と UID2 を始めるために必要な情報が提供されます。
 
 
 ## API Versions

i18n/ja/docusaurus-plugin-content-docs/current/getting-started/gs-auth.md

@@ -9,6 +9,6 @@ sidebar_position: 05
 
 UID2 エンドポイントの認証には、以下が必要です:
 
-- クライアントの [API Key](gs-api-keys.md)。API KeyはベアラートークンとしてリクエストのAuthorizationヘッダに含めます。例えば:<br/>
+- クライアントの [API Key](gs-credentials.md#api-key-and-client-secret)。API KeyはベアラートークンとしてリクエストのAuthorizationヘッダに含めます。例えば:<br/>
   `Authorization: Bearer YourTokenBV3tua4BXNw+HVUFpxLlGy8nWN6mtgMlIk=`
 - API リクエストを暗号化し、API レスポンスを復号化するための Client Secret。これは [POST /token/refresh](../endpoints/post-token-refresh.md) を除くすべてのエンドポイントで必要です。<br/>詳細と Pythonの 例は [Encrypting Requests and Decrypting Responses](gs-encryption-decryption.md) を参照してください。

i18n/ja/docusaurus-plugin-content-docs/current/getting-started/gs-api-keys.md → i18n/ja/docusaurus-plugin-content-docs/current/getting-started/gs-credentials.md

@@ -1,11 +1,11 @@
 ---
-title: API Keys
+title: UID2 Credentials
 description: 必要な API Key とその取得方法。
 hide_table_of_contents: false
 sidebar_position: 03
 ---
 
-# API Keys
+# UID2 Credentials
 
 UID2 <a href="/docs/intro#participants">参加者</a> はそれぞれ、クライアントキーとも呼ばれる API Key を持っています。各キーには対応する [client secret](../ref-info/glossary-uid.md#gl-client-secret) があり、これは参加者と UID2 Service だけが知っている値です。