The UID 2 Project is subject to the IAB Tech Lab Intellectual Property Rights (IPR) Policy, and is managed by the IAB Tech Lab Addressability Working Group and Privacy & Rearc Commit Group. Please review the governance rules.
This document includes:
- Who Is this SDK for?
- Requirements
- Install
- Usage for DSPs
- Usage for Publishers
- Usage for UID2 Sharers
This SDK simplifies integration with UID2 for Publishers, DSPs, and UID Sharers, as described in UID2 Integration Guides.
This SDK requires Java version 1.8 or later.
To install the SDK, add this dependency to your project's pom.xml
file:
<dependency>
<groupId>com.uid2</groupId>
<artifactId>uid2-client</artifactId>
<version>4.1.2</version>
</dependency>
For an example of usage for DSPs, see com.uid2.client.test.IntegrationExamples.
As a publisher, there are two ways to use this SDK:
- Basic Usage is for publishers who want to use this SDK's HTTP implementation (synchronous OkHttp).
- Advanced Usage is for publishers who prefer to use their own HTTP library.
For an example application that demonstrates both Basic and Advanced usage, see Java UID2 Integration Example.
If you're using the SDK's HTTP implementation, follow these steps.
-
Create an instance of PublisherUid2Client as an instance variable.
private final PublisherUid2Client publisherUid2Client = new PublisherUid2Client(UID2_BASE_URL, UID2_API_KEY, UID2_SECRET_KEY);
-
When the user has authenticated, and has authorized the creation of a UID2, call a function that takes the user's email address or phone number as input and generates an
IdentityTokens
object. The following example uses an email address:IdentityTokens identity = publisherUid2Client.generateToken(TokenGenerateInput.fromEmail(emailAddress));
If you're using standard integration (client and server) (see Client-Side JavaScript SDK Integration Guide), follow this step:
-
Send this identity as a JSON string back to the client (to use in the identity field) using the following:
identity.getJsonString()
If you're using server-only integration (see Publisher Integration Guide, Server-Only):
-
Store this identity as a JSON string in the user's session, using the
identity.getJsonString()
function. -
To use the user's UID2 token, use the
identity.getAdvertisingToken()
function. -
When the user accesses another page, or on a timer, determine whether a refresh is needed:
-
Retrieve the identity JSON string from the user's session, and then call the following function that takes the identity information as input and generates an
IdentityTokens
object:IdentityTokens identity = IdentityTokens.fromJsonString(identityJsonString);
-
Determine if the identity can be refreshed (that is, the refresh token hasn't expired):
if (identity == null || !identity.isRefreshable()) { we must no longer use this identity (for example, remove this identity from the user's session) }
-
Determine if a refresh is needed:
if (identity.isDueForRefresh()) {..}
-
-
If needed, refresh the token and associated values:
TokenRefreshResponse tokenRefreshResponse = publisherUid2Client.refreshToken(identity);
-
Store
tokenRefreshResponse.getIdentityJsonString()
in the user's session. If the user has opted out, this method returns null, indicating that the user's identity should be removed from the session. To confirm optout, you can use thetokenRefreshResponse.isOptout()
function.
-
Create an instance of PublisherUid2Helper as an instance variable:
private final PublisherUid2Helper publisherUid2Helper = new PublisherUid2Helper(UID2_SECRET_KEY);
-
When the user has authenticated, and has authorized the creation of a UID2, call a function that takes the user's email address or phone number as input and creates a secure request data envelope. See Encrypting requests. The following example uses an email address:
EnvelopeV2 envelope = publisherUid2Helper.createEnvelopeForTokenGenerateRequest(TokenGenerateInput.fromEmail(emailAddress));
-
Using an HTTP client library of your choice, post this envelope to the POST token/generate endpoint, including headers and body:
-
Headers: Depending on your HTTP library, this might look something like the following:
.putHeader("Authorization", "Bearer " + UID2_API_KEY)
.putHeader("X-UID2-Client-Version", PublisherUid2Helper.getVersionHeader())
-
Body:
envelope.getEnvelope()
-
-
If the HTTP response status code is not 200, see Response Status Codes to determine next steps. Otherwise, convert the UID2 identity response content into an
IdentityTokens
object:IdentityTokens identity = publisherUid2Helper.createIdentityfromTokenGenerateResponse({response body}, envelope);
If you're using standard integration (client and server) (see Client-Side JavaScript SDK Integration Guide):
-
Send this identity as a JSON string back to the client (to use in the identity field) using the following:
identity.getJsonString()
If you're using server-only integration (see Publisher Integration Guide, Server-Only):
-
Store this identity as a JSON string in the user's session, using:
identity.getJsonString()
. -
To use the user's UID2 token, use
identity.getAdvertisingToken()
. -
When the user accesses another page, or on a timer, determine whether a refresh is needed:
-
Retrieve the identity JSON string from the user's session, and then call the following function that generates an
IdentityTokens
object:IdentityTokens identity = IdentityTokens.fromJsonString(identityJsonString);
-
Determine if the identity can be refreshed (that is, the refresh token hasn't expired):
if (identity == null || !identity.isRefreshable()) { we must no longer use this identity (for example, remove this identity from the user's session) }
-
Determine if a refresh is needed:
if (identity.isDueForRefresh()) {..}
-
-
If a refresh is needed, call the POST token/refresh endpoint, with:
-
Headers (depending on your HTTP library, this might look something like):
.putHeader("Authorization", "Bearer " + UID2_API_KEY)
.putHeader("X-UID2-Client-Version", PublisherUid2Helper.getVersionHeader())
. -
Body:
identity.getRefreshToken()
-
-
If the refresh HTTP response status code is 200:
TokenRefreshResponse tokenRefreshResponse = PublisherUid2Helper.createTokenRefreshResponse({response body}, identity);
-
Store
tokenRefreshResponse.getIdentityJsonString()
in the user's session. If the user has opted out, this method returns null, indicating that the user's identity should be removed from the session. To confirm optout, you can use thetokenRefreshResponse.isOptout()
function.
A UID2 sharer is a participant that wants to share UID2s or EUIDs with another participant. Raw UID2s must be encrypted into UID2 tokens before sending them to another participant. For an example of usage, see com.uid2.client.test.IntegrationExamples (runSharingExample method).
-
Use UID2ClientFactory.create() to create an IUID2Client reference:
private final IUID2Client client = UID2ClientFactory.create(UID2_BASE_URL, UID2_API_KEY, UID2_SECRET_KEY);
-
Call IUID2Client.refresh once at startup, and then periodically (for example, every hour):
client.refresh();
-
Senders:
-
Call the following:
EncryptionDataResponse encrypted = client.encrypt(rawUid);
-
If encryption succeeded, send the UID2 token to the receiver:
if (encrypted.isSuccess()) {
sendencrypted.getEncryptedData()
to receiver} else {
checkencrypted.getStatus()
for the failure reason}
-
-
Receivers:
-
Call the following:
DecryptionResponse decrypted = client.decrypt(uidToken);
-
If decryption succeeded, use the raw UID2:
if (decrypted.isSuccess()) {
usedecrypted.getUid() } else {
checkdecrypted.getStatus()
for the failure reason}
-