HomeSecurityPricingDashboard
Search…
Quick start
Identifying users
Privacy
Support
User roles
Support tools
Salesforce + phone workflow
Troubleshooting
Localhost testing
Content-Security-Policy (CSP)
IFrames
Cohere session definition
Metrics and logs
Audit logs
Platform integrations
Google Tag Manager
Bubble.io
Shopify
Wix
Memberstack
Squarespace
Webflow
Salesforce Site
External Integrations
Slack integration
Microsoft Teams integration
Intercom integration
Zendesk integration
Sentry integration
Segment integration
Call recordings
Calendly
API
Voice widget
Calling API
Authenticating users securely
Multiplayer status events
Selective session recording
Getting current session URL
Powered By GitBook
Authenticating users securely
For sensitive applications, we recommend that our customers use our secure authentication mechanism to ensure that users are who they say they are. When identifying users in this manner, you'll need to use a secret on your application's backend in order to generate a cryptographically secure hash that should be passed into Cohere.identify.

Creating the hash

We provide example HMAC generation code for common web programming languages. If your backend language is not listed here, we'd be happy to add instructions. Please contact us at [email protected]
We will provide you with an authentication secret that you will need to store securely on your backend. DO NOT STORE THIS SECRET IN VERSION CONTROL OR EXPOSE IT ON ANY PUBLICLY FACING ASSETS.
Once we send this secret over to you, Cohere.identify calls will not work without the identityHash attribute.
Next, you will need to return the token for an identified user, either with an authenticated endpoint (in the case of an SPA) or inside the response itself.
Python 3
Node.js
Ruby
import hmac
import hashlib
import json
hmac.new(
b"COHERE_AUTHENTICATION_SECRET_HERE",
bytes(
json.dumps(
{"id": user_id, "displayName": user_name, "email": user_email},
separators=(",", ":"),
),
encoding="utf-8",
),
digestmod=hashlib.sha256,
).hexdigest()
import crypto from "crypto";
crypto
.createHmac("sha256", "COHERE_AUTHENTICATION_SECRET_HERE")
.update(
JSON.stringify({ id: userId, displayName: userName, email: userEmail })
)
.digest("hex");
OpenSSL::HMAC.hexdigest(
'sha256',
'COHERE_AUTHENTICATION_SECRET_HERE',
JSON.generate({'id': user_id, "displayName": user_name, "email": user_email })
)

Authenticating the user

When calling Cohere.identify, pass in the authHash attribute along with the other identifying data for the user:
Cohere.identify({
id: "user_id",
displayName: "First Last (555-555-555)",
email: "[email protected]"
authHash: await (await fetch('/generate-auth-hash')).text()
})
The user will then be identified with Cohere their attributes will be searchable.
After the secure authentication mechanism is enabled, all identify calls that lack or have an invalid authHash will fail.
Previous
Call Layout Options
Next - API
Multiplayer status events
Last modified 9mo ago
Copy link
Outline
Creating the hash
Authenticating the user