Skip to main content

Server-Side Token Generation

If you're a publisher setting up a client-server or server-side EUID integration, the first step is to generate the EUID token on your server. Then, you can keep the token refreshed either on the client side or server side, and pass the token to the client side for sending to the RTB bidstream.

There are two approaches for publishers generating EUID tokens on the server side by providing personal data (email address or phone number):

  • Integration with an SDK
  • Direct integration to API endpoints
warning

For security reasons, the API key and secret used in token generation must be called on the server side. Do not store these values on the client side, whether on a web page, in a mobile app, or in Prebid. For details, see Security of API Key and Client Secret.

Options are summarized in the following table.

Integration SolutionGenerate TokenRefresh Token
SDK for Java✅ 
SDK for Python
Direct integration (API endpoints with custom code)

Whatever integration option you choose to generate the identity (EUID token and associated values), you'll need to implement one of the following:

  • SDK: Use one of the Publisher Client classes, in one of the EUID server-side SDKs. These classes simplify the request into a single method call.

    For instructions, see one of the following:

    If you're using an SDK option, the Identity response that you need for the rest of this guide is the output of the applicable method, as follows:

    tokenGenerateResponse.getIdentityJsonString()
  • API: Call the POST /token/generate endpoint.

    The identity output that you need for the rest of this guide is the content inside the body section of a successful endpoint response. For an example, see Successful Response.

important

The endpoint and SDK API return opt-out status if the personal data you are generating the token for has been opted out of EUID. If this happens, save the information and do not call the token generation endpoint for the same personal data again.