Security features

Password protection

The password protection feature provides additional security for the inbound tool. This can be enabled within the lead generation security settings.

When the feature is enabled a secure password will be generated, and you must use this password to generate a token required for each report request.

Generating the token

The token must be generated by creating a SHA256 value of the URL to be analysed plus the password that has been generated.

The following shows an example of how this is achieved in PHP:

$url = 'mywebsite.com';
$password = 'generated_password';
$token = hash('sha256', $url . $password);

Passing the token in the request

The parameter containing the token must be named “security_token”. Include this parameter in the JSON body for your report request.

For example:

{  
   "url": "mywebsite.com",
   "security_token": "GENERATED_TOKEN"
}

When we handle the request, we will generate our own token in the same method as described above, and ensure the provided token matches this value.

Admin features

You can refresh the password at any time, however be cautious that this will break any requests using the previous password.

The feature can also be disabled at any time by switching the toggle off, and confirming using the button

  • Was this helpful?
  • Yes   No