-
Notifications
You must be signed in to change notification settings - Fork 11
DigiTrust for DSPs
The overall objective of a DigiTrust integration for a DSP is to allow for data exchange and bidding without the need for point-to-point user sync.
We expect that this would necessitate
- Integration into user sync systems in order to map from a DigiTrust ID to an internal user record;
- Receiving direct data events (from a browser) with an encrypted
DTIDpassed as a query parameter; - Receiving indirect data from a DMP with an unencrypted
DTID; - Bidding on RTB requests with a
DTIDvalue as the sole index into user data;
In most cases we think the goal should be to resolve a user record directly from a DTID value (DigiTrust ID -> {user data} rather than DigiTrust ID -> Proprietary ID -> {user data}); to treat a DigiTrust ID similarly to IDFA or other proprietary identity system.
Because of budget and staffing limitations, DigiTrust does not operate large scale user sync infrastructure. As a result, the preferred mechanism to integrate DigiTrust into user sync systems is to use a .digitru.st subdomain assigned via DNS CNAME to self-managed infrastructure.
Additionally DSPs may choose to build a DTID -> {user data} index using observed RTB requests.
- See the Cookies for Platforms page for details on the cookie format and required use cases.
Publishers and advertisers directly deploy the DigiTrust javascript on content; DSPs with javascript-based pixels should use the javascript API for access to a DTID value.
let dtid = '', dtkeyv = '';
if (DigiTrust && DigiTrust.getUser) {
const r = DigiTrust.getUser({'member':'test'});
if (r && r.success && r.identity) {
dtid = r.identity.id; // encrypted user ID
dtkeyv = r.identity.keyv; // key version used for encryption
}
}
// include both as query parameters in a pixel
let img = document.createElement('img');
img.src = 'https://pixel.example.com/img?dtid=' + dtid + '&dtkeyv=' + dtkeyv;
img.setAttribute('height', '0');
img.setAttribute('width', '0');
document.getElementById('body').appendChild(img);
The only parameter to getUser() is a member ID value ("test" in the example above) which is assigned upon joining DigiTrust.
The received dtid query parameter will be an encrypted DTID value (Vb0YJIxTMJV4W0GHRdJ3MwyiOVYJjYEgc2QYdBSG) which can be decrypted using the RSA key with version matching the dtkeyv parameter.
- See the Integration Guide page for further details on the javascript API.
- See the ID Encryption page for ID encryption details.
- Request access to the private member-area github project for the key versions API.
The mechanics of each DMP integration will be unique to the DMP. However, a DSP can plan to receive targeting data which is indexed by an unencrypted DTID.
For example, in json format:
[
{
"user":"oIB0sw9b77k=",
"segments": [
1234, 5678, 9012, 3456, 7890
]
}
]
Exchanges are expected to send an unencrypted user ID value in bid requests to authorized DSPs.
{
...
"user":{
"ext":{
"digitrust": {
"id": "oIB0sw9b77k="
}
}
}
}
- See the OpenRTB Extension page