Handling DID authentication tokens

Tokens grant the holder of them certain privileges.

There are three different types of token and each needs to be managed carefully.

Site tokens

A site token identifies your site with DID. This token is not secret and can be safely used in the front end.

API tokens

An API token is used to authenticate requests to the DID API. This must be stored securely and used only on the server.

Authentication tokens

These tokens are generated by a client when they authenticate. They are single use.