Skip to main content
All CollectionsGenerating leads
Preventing abuse of the lead generation feature
Preventing abuse of the lead generation feature

Enable password protection

Zoe Fletcher avatar
Written by Zoe Fletcher
Updated over a year ago

Bespoke lead generation is available to our Enterprise partners. Please contact your Customer Success Manager to find out more. If you're on the Pay-As-You-Go plan, check out our self-serve lead generation widget.

Password protection

The password protection feature provides additional security for the inbound tool. This can be enabled within the lead generation security settings.

When the feature is enabled a secure password will be generated, and you must use this password to generate a token required for each report request.

Generating the token

The token must be generated by creating a SHA256 value of the URL to be analysed plus the password that has been generated.

The following shows an example of how this is achieved in PHP:

$url = 'mywebsite.com'; $password = 'generated_password'; $token = hash('sha256', $url . $password);

Passing the token in the request

The parameter containing the token must be named “security_token”. Include this parameter in the JSON body for your report request.

For example:

{ "url": "mywebsite.com", "security_token": "GENERATED_TOKEN" }

When we handle the request, we will generate our own token in the same method as described above, and ensure the provided token matches this value.

Admin features

You can refresh the password at any time, however, be cautious that this will break any requests using the previous password.

The feature can also be disabled at any time by switching the toggle off, and confirming using the button

Did this answer your question?