- V3 — Server-to-Server (GETTOKEN)
- V4 — Hashed Validation
V3 offers server-to-server callbacks via the GETTOKEN API, which hides sensitive scores and flags produced by SEARCH and REVIEW behind a server-side response.WorkflowIntegration notesSee the GETTOKEN endpoint.
1
Request a token (client-side)
Make a client-side GETTOKEN call to Research Defender with your publishable key. Launching client-side ensures the respondent’s device information is gathered in the same transaction.
2
Receive the token
Research Defender returns a unique single-use token (a SHA-256 hash value) in a client-side response.
3
Call SEARCH or REVIEW (server-side)
Make a server-side SEARCH or REVIEW call that includes the token in the header, along with your private key.
4
Receive results
Research Defender returns all relevant SEARCH or REVIEW data in a server-side response.
- A unique token is required for each transaction — tokens cannot be reused.
- GETTOKEN generates between 1 and 10 tokens per call. By default it returns one; request more with the
tokens=parameter. - Identity parameters such as
rt_sr_pd(panelist ID) andrt_hd_el(hashed email) should be provided on the GETTOKEN call as well as the SEARCH call. These are optional and only apply to customers who know the identity of their respondents. - GETTOKEN is only available on V3 and only via the GET method.