We Speak “Developer” We know you have tons of priorities on your roadmap. But whether DMX is at the top of your priority list or not, your customers are demanding it. That’s where SmartVault can help. We offer secure, award-winning document management and file sharing capabilities that integrate seamlessly with […]
Best Practices and Security Considerations
Use a TLS library that validates server identity. An improved implementation would ensure the identity of the SmartVault host. Perform this by retrieving the X509 certificate associated with smartvault.com and use it to validate the endpoint. Access tokens should be carefully managed. During the OAuth autonomous flow, you will be […]
Widget Properties
The SmartVault widget is a mini-sized application that you can embed into your application. By embedding the SmartVault widget, you will provide your users with convenient access to their SmartVault account. They will be able to easily manage their files and folders as well as view or download documents right […]
Integrating SmartVault Into Your Web Application
JavaScript SDK With just a few lines of JavaScript and in less time than it takes to pour a cup of joe, you can add file sharing, DMS, and upload/download inboxes directly to your website. Our Javascript SDK allows you to embed a SmartVault widget on any web page served […]
The Delegation Token
What Are Delegation Tokens? Delegation tokens grant an application access to perform operations on behalf of a SmartVault user. You can obtain a delegation token by redeeming the client token you receive after the user authorizes your application. If the request is successful, you will receive the token, the expiration in […]
The Client Token
What Are Client Tokens? This is a temporary token which can be used by an application to perform administrative tasks. To request a client token, you will need a self-signed token that uniquely identifies your application so that the SmartVault service can recognize it. After redeeming your self-signed token, SmartVault will hand you the […]
SmartVault Nonce
A nonce, which stands for “number used once,” is a large and unique random number (or other data variable) that is only used once. Nonces are used to prevent misuse or malicious attacks when requests are made over a non-secure channel, such as HTTP. The longer a nonce is, the more difficult […]
Pin-Based Authentication
A PIN is a confidential numeric password used to authenticate a user to a server. Using PIN-based authentication, the user inputs a PIN code into your application. Typically, the user is presented with the PIN from the SmartVault web server and either enters the code manually or performs a copy […]
Autonomous Authentication
Autonomous authentication is a method for enabling applications to act on behalf of users to interact with SmartVault without disclosing the users’ usernames and passwords or your Client ID. In addition, using this technique allows a user to revoke an application’s access to his or her private data at any time. There […]
Terminology
In order to effectively use the SmartVault REST API, you should be familiar with the following concepts: Account All data is stored inside a SmartVault account. An account consists of billing information, access control, and a series of invited users. Developers will have a developer account, but they will typically be […]