User Management

When integrating with Hiven, user management should be done on the client's side - Hiven does not have yet any mechanism that is responsible for it.

In order to operate properly, Hiven needs to know the userId - unique user identifier, which will be stored in Hiven and will be used to associate retrieved data to the given user.

Hiven requires userId to use uuid format and be of a string type:

const userId = 'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx';

It should be passed to every API call in an appropriate header:

X-User-Id: <userId>

Proxy Service

Passing userId directly from the client is insecure due to the fact that it can be leaked and an attacker can use it directly bypassing the client (via Postman) and accessing given user's data via API calls.

Therefore we suggest creating a Proxy Service that would validate user's JWT token, extract userId from it and communicate with Hiven Backend by attaching X-User-Id header directly on the Backend side.