Unique User Identifier Hashing
Brief Overview
Default User Identifier Functionality
Identifier Hashing
In order to add an additional layer of security to the collection of the end user identifier, the value of this identifier can be configured to be hashed. WalkMe supports SHA256 base 64 + SALT.
SALT is a random data that is used as an additional input to a one-way function that hashes data, a password or passphrase. Salts are used to safeguard passwords in storage. WalkMe will store this SALT on the client-side for use in hashing the identifier.
When no SALT is defined, the feature will use the regular SHA256 hashing algorithm. The original end user identifier will not appear or be stored anywhere within the WalkMe infrastructure. The hashing function is run client-side on the end-users web browser, and all communication from their browser to the WalkMe infrastructure only sends the hashed UUID value.
The identity provider sends a value of adam.br as the identifier for an end user. Using only the basic hash algorithm, the UUID value for that user will be stored in the WalkMe servers as LxhaMQBuA3cjHQqujqUmW/YDuHkWuCFjsT2uXs7lDQY.
Hashing Process - Technical Flow
Applying the end user ID hashing does not impact the WalkMe architecture, and the same rules and configuration apply.
The feature applies as part of the WalkMe Player that is running on the client-side machine. When this feature is applied, the WalkMe Player executes the hashing algorithm. Every analytics event sent to the WalkMe server will be sent with the unique hashed unique user identifier.