{"id":26091680,"url":"https://github.com/intercom/identity-verification-code-samples","last_synced_at":"2026-02-24T08:04:03.812Z","repository":{"id":137144965,"uuid":"525504222","full_name":"intercom/identity-verification-code-samples","owner":"intercom","description":"Sample code snippets for setting up Identity Verification in the Intercom Messenger","archived":false,"fork":false,"pushed_at":"2022-08-16T18:53:15.000Z","size":4,"stargazers_count":1,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"main","last_synced_at":"2025-10-28T11:34:44.507Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/intercom.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-08-16T18:47:00.000Z","updated_at":"2022-08-17T19:15:14.000Z","dependencies_parsed_at":null,"dependency_job_id":"29d50f9e-08b7-41be-8c08-f8ea93c04320","html_url":"https://github.com/intercom/identity-verification-code-samples","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/intercom/identity-verification-code-samples","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/intercom%2Fidentity-verification-code-samples","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/intercom%2Fidentity-verification-code-samples/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/intercom%2Fidentity-verification-code-samples/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/intercom%2Fidentity-verification-code-samples/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/intercom","download_url":"https://codeload.github.com/intercom/identity-verification-code-samples/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/intercom%2Fidentity-verification-code-samples/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29775845,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-24T04:54:30.205Z","status":"ssl_error","status_checked_at":"2026-02-24T04:53:58.628Z","response_time":75,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-03-09T10:22:59.135Z","updated_at":"2026-02-24T08:04:03.773Z","avatar_url":"https://github.com/intercom.png","language":null,"funding_links":[],"categories":[],"sub_categories":[],"readme":"Intercom user_hash\n==================\n- Code for generating the user_hash value for [Intercom's Identity verfication](https://docs.intercom.com/configure-intercom-for-your-product-or-site/staying-secure/enable-identity-verification-on-your-web-product) (Note: Identity verification was prevoiusly called Secure Mode)\n- Based on http://www.jokecamp.com/blog/examples-of-creating-base64-hashes-using-hmac-sha256-in-different-languages/#ruby\n- When creating this for mobile, the final output needs to be in **lowercase** (the web version accepts both upper and lower case)\n\nRemember that your secret key should never be exposed to the public\n-------------------------------------------------------------------\n- So Javascript code below should only be used for testing unless modified and used to run on a server\n\nJavascript\n==========\n```\n\u003cscript src=\"https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/hmac-sha256.js\"\u003e\u003c/script\u003e\n\u003cscript src=\"https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/components/enc-base64-min.js\"\u003e\u003c/script\u003e\n\u003cscript\u003e\n  var hash = CryptoJS.HmacSHA256(\"Message\", \"secret\");\n  var hashInHex = CryptoJS.enc.Hex.stringify(hash);\n  document.write(hashInHex); // aa747c502a898200f9e4fa21bac68136f886a0e27aec70ba06daf2e2a5cb5597\n\u003c/script\u003e\n```\n\nNode\n====\n```\nconst crypto = require('crypto');\nconst hmac = crypto.createHmac('sha256', 'secret');\nhmac.update('Message');\nconsole.log(hmac.digest('hex')); // aa747c502a898200f9e4fa21bac68136f886a0e27aec70ba06daf2e2a5cb5597\n```\n\nPHP\n===\n```\n\u003c?php\necho hash_hmac('sha256', 'Message', 'secret'); // thanks @AshleyPinner https://gist.github.com/thewheat/7342c76ade46e7322c3e#gistcomment-1820677\n?\u003e\n```\n\nJava\n====\n```\nimport javax.crypto.Mac;\nimport javax.crypto.spec.SecretKeySpec;\n\npublic class Test {\n  public static void main(String[] args) {\n  try {\n      String secret = \"secret\";\n      String message = \"Message\";\n\n      Mac sha256_HMAC = Mac.getInstance(\"HmacSHA256\");\n      SecretKeySpec secret_key = new SecretKeySpec(secret.getBytes(), \"HmacSHA256\");\n      sha256_HMAC.init(secret_key);\n\n      byte[] hash = (sha256_HMAC.doFinal(message.getBytes()));\n      StringBuffer result = new StringBuffer();\n      for (byte b : hash) {\n        result.append(String.format(\"%02x\", b)); // thanks sachins! https://gist.github.com/thewheat/7342c76ade46e7322c3e#gistcomment-1863031 \n      }\n      System.out.println(result.toString()); // aa747c502a898200f9e4fa21bac68136f886a0e27aec70ba06daf2e2a5cb5597\n    }\n    catch (Exception e){\n      System.out.println(\"Error\");\n    }\n  }\n}\n```\n\nGroovy\n======\n```\nimport javax.crypto.Mac;\nimport javax.crypto.spec.SecretKeySpec;\nimport java.security.InvalidKeyException;\n\ndef hmac_sha256(String secretKey, String data) {\n try {\n    Mac mac = Mac.getInstance(\"HmacSHA256\")\n    SecretKeySpec secretKeySpec = new SecretKeySpec(secretKey.getBytes(), \"HmacSHA256\")\n    mac.init(secretKeySpec)\n    byte[] digest = mac.doFinal(data.getBytes())\n    return digest\n   } catch (InvalidKeyException e) {\n    throw new RuntimeException(\"Invalid key exception while converting to HMac SHA256\")\n  }\n}\n\ndef hash = hmac_sha256(\"secret\", \"Message\")\nStringBuffer result = new StringBuffer();\nfor (byte b : hash) {\nresult.append(String.format(\"%02x\", b)); // thanks sachins! https://gist.github.com/thewheat/7342c76ade46e7322c3e#gistcomment-1863031\n}\nprint(result.toString()); // aa747c502a898200f9e4fa21bac68136f886a0e27aec70ba06daf2e2a5cb5597\n```\n\n\nC#\n==\n```\nusing System.Security.Cryptography;\n\nnamespace Test\n{\n\tpublic class MyHmac\n\t{\n\t\tpublic static void Main(string[] args){\n\t\t\tvar hmac = new MyHmac ();\n\t\t\tSystem.Console.WriteLine(hmac.CreateToken (\"Message\", \"secret\")); // AA747C502A898200F9E4FA21BAC68136F886A0E27AEC70BA06DAF2E2A5CB5597\n\t\t}\n\t\tprivate string CreateToken(string message, string secret)\n\t\t{\n\t\t\tsecret = secret ?? \"\";\n\t\t\tvar encoding = new System.Text.ASCIIEncoding();\n\t\t\tbyte[] keyByte = encoding.GetBytes(secret);\n\t\t\tbyte[] messageBytes = encoding.GetBytes(message);\n\t\t\tusing (var hmacsha256 = new HMACSHA256(keyByte))\n\t\t\t{\n\t\t\t\tbyte[] hashmessage = hmacsha256.ComputeHash(messageBytes);\n\n\t\t\t\tvar sb = new System.Text.StringBuilder();\n\t\t\t\tfor (var i = 0; i \u003c= hashmessage.Length - 1; i++)\n\t\t\t\t{\n\t\t\t\t\tsb.Append(hashmessage[i].ToString(\"x2\")); // Thanks! @ermirbeqiraj https://gist.github.com/thewheat/7342c76ade46e7322c3e#gistcomment-3180664\n\t\t\t\t}\n\t\t\t\treturn sb.ToString();\n\t\t\t}\n\t\t}\n\t}\n}\n```\n\nObjective C\n===========\n```\n#import \u003cFoundation/Foundation.h\u003e\n#import \u003cCommonCrypto/CommonHMAC.h\u003e\n\nNSData *hmacForKeyAndData(NSString *key, NSString *data)\n{\n    const char *cKey  = [key cStringUsingEncoding:NSASCIIStringEncoding];\n    const char *cData = [data cStringUsingEncoding:NSASCIIStringEncoding];\n    unsigned char cHMAC[CC_SHA256_DIGEST_LENGTH];\n    CCHmac(kCCHmacAlgSHA256, cKey, strlen(cKey), cData, strlen(cData), cHMAC);\n    return [[NSData alloc] initWithBytes:cHMAC length:sizeof(cHMAC)];\n}\n\n// http://stackoverflow.com/a/9084784\nNSString *hexadecimalString(NSData *data){\n    /* Returns hexadecimal string of NSData. Empty string if data is empty.   */\n\n    const unsigned char *dataBuffer = (const unsigned char *)[data bytes];\n\n    if (!dataBuffer)\n        return [NSString string];\n\n    NSUInteger          dataLength  = [data length];\n    NSMutableString     *hexString  = [NSMutableString stringWithCapacity:(dataLength * 2)];\n\n    for (int i = 0; i \u003c dataLength; ++i)\n        [hexString appendString:[NSString stringWithFormat:@\"%02lx\", (unsigned long)dataBuffer[i]]];\n\n    return [NSString stringWithString:hexString];\n}\nint main (int argc, const char * argv[])\n{\n    @autoreleasepool {\n        NSLog(@\"%@\", hexadecimalString(hmacForKeyAndData(@\"secret\", @\"Message\")));\n    }\n    return 0;\n}\n```\n\nGo\n==\n```\npackage main\n\nimport (\n    \"crypto/hmac\"\n    \"crypto/sha256\"\n    \"encoding/hex\"\n    \"fmt\"\n)\n\nfunc ComputeHmac256(message string, secret string) string {\n    key := []byte(secret)\n    h := hmac.New(sha256.New, key)\n    h.Write([]byte(message))\n    return hex.EncodeToString(h.Sum(nil))\n}\n\nfunc main() {\n    fmt.Println(ComputeHmac256(\"Message\", \"secret\")) // aa747c502a898200f9e4fa21bac68136f886a0e27aec70ba06daf2e2a5cb5597\n}\n```\n\n\nRuby\n====\n```\nrequire 'openssl'\n\nOpenSSL::HMAC.hexdigest('sha256', \"secret\", \"Message\") # aa747c502a898200f9e4fa21bac68136f886a0e27aec70ba06daf2e2a5cb5597\n```\n\nPython (2.x)\n============\n```\nimport hashlib\nimport hmac\n\nKEY = \"secret\"\nMESSAGE = \"Message\"\nresult = hmac.new(KEY, MESSAGE, hashlib.sha256).hexdigest()\nprint result # aa747c502a898200f9e4fa21bac68136f886a0e27aec70ba06daf2e2a5cb5597\n```\n\nPython (3.x)\n============\n```\nimport hashlib\nimport hmac\n\nKEY = \"secret\"\nKEY_BYTES=KEY.encode('ascii')\nMESSAGE = \"Message\"\nMESSAGE_BYTES=MESSAGE.encode('ascii')\nresult = hmac.new(KEY_BYTES, MESSAGE_BYTES, hashlib.sha256).hexdigest()\n\nprint (result) # aa747c502a898200f9e4fa21bac68136f886a0e27aec70ba06daf2e2a5cb5597\n```\n\nPerl\n====\n```\nuse Digest::SHA qw(hmac_sha256_hex);\n$digest = hmac_sha256_hex(\"Message\", \"secret\");\nprint $digest; # aa747c502a898200f9e4fa21bac68136f886a0e27aec70ba06daf2e2a5cb5597\n```\n\nSwift\n=====\n```\n// Add\n// #import \u003cCommonCrypto/CommonHMAC.h\u003e\n// to the bridging Objective-C bridging header.\n\nimport Foundation\n\nenum CryptoAlgorithm {\n    case MD5, SHA1, SHA224, SHA256, SHA384, SHA512\n\n    var HMACAlgorithm: CCHmacAlgorithm {\n        var result: Int = 0\n        switch self {\n        case .MD5:      result = kCCHmacAlgMD5\n        case .SHA1:     result = kCCHmacAlgSHA1\n        case .SHA224:   result = kCCHmacAlgSHA224\n        case .SHA256:   result = kCCHmacAlgSHA256\n        case .SHA384:   result = kCCHmacAlgSHA384\n        case .SHA512:   result = kCCHmacAlgSHA512\n        }\n        return CCHmacAlgorithm(result)\n    }\n\n    var digestLength: Int {\n        var result: Int32 = 0\n        switch self {\n        case .MD5:      result = CC_MD5_DIGEST_LENGTH\n        case .SHA1:     result = CC_SHA1_DIGEST_LENGTH\n        case .SHA224:   result = CC_SHA224_DIGEST_LENGTH\n        case .SHA256:   result = CC_SHA256_DIGEST_LENGTH\n        case .SHA384:   result = CC_SHA384_DIGEST_LENGTH\n        case .SHA512:   result = CC_SHA512_DIGEST_LENGTH\n        }\n        return Int(result)\n    }\n}\n\nextension String {\n\n    func hmac(algorithm: CryptoAlgorithm, key: String) -\u003e String {\n        let str = self.cStringUsingEncoding(NSUTF8StringEncoding)\n        let strLen = Int(self.lengthOfBytesUsingEncoding(NSUTF8StringEncoding))\n        let digestLen = algorithm.digestLength\n        let result = UnsafeMutablePointer\u003cCUnsignedChar\u003e.alloc(digestLen)\n        let keyStr = key.cStringUsingEncoding(NSUTF8StringEncoding)\n        let keyLen = Int(key.lengthOfBytesUsingEncoding(NSUTF8StringEncoding))\n\n        CCHmac(algorithm.HMACAlgorithm, keyStr!, keyLen, str!, strLen, result)\n\n        let digest = stringFromResult(result, length: digestLen)\n\n        result.dealloc(digestLen)\n\n        return digest\n    }\n\n    private func stringFromResult(result: UnsafeMutablePointer\u003cCUnsignedChar\u003e, length: Int) -\u003e String {\n        var hash = NSMutableString()\n        for i in 0..\u003clength {\n            hash.appendFormat(\"%02x\", result[i])\n        }\n        return String(hash)\n    }\n\n}\n\n\nprint(\"Message\".hmac(CryptoAlgorithm.SHA256, key: \"secret\")) //aa747c502a898200f9e4fa21bac68136f886a0e27aec70ba06daf2e2a5cb5597\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fintercom%2Fidentity-verification-code-samples","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fintercom%2Fidentity-verification-code-samples","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fintercom%2Fidentity-verification-code-samples/lists"}