Set up server-to-server (S2S) security

With Adjust's S2S security feature, you can add an authentication token to requests. This secures your S2S events and ad revenue, and protects against spoofed requests.

After you set up S2S security, each incoming request must carry a token generated in AppView. Requests that do not carry a valid token are rejected by our server.

Before you begin

Here's what you need to know before getting started.

Requirements

Warning:
S2S Security is not compatible with Google Tag Manager event measurement. Using Adjust's S2S authentication tokens in your Google Tag Manager configuration means that incoming Google Tag events are rejected.

Set up S2S authentication

  1. Under AppView, select All apps.
  2. Select your app.
  3. Select the Protection tab.
  4. Under the S2S Security section, select Open S2S Security.
  5. Select Add token.
  6. Enter a token name, and select .
  7. Select to copy the token, and send it to your developer to add to your S2S event requests.
  8. Ask your developer to run tests to confirm the integration.

At this point, S2S authentication is not active and requests carrying invalid tokens are still accepted. Speak to your dedicated Technical Account Manager or contact support@adjust.com to validate the setup before activating S2S authentication.

Activate S2S authentication

Important:
Activate S2S authentication only after your developer has tested token implementation, and your Technical Account Manager or our team at support@adjust.com has validated your setup. 

To activate S2S authentication, follow these steps.

  1. Under AppView, select All apps.
  2. Select your app.
  3. Select the Protection tab.
  4. Under the S2S Security section, select Open S2S Security.
  5. Switch the toggle ON.
  6. Confirm to proceed.

Now, all incoming S2S requests are required to carry an active authentication token.

S2S developer documentation

Use the link below to view all documentation for developers about server-to-server integration.