Skip to main content

Tokens

Tokens are authentication credentials that the Portal generates for you to use with INCERT, the backend pseudonymisation system. Think of them like temporary passwords that authorize INCERT to process your data according to your project's configuration.

When the Portal generates a token, you receive an authentication credential that:

  • Authorizes your requests to INCERT for pseudonymisation operations
  • Contains your project's configuration (reversibility, treatment, output format)
  • Expires after a set period for security, depending on your project's retention settings
  • Doesn't contain your actual data—it's just an authorization key

You use tokens by including them in API requests when sending data to INCERT for processing. The Portal manages token generation; INCERT handles the actual pseudonymisation.

Token types

The Portal supports three token types for different pseudonymisation scenarios. This diagram illustrates how they relate to your data transformation journey:

Pseudonymisation token

Pseudonymisation tokens convert your original data (personal identifiers) into pseudonyms. This token allows you to:

  • Convert personal identifiers (names, IDs, etc.) into pseudonyms
  • Allow collaboration partners to work with the pseudonymised data
  • Can be reversed if your project configuration allows it

When to use: Use this token for your initial data pseudonymisation when sharing data with research partners in standard collaboration scenarios.

Reverse token

Reverse tokens allow you to convert pseudonymised data back to original identifiers, if your project is configured as "Reversible" and within the retention period. Reverse tokens:

  • Take pseudonymised values and returns the original data
  • Only work if your project is configured as "Reversible"
  • Require proper permissions and during the retention periodz

When to use: Use this token for data verification, quality checks, and audit processes when you have a legitimate need to access original identifiers. This must be done before the retention period expires.

Secondary token

Secondary tokens allow you to re-pseudonymise data that has already been pseudonymised. This is useful for adding an extra layer of protection when sharing data with third parties. Secondary tokens:

  • Creates a second layer of pseudonymisation
  • Prevent recipients from accessing the original identifiers
  • Can be reversed to reveal the first-level pseudonyms, but not the original data

When to use: Use this token when sharing with third-party organizations who shouldn't have access to source identifiers, or when you need additional privacy protection to prevent correlation between datasets.