Per-User Encryption

Per-user encryption allows you to encrypt data for a certain user. This guide shows how to encrypt and decrypt data for the end-user with PureKit.

Before you begin

Encrypt data

To encrypt data for a userId, PureKit provides you with the encrypt function.

For each userId-dataId pair, PureKit generates a unique key pair. Therefore, data encryption is performed in a way only a user with the appropriate key can decrypt the data.

Here is an example of data encryption:

byte[] cipherText = pure.encrypt(userId, dataId, plainText)

Note that there can be multiple data IDs, e.g., if data is divided in groups. Read more on how data can be grouped here.

Decrypt data

Use the decrypt function to perform data decryption. This function can be used after the user has been authenticated to decrypt the encrypted data.

Here is an example of data decryption:

byte[] plainText = pure.decrypt(authResult.getGrant(), dataId, cipherText);

PureGrant is a token generated for the data owner during the authentication process.

Just like in the encrypt function, there can be multiple data IDs, e.g., if data is divided in groups. Read more on how data can be grouped here.

Next setup

Share the encrypted data with other users or external services: