Managing User Profiles

User Profiles are core to how Sahha works. Each User Profile is associated with a health analysis and corresponding sensor, and health data. This guide will teach you how to create, authenticate and manage user profiles.

Authenticating User Profiles

The Sahha SDK must be authenticated in order to connect to the Sahha API. Do this once per user profile. Once a profile is authenticated, the SDK will take care of automatically issuing and refreshing API tokens.

But before we start authenticating User Profiles you need to know how to use the ExternalID field

Using the External ID

You will need to provide your own unique External ID to authenticate a user profile. An External ID can be any string you choose to identify a user profile within your organization. This ID must be unique for each of your users. This ID has a limit of 100 characters.

We suggest using an anonymous UUID e.g. 123e4567-e89b-12d3-a456-426614174000

If your user changes devices, make sure to use the same External ID to identify them on the new device.

User Privacy Warning

Sahha does not collect personally identifiable information from users to safeguard user data privacy and security.

DO NOT use an ExternalID that could be used to personally identify a user.

For example, do not use emails or usernames for an ExternalID:

  • Email (
  • Username (TimmyT_123)

Now that you know how to use the ExternalID you can start authenticating User Profiles.

Authenticate Profiles via SDK

The fastest way to authenticate a User Profile is via the Sahha SDK. You will need your appID and appSecret to authenticate user profiles with an External ID which you can get from your Sahha Dashboard under the API keys tab.

Sahha.authenticate(appId: "APP_ID", appSecret: "APP_SECRET", externalId: "EXTERNAL_ID") { error, success ->
if (success) greeting = "Successful"
else greeting = error ?: "Failed"

Finding your App ID and App Secret

Your appId and appSecret are available in the Sahha dashboard.

Login to the Sahha Dashboard

These values are separate from your clientId and clientSecret and should only be used to authenticate a profile via the SDK.

DO NOT store your app ID and App Secret in your app code. Your account could be harmed if any 3rd party gains access to these two values.

We recommend storing and accessing these values from your server on app launch.

Authenticate Profiles via API

You can also authenticate a user profile via the API and then pass the Profile Token to the SDK.

View the API docs: API - Authenticate User Profile

Step 1) Use your accountToken and externalId to authenticate a user profile via the profile/register endpoint.

// POST "/oauth/profile/register"
"externalId": "MY_EXTERNAL_ID"

You will receive a profileToken and refreshToken in the API response.

// POST "/oauth/profile/register"
"profileToken": "PROFILE_TOKEN",
"expiresIn": "86400",
"tokenType": "Profile",
"refreshToken": "REFRESH_TOKEN"

Step 2) Pass the profileToken and refreshToken you generated via the API to the SDK.

Sahha.authenticate(profileToken: "PROFILE_TOKEN", refreshToken: "REFRESH_TOKEN") { error, success ->
if (success) greeting = "Successful"
else greeting = error ?: "Failed"


If you would like to change authenticated users, first deauthenticate the current user before authenticating a new user.

The SDK will take care of switching user data and automatically issuing and refreshing API tokens.

Sahha.deauthenticate { error, success ->
if (success) farewell = "Successful"
else farewell = error ?: "Failed"

Check Authentication

You can easily check if a profile is already authenticated via the SDK.

if Sahha.isAuthenticated {
print("Profile is ready")
} else {
print("You must authenticate your profile")