End-user accounts

Owned by Adaptavist ScriptRunner for Confluence Cloud
Last updated: Apr 15, 2022 by Christopher Snider
1 min read

All new accounts—for End-users and Clinicians—are created by visiting tidepool.org/signup.

Search this space

Account creation

A valid email address is required, and serves as the account username. Accounts are verified using an email that includes a unique URL based on a unique, 192-bit verification key. Accounts must be verified via an emailed link to that account.

This support article details the full account creation workflow.

Authentication

Authentication is performed using username and password over an encrypted HTTPS connection. A 1024-bit session token is returned to the client. This token must be used for all subsequent API requests.

Password protection

Account passwords must be between 8 and 72 characters and not contain whitespace. No other restrictions are imposed. Passwords are not stored; a unique hash is created using one-way SHA-1 function using a private salt.

  • If an end user forgets their password, they can select Forgot my password from the login page, which sends an email to the account of record that includes a reset link with a unique key.

The content of the Tidepool Technical Documentation is licensed under a Creative Commons CC0 1.0 Universal (CC0 1.0) Public Domain Dedication.