To support Forge data residency, I need to stop sending accountId to my analytics system outside of Forge (aka a remote), but instead sends an anonymous value unique for each user. And to help with the anonymization, the hash should be unique for a specific user and a specific installation of my app. Aka user Alice should have a different hash on https://company1.atlassian.net and https://company2.atlassian.net.
To do this, I could use the cloudId as a salt of my hash function, but it is public, so that is a very bad salt.
The other values I could find are the localId which seems to contain the appId and the envId. Are those values public ?
Is there any other value that I could use for my salt, which is known only to an installation of my app?
Or should I inject a salt as a secret env variable in my app, and then do something like:
import { createHash } from "node:crypto"
hash.update(process.env.MY_SECRET_SALT + localId + accountId);
const userHash = hash.digest('base64');
console.log({ userHash});
The other solution I have in mind is to generate a secret during the app installation event, and store it in Forge storage. But that require an extra call to Forge storage, which is slow, for any analytics event.