See “Access Control Manager.”

Access Control Manager

Central component of SaaS key management infrastructure that hosts and manages keys, enforces policies for access controls, and brokers access to protected data via authentication and authorization. Also see “Entity Attribute Service” and “Key Access Server.”

Active Policy

Any protected data interaction over a 30-day period via operations like encrypt, decrypt, access, or updates to protected data. Also see “Policy.”

appId Token

An authentication token and associated email address that identify an entity to the Virtru Platform. Subject to expiration every 120 days. How do I get an appId?

Domain Whitelisting

A process by which Virtru verifies a domain as a valid endpoint for use with the Virtru JavaScript SDK. How do I whitelist my domain?


See “Entity Attribute Service”


A user trying to protect or access data. Not necessarily human (e.g. bots or devices). Identified by email address.

Entity Attribute Service

Provides identity management services and asserts attributes owned by an entity.

HMAC Token & Secret

An authentication method that identifies a set of entities under one organization to the Virtru Platform. Not subject to expiration. Also see “appId Token.”


See “Key Access Server.”

Key Access Server

Determines whether an entity has access to request decryption key or not.


See “Policy Owner.”


A way to control access to protected data throughout its lifecycle. Also see “Active Policy” and “Policy Owner.”

Policy Owner

The entity that owns the policy. Commonly the same entity that created the policy by protecting sensitive data. Also see “Policy.”

.tdf File Extension

Data encrypted with a Virtru SDK in ZIP format. Also see “.tdf.html File Extension” and “Trusted Data Format.”

.tdf.html File Extension

Data encrypted with a Virtru SDK in HTML format. Also see “.tdf File Extension” and “Trusted Data Format.”


See “Trusted Data Format.”

Trusted Data Format

An open format for data-centric protection that binds encrypted data to policies and metadata ensuring that only the owner and authorized entities have access. Read the TDF3 spec.

Virtru Control Center

A web-based administrative console for managing, tracking, and controlling data protection policies.

Virtru Secure Reader

A web-based Virtru product that allows users to authenticate, decrypt, and view protected data.

Did this page help you?