Skip to content

Get Encryption Keys

Request URL

GET /transfer-to/bills/public-encryption-keys

Description

This endpoint will allow the user to retrieve both the primary and secondary public encryption keys for encrypting sensitive account numbers for RPPS bill payment transactions. Both keys have the same usage. The public key returned is specific to the environment in which the request is made (sandbox/production).

In accordance with security best practices, the connectFi API requires encryption of account numbers for all RPPS Bill Payment initiation (POST /transfer-to/bills/initiate) requests. One example of how to encrypt an account number using the node.js crypto SHA-256 public key method is available in the "Encrypting Account Data" section of our "PAYMENTS > Bill Payment" documentation.

In order to encrypt the account number, the PEM Public Key for RPPS Bill Payment, obtained using this endpoint, is required. Once the account number has been encrypted, the result will be included in the POST /transfer-to/bills/initiate request as the accountNumberEncrypted field when initializing an RPPS bill payment.

Snippet Examples

javascript

const axios = require('axios');
const config = {
  method: 'GET',
  url: '${CONNECTFI_BASE_URL}/transfer-to/bills/public-encryption-keys',
  headers: {
    'x-connectfi-token': "A long random string token received from /auth/get-token request"
  },
};

let result;
try {
  result = await axios.request(config);
  if (result.status === 200) {
    console.log(JSON.stringify(result.data));
  }
} catch (err) {
  console.log({
    errCode: err.code,
    responseStatus: err.response && err.response.status,
    data: err.response && JSON.stringify(err.response.data)
  });
}

cURL

curl --location "CONNECTFI_BASE_URL/transfer-to/bills/public-encryption-keys"  --header "x-connectfi-token: A long random string token received from /auth/get-token request" 

Successful Response Examples

200 TRANSFER-TO/BILLS/PUBLIC-ENCRYPTION-KEYS

HEADERS

Header Value
x-connectfi-token A long random string token received from /auth/get-token request

REQUEST BODY

none

RESPONSE BODY

{
    "code": "0",
    "data": [
        {
            "publicKey": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx77Y6zpc6TbFPRTEym0B37WAIxGX0/NGAsWzsI3Ewk73BNdiw4VUzEmtGQn02Dk1qi7xfVBYgAs55Nq88lWtlB2+dRzbiZbweh72f6kZnRJiy8na/Bx/50N5eP8yMiXn3rbBbkV7tYGZ621xSsymciOlR0+XXaBIo0x8JWXim/tIaEBq0mv0CdBiAyYBx0a+F/gnGsstOHpDYQDyCfwxp0YKag15r/BheuwPhkBclD57uEgVbnzM2n0PLz0FTyJp1W9OqorR85mifZNdh9DT+k2evh+3ICAagN+ZY/gdsmc2dn4bLeyp1GbADB9oLvcEZX0RgrGoBMB0XAEXLx6pdwIDAQAB",
            "algorithm": "RSAES_OAEP_SHA_256",
            "encodingFormat": "base64"
        },
        {
            "publicKey": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1MGhJ89kM77g+iu44F7hetpO4UqKW3bDNSZBKJGJQjxLDwiaKLC3+Gx7sqSdqgrSGEAzZihp4CwNuxhaHJEKGrxq6/7vWs8CRSmTdLN7bYW3Vv4UrFk0lp3FHaoP2GLvSoG47SJHDrnsvWvyMbey0qSXDBFnd/A6IiMOPii3R8eom5vTjN1Q8u9Pg3t/PQr6P9NGvDRJcC++JhpzASXD3Og4MgkA5DbvTAXW+C44PJFTddHFtNl+OdYdvtQ0nMxrYqwUpEn0uMbMmGCHWj/BZUXMISNv2hoLkAD/PU/JTIFRO9E9u/RwCqTJU7FvF5h0SEIge5p6Fh9foVl6QQ3pawIDAQAB",
            "algorithm": "RSAES_OAEP_SHA_256",
            "encodingFormat": "base64"
        }
    ],
    "requestId": "c9fe3610cea911ef8ba1b8b8641e0512"
}