Skip to content

Get Sign Public Key

Request URL

GET /server/webhook-public-key

Description

This endpoint returns the PEM public key that can be used to verify the authenticity of webhooks received from connectFi that have been signed with the x-signature header. The public key returned is specific to the environment in which the request is made (sandbox/production). Once you have obtained the correct public key using this endpoint, an example code snippet demonstrating how to verify webhook signatures has been provided in the "Webhooks" section of the "Getting Started" documentation.

Snippet Examples

javascript

const axios = require('axios');
const config = {
  method: 'GET',
  url: '${CONNECTFI_BASE_URL}/server/webhook-public-key',
  headers: {
    'x-connectfi-token': "A long random string token received from /auth/get-token request"
  },
};

let result;
try {
  result = await axios.request(config);
  if (result.status === 200) {
    console.log(JSON.stringify(result.data));
  }
} catch (err) {
  console.log({
    errCode: err.code,
    responseStatus: err.response && err.response.status,
    data: err.response && JSON.stringify(err.response.data)
  });
}

cURL

curl --location "CONNECTFI_BASE_URL/server/webhook-public-key"  --header "x-connectfi-token: A long random string token received from /auth/get-token request" 

Successful Response Examples

200 SERVER/WEBHOOK-PUBLIC-KEY

HEADERS

Header Value
x-connectfi-token A long random string token received from /auth/get-token request

REQUEST BODY

none

RESPONSE BODY

{
    "code": "0",
    "data": {
        "publicKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzT/VTjZ/q6TO+aZivGm5\nbY9fvlJDGNpWOMuGGmmP1F2nBxshCNFH60LdpmiCrt6Lu/CqmTCxeOgv2viiUo1C\nSxpl+anGVEkHo/k/f5/f5cwgsVBPn+KF71bucpjfq0FyJ95dgKdkfBJA+2UiSFn7\npA22XFDz67WbjP+z5SOWrgZ9F9mNB/m0z633mfgdjMgties3vqiNc3Nn+ximOjBt\nUeaIFuWp0qDs6OUkKnucOCM5qTXV3MkrtjexnP5+eMzDhBR/mcVWINKq/wgOzljq\nh9j575Ded3KKry4ARDeIQNVlz3+1+lzMMJbeVZW25MXlIwoD1PbxQoDRzSoyo+la\nyQIDAQAB\n-----END PUBLIC KEY-----\n",
        "algorithm": "RSA-SHA256",
        "signatureFormat": "base64"
    },
    "requestId": "f93ffd50cea911ef8ba1b8b8641e0512"
}