All endpoints other than Public Endpoints will expect all HTTP request and response bodies to encrypt
data using JSON Web Encryption. This will include error responses with valid supplied credentials. See the
API Errors documentation for further explanation regarding which errors will include encrypted data in the response.
All responses which include encrypted data will have a Content Type of
An example request with an authorization header for an organization using a JWE encrypted data is here:
POST /whitelabel/v3/devices HTTP/1.1
Authorization: IOV-JWT organization:12345674890:eyJhbGciOiJSU0EtT0FFUCIsIm.VuYyI6IkEyNTZHQ00ifQ.OKOawDo13gRp2ojaHV7LF
The JSON Web Encryption uses Compact Serialization and is broken into five pieces per the JWE specification:
JWE Protected Header: Encoded JSON string with information regarding the cryptography used for the remaining sections.
alg - algorithm: Algorithm used to encrypt the Content Encryption Key (CEK). Currently,
RSA-OAEP are the only acceptable algorithms.
enc - encryption: Algorithm used to encrypt the content and protected header. Currently,
is the only acceptable algorithm.
- JWE Encrypted Key: A random value known as the Content Encryption Key (CEK). It is used to encrypt the JSON
value and create the JWE Cipher Text. The Content Encryption Key is RSA encrypted and then encoded.
For requests, the the public key returned from a Ping call is used to encrypt the key.
For responses, the private key for your Service or Organization is used to decrypt this value.
- JWE Initialization Vector: A random value to use as the initialization vector. It will be used encrypt the JSON
value and create the JWE Cipher Text. The initialization vector is base64 encoded.
JWE Cipher Text: A block of Encrypted and encoded content. The data is encrypted with the algorithm specified in the header with the Content Encryption Key and IV.
JWE Authentication Tag: The encrypted and encoded content of the JWE Protected Header. The data is encrypted with the algorithm specified in the header with the Content Encryption Key and IV.
LaunchKey links to user contributed code as a resource to its community. LaunchKey does not in any way
guarantee or warrant the quality and security of these code bases. User contributed code is supported by the
creators. If you do find a link from the site to user contributed code that is malicious or inappropriate in any
way, please report that link to LaunchKey immediately and we will investigate the claim. Submit any issue to
LaunchKey support at https://launchkey.com./support.