API v3 EncryptionΒΆ

The third generation endpoints use JSON Web Encryption to encrypt request and response data.

An example request with an Authorization header for an organization using a JWE encrypted data is here:

POST /whitelabel/v3/devices HTTP/1.1
Content-Type: application/jwe+json
Content-Length: 112
Authorization: organization:12345674890:eyJhbGciOiJSU0EtT0FFUCIsIm.VuYyI6IkEyNTZHQ00ifQ.OKOawDo13gRp2ojaHV7LF

eyJhbGciOiAiUlNBLU9BRVAiLCAiZW5jIjogIkEyNTZ.Ppd6dIAkGwcfIelfqOrj3rkw.71lYoW6jBJymhM-QLBQAWA.t-4rRH6GsoXt0.1DGC4k

The JSON Web Encryption used Compact Serialization and is broken into five pieces per the term:JWE specification:

  • JWE Protected Header: Encoded JSON string with information regarding the cryptography used for the remaining sections.

    • alg - algorithm: Algorithm used to encrypt the Content Encryption Key (CEK). Currently, RSA-OAEP-256

      and RSA-OAEP are the only acceptable algorithms.

    • enc - encryption: Algorithm used to encrypt the content and protected header. Currently, A256CBC-HS512

      is the only acceptable algorithm.

  • JWE Encrypted Key: A random value known as the Content Encryption Key (CEK). It will be used encrypt the JSON

    value and create the JWE Cipher Text. The Content Encryption Key is RSA encrypted and then encoded. For requests, the the public key returned from a Ping call is used to encrypt the key. For responses, the private key for your service or organization is used to decrypt this value.

  • JWE Initialization Vector: A random value to use as the initialization vector. It will be used encrypt the JSON

    value and create the JWE Cipher Text. The initialization vector is base64 encoded.

  • JWE Cipher Text: Encrypted and encoded content. The data is encrypted with the algorithm specified in the header

    with the Content Encryption Key and IV.

  • JWE Authentication Tag: The encrypted and encoded content of the JWE Protected Header. The data is encrypted with

    the algorithm specified in the header with the Content Encryption Key and IV.

User Contributed

LaunchKey links to user contributed code as a resource to its community. LaunchKey does not in any way guarantee or warrant the quality and security of these code bases. User contributed code is supported by the creators. If you do find a link from the site to user contributed code that is malicious or inappropriate in any way, please report that link to LaunchKey immediately and we will investigate the claim. Submit any issue to LaunchKey support at https://launchkey.com./support. ×