GET
/
jwe
/
key
cURL
curl --request GET \
  --url https://development.knotapi.com/jwe/key \
  --header 'Authorization: Basic <encoded-value>'
{
  "alg": "RSA-OAEP-256",
  "e": "...",
  "key_ops": [
    "encrypt"
  ],
  "kid": "...",
  "kty": "RSA",
  "n": "...",
  "use": "enc"
}

Building the JWE

You can encrypt the payload you’ll provide to the Switch Card (JWE) endpoint using your JWE public key. The JWE specifications are the following:
  1. RSA 2048 certificate in JWK format
  2. RSA-OAEP-256 as key encryption algorithm
  3. A256GCM as content encryption algorithm
The JWE value should be a JSON string with the structure below. Additionally, in the development environment, the below values are sufficient to pass validation when building the JWE. 
{
    "user": {
        "name": {
            "first_name": "Ada", // Max length: 255
            "last_name": "Lovelace" // Max length: 255
        },
        "address": {
            "street": "100 Main Street", // Max length: 46
            "street2": "#100", // Max length: 46
            "city": "NEW YORK", // Max length: 32
            "region": "NY", // Must be an ISO 3166-2 sub-division code
            "postal_code": "12345", // Min length: 5, Max length: 10
            "country": "US" // Must be an ISO 3166-1 alpha-2 code
        },
        "phone_number": "+11234567890" // Must be in E.164 format
    },
    "card": {
        "number": "4242424242424242",
        "expiration": "08/2025", // MM/YYYY or MM/YY format
        "cvv": "012" // Max length: 4
    }
}

Authorizations

Authorization
string
header
required

Basic authentication header of the form Basic <encoded-value>, where <encoded-value> is the base64-encoded string username:password. Use your client_id as the username and your secret as the password value.

Response

Successful request.

alg
string

Algorithm intended for use with the key.

Example:

"RSA-OAEP-256"

e
string

Exponent value for the RSA public key in Base64 URL format.

Example:

"..."

key_ops
string[]

Operation permitted for the key.

Example:
["encrypt"]
kid
string

Unique identifier for the kid.

Example:

"..."

kty
string

Type of key.

Example:

"RSA"

n
string

Modulus value for the RSA public key in Base64 URL format.

Example:

"..."

use
string

Intended use of the key.

Example:

"enc"