GET
/
jwe
/
key
curl --request GET \
  --url https://development.knotapi.com/jwe/key \
  --header 'Authorization: Basic <encoded-value>'
{
  "alg": "RSA-OAEP-256",
  "e": "...",
  "key_ops": [
    "encrypt"
  ],
  "kid": "...",
  "kty": "RSA",
  "n": "...",
  "use": "enc"
}

Building the JWE

You can encrypt the payload you’ll provide to the Switch Card (JWE) endpoint using your JWE public key. The JWE specifications are the following:

  1. RSA 2048 certificate in JWK format
  2. RSA-OAEP-256 as key encryption algorithm
  3. A256GCM as content encryption algorithm

The JWE value should be a JSON string with the structure below. Additionally, in the development environment, the below values are sufficient to pass validation when building the JWE.

{
    "user": {
        "name": {
            "first_name": "Ada", // Max length: 255
            "last_name": "Lovelace" // Max length: 255
        },
        "address": {
            "street": "100 Main Street", // Max length: 42
            "street2": "#100", // Max length: 42
            "city": "NEW YORK", // Max length: 32
            "region": "NY", // Must be an ISO 3166-2 sub-division code
            "postal_code": "12345", // Max length: 10
            "country": "US" // Must be an ISO 3166-1 alpha-2 code
        },
        "phone_number": "+11234567890" // Must be in E.164 format
    },
    "card": {
        "number": "4242424242424242",
        "expiration": "08/2025", // MM/YYYY or MM/YY format
        "cvv": "012" // Max length: 4
    }
}

Authorizations

Authorization
string
header
required

Basic authentication header of the form Basic <encoded-value>, where <encoded-value> is the base64-encoded string username:password. Use your client_id as the username and your secret as the password value.

Response

200
application/json

Successful request.

The response is of type object.

GET
/
jwe
/
key
curl --request GET \
  --url https://development.knotapi.com/jwe/key \
  --header 'Authorization: Basic <encoded-value>'
{
  "alg": "RSA-OAEP-256",
  "e": "...",
  "key_ops": [
    "encrypt"
  ],
  "kid": "...",
  "kty": "RSA",
  "n": "...",
  "use": "enc"
}

Building the JWE

You can encrypt the payload you’ll provide to the Switch Card (JWE) endpoint using your JWE public key. The JWE specifications are the following:

  1. RSA 2048 certificate in JWK format
  2. RSA-OAEP-256 as key encryption algorithm
  3. A256GCM as content encryption algorithm

The JWE value should be a JSON string with the structure below. Additionally, in the development environment, the below values are sufficient to pass validation when building the JWE.

{
    "user": {
        "name": {
            "first_name": "Ada", // Max length: 255
            "last_name": "Lovelace" // Max length: 255
        },
        "address": {
            "street": "100 Main Street", // Max length: 42
            "street2": "#100", // Max length: 42
            "city": "NEW YORK", // Max length: 32
            "region": "NY", // Must be an ISO 3166-2 sub-division code
            "postal_code": "12345", // Max length: 10
            "country": "US" // Must be an ISO 3166-1 alpha-2 code
        },
        "phone_number": "+11234567890" // Must be in E.164 format
    },
    "card": {
        "number": "4242424242424242",
        "expiration": "08/2025", // MM/YYYY or MM/YY format
        "cvv": "012" // Max length: 4
    }
}

Authorizations

Authorization
string
header
required

Basic authentication header of the form Basic <encoded-value>, where <encoded-value> is the base64-encoded string username:password. Use your client_id as the username and your secret as the password value.

Response

200
application/json

Successful request.

The response is of type object.