Skip to main content
GET
/
jwe
/
key
cURL
curl --request GET \
  --url https://development.knotapi.com/jwe/key \
  --header 'Authorization: Basic <encoded-value>'
{
  "alg": "RSA-OAEP-256",
  "e": "...",
  "key_ops": [
    "encrypt"
  ],
  "kid": "...",
  "kty": "RSA",
  "n": "...",
  "use": "enc"
}

Building the JWE

See code samples here for how to structure and encrypt the JWE in various programming languages.
You can encrypt the payload you’ll provide to the Switch Card (JWE) endpoint using your JWE public key. The JWE specifications are the following:
  1. RSA 2048 certificate in JWK format
  2. RSA-OAEP-256 as key encryption algorithm
  3. A256GCM as content encryption algorithm
The JWE value should be a JSON string with the structure below. Additionally, in the development environment, the below values are sufficient to pass validation when building the JWE.
JSON
{
    "user": {
        "name": {
            "first_name": "Ada", // Max length: 255
            "last_name": "Lovelace" // Max length: 255
        },
        "address": {
            "street": "100 Main Street", // Max length: 46
            "street2": "#100", // Max length: 46
            "city": "NEW YORK", // Max length: 32
            "region": "NY", // Must be an ISO 3166-2 sub-division code
            "postal_code": "12345", // Min length: 5, Max length: 10
            "country": "US" // Must be an ISO 3166-1 alpha-2 code
        },
        "phone_number": "+11234567890" // Must be in E.164 format
    },
    "card": {
        "number": "4242424242424242",
        "expiration": "08/2030", // MM/YYYY or MM/YY format
        "cvv": "012" // Max length: 4
    }
}

Authorizations

Authorization
string
header
required

Basic authentication header of the form Basic <encoded-value>, where <encoded-value> is the base64-encoded string username:password. Use your client_id as the username and your secret as the password value.

Response

Successful request.

alg
string

Algorithm intended for use with the key.

Example:

"RSA-OAEP-256"

e
string

Exponent value for the RSA public key in Base64 URL format.

Example:

"..."

key_ops
string[]

Operation permitted for the key.

Example:
["encrypt"]
kid
string

Unique identifier for the kid.

Example:

"..."

kty
string

Type of key.

Example:

"RSA"

n
string

Modulus value for the RSA public key in Base64 URL format.

Example:

"..."

use
string

Intended use of the key.

Example:

"enc"