Customer Secure Key
The first step in the journey of exposing sensitive data securely to the card user, is for the card user’s application to receive a RSA public key, which is unique and should not be stored in any logs or databases.
You will be required to use the Get Customer Key API (/v1/customers/{customer_id}/secure-key). Following a successful request, the RSA public key will be provided.
CLOWD9 recommends, as best practice, to retrieve the public key for every interaction and not to store this on the application itself.
Authenticate:
| URL | POST: https://client.api.uat.apps-clowd9.io/v1/auth |
|---|---|
| Headers | 'Accept: application/json' |
| Body | { "key": "Vxxx", "secret": "Dxxx" } |
| Response | { "access_token": "xxx", "api_id": "06cf95bd-5624-4797-9d0e-ddbb07b4624e", "refresh_token": "xxx", "trace_id": "02b98a52e4ca703b6dd0ed0cbaf42296" } |
Get Customer Key:
| URL | GET: https://client.api.uat.apps-clowd9.io/v1/customers/4aec6e9d-014c-402f-8565-7d3e34cb3446/secure-key |
|---|---|
| Headers | 'Accept: application/json' 'Authorization: {{ access_token }}' |
| Response | { "key": "MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAK0aDAVPR7arLZrjTibr1MsLxz6MgwnmjI963bLX1xsOqBtguO4IOHDqTc1t83zZXrikx6FWm4NS2SumXzeyYSA5PraQvemm/fwvFWwtroS3irP5wfAo6IxUh13+gp4+TwIDAQAB", "trace_id": "79825619820e2c5399554e33ccd4fc40" } |
Updated 23 days ago
What’s Next