Generating Keys

This page will help you understand what kind of private and public key pair you need to generate, as well as provide you with detailed steps on how to do so using publicly available tools.

ECDSA keys

You will need to generate an ECDSA key pair using the ES256 algorithm.

📘
ES256
Elliptic Curve Digital Signature Algorithm with the P-256 curve and the SHA-256 hash function. It's an asymmetric algorithm that uses a pair of ECDSA private and public keys to generate and validate JWT signatures.

Sample commands to generate ECDSA key pair

There are various tools available to generate ECDSA key pair. The below example shows uses the OpenSSL command line tool.

Create private key:

openssl ecparam -genkey -name prime256v1 -noout -out private.pem

Create public key:

openssl ec -in private.pem -pubout -out public.pem

Steps to exchange the public key

Create your private and public ECDSA key pair.
Send us your public key in PEM format.
We will securely store your public key in a vault using the JWK format.
1. Note: We use a JWK Generator to convert the key from PEM to JWK format.
We will provide you with our public Key ID (kid) for you to use when signing your API requests.

ECDSA keys

📘ES256

Sample commands to generate ECDSA key pair

Steps to exchange the public key

📘
ES256