🔐RSA Signature

Overview

The process is based on a pair of keys, mathematically linked, consisting of a private key and a public key.

The emitter uses the private key to generate a signature for the message. Then sends the message, the signature and his public key. With this information, the receiver can validate that the message was signed by the emitter identified by his public key and that the content in the message hasn't been modified.

In our implementation of the RSA signature, we follow a tweaked version, where the emitter needs to generate a signature for the body that he wants to send along with a timestamp, separated between a "." this timestamp makes the signature valid just for a limited period.

Data that I want to send = "Hello! Im George" 
Timestamp = 1672188588

Message = "Hello! Im George".1672188588

→ Sign Message ""Hello! Im George".1672188588" using my private key → Signature 

Send Signature, Message and Timestamp

Extra Tools

Verify Signature

To test the signature implementation, we facilitate this endpoint that you can call via code, or via Postman with the signature that you generated to see if its well implemented before introducing it in the application.

Verify Signature

POST https://kend.elixir.app/sdk/v2/signature/verify

Validates the generated signature so the signing process can be tested.

Headers

Name

Type

Description

x-api-key*

String

Public Key obtained in the developer dashboard

x-api-signature*

String

Generated RSA signature

x-api-token*

String

Timestamp used in the API Signature

Request Body

Name

Type

Description

{}*

Object

An object containing the message that wants to be signed

{
  "code": 1, 
  "success": true, 
  "data": <Req.Body> // Data will include body sent in the request
}

Example implementations

🔢Node.js Example 🔢C# Example

PreviousMobile Auth NextC# Example

Last updated 11 months ago