Key Agreement

Uses Diffie-Hellman algorithm to achieve encryption key agreement between client and server, which then can be used to encrypt and decrypt sensitive information.

Request

URI

POST

https://{api_host}/rest/key-agreement

COPY

Request Body

ClientKeyDerivationSpec of type(s) application/json

Required

{
    "identifier": "V2luZG93c0xPQ0FUSU9OSUQ6NTIyNTI0NTM0NTM0NjM0MzQ2MzYzNDYzNjc1MzI0NjUyMzY3NDUyNzY1NDIzNjc1NDY3MjM1NDI0Mw==",
    "nonce": "DaY+kne1X2B6h8a4gLZu2w==",
    "public_key": "<public key>",
    "supported_schemes": [
        "SCHEME-AES2"
    ]
}

string As byte As byte

identifier

Required

Identifier as Base64 encoded binary data.

string As byte As byte

nonce

Required

Nonce as Base64 encoded binary data.

string As byte As byte

public_key

Required

Diffie Hellman public key as Base64 encoded binary data.

array of string

supported_schemes

Required

List of client supported schemes for key derivation.

Possible values are : SCHEME-AES1, SCHEME-AES2, SCHEME-EC-AES1, SCHEME-EC-AES2,

Authentication

This operation uses the following authentication methods.

Bearer

Responses

200

Returns ServerKeyDerivationInfo of type(s) */*

{
    "client_reference_id": "855ea6c5-720a-41e1-96f4-958c90e6e424",
    "identifier": "QnJva2Vy",
    "proof": "qck2eXsbiOpFJMGKEBzyPTidLwwCzsG8PgvyncQpeZU=",
    "public_key": "<public key>",
    "scheme": "SCHEME-AES2"
}

string

client_reference_id

Optional

Client reference identifier which is required to be passed as query param to login api, to enable decryption of encrypted sensitive information.

string As byte As byte

identifier

Optional

Identifier as Base64 encoded binary data.

string As byte As byte

proof

Optional

Proof as Base64 encoded binary data.