Signing Keys

Create Signing Key

CreateSigningKey creates a new Signing Key for the Organisation.

This API creates a new RSA key pair, storing the public key and returning the private key. The private key must be kept secure and should not be shared publicly as it has the ability to sign JWTs which can be used to authenticate to Versori APIs on behalf of your Organisation (or scoped to a specific End User within Versori Embedded).

If the private key is lost, it cannot be recovered and a new key pair must be generated. In this scenario, it is the Organisation’s responsibility to delete the Signing Key from Versori so that any JWTs signed by the lost key are invalidated.

POST

organisations

{organisation_id}

keys

curl --request POST \
  --url https://platform.versori.com/api/organisations/v1/organisations/{organisation_id}/keys \
  --header 'Content-Type: application/json' \
  --data '{
  "name": "<string>"
}'

{
  "id": "<string>",
  "name": "Organisation Public Key 1",
  "publicKey": "<string>",
  "privateKey": "<string>",
  "createdAt": "2023-01-01T12:00:00Z"
}

Path Parameters

organisation_id

string

required

Body

application/json

Response

204

application/json

The response is of type object.

Overview List Signing Keys

curl --request POST \
  --url https://platform.versori.com/api/organisations/v1/organisations/{organisation_id}/keys \
  --header 'Content-Type: application/json' \
  --data '{
  "name": "<string>"
}'

{
  "id": "<string>",
  "name": "Organisation Public Key 1",
  "publicKey": "<string>",
  "privateKey": "<string>",
  "createdAt": "2023-01-01T12:00:00Z"
}

API Reference

Connect API

Embedded API

Organisations API

Proxy API

Create Signing Key

Path Parameters

Body

Response