Ask Moov Beta
Generative AI is experimental and can make mistakes.
Guides Dashboard Use cases API Changelog
  1. API reference
  2. Authentication
  3. End-to-end encryption

Generate a public key

Generates a public key used to create a JWE token for passing secure authentication data through non-PCI compliant intermediaries.
POST
/end-to-end-keys
200 429
The request completed successfully.
Describes an RFC7517 web key.
{
  "alg": "ECDH-ES+A256KW",
  "crv": "P-521",
  "kid": "bOaoOIgm-7dI_gBIvsr0jQrPyYp6H_od0Ok-hSYZQ-g=",
  "kty": "EC",
  "use": "enc",
  "x": "ABcm3wzKpPzYYwjDC0HSrxxVM3ULbuMDUuzkR5wNciaMHkZvQ02gLFdqTL65evV7EWaQyC7zRc28eW20p5MVDdQr",
  "y": "AVa-eQsoiltOcQYy1QEcrQ9NbWktl_D4ewfg8diOZ2_svLEgEu4T1PqNcLbBGozP_VqPkXOMwNCUNI7pxajVGiIP"
}

Response headers

x-request-id

string <uuid> required
A unique identifier used to trace requests.
Request was refused due to rate limiting.

Response headers

x-request-id

string <uuid> required
A unique identifier used to trace requests.

Headers

x-moov-version

string
API version

Specify an API version.

API versioning follows the format vYYYY.QQ.BB, where

  • YYYY is the year
  • QQ is the two-digit month for the first month of the quarter (e.g., 01, 04, 07, 10)
  • BB is the build number, starting at .01, for subsequent builds in the same quarter.
    • For example, v2024.01.00 is the initial release of the first quarter of 2024.

The latest version represents the most recent development state. It may include breaking changes and should be treated as a beta release.

Default: v2024.01.00

Response

application/json

kty

string required
The cryptographic algorithm family used with the key (e.g., ‘RSA’, ‘EC’, ‘oct’).

alg

string
The algorithm intended for use with the key, e.g., ‘RS256’ or ‘ES256’.

crv

string

The curve for Elliptic Curve keys, e.g., ‘P-256’, ‘P-384’, or ‘P-521’.

This field is required when kty is ‘EC’.

e

string

The exponent value for RSA keys.

This field is required when kty is ‘RSA’.

key_ops

array
The permitted operations for the key, e.g., ‘sign’, ‘verify’, ’encrypt’, ‘decrypt’.

kid

string
A unique identifier for the key.

n

string

The modulus value for RSA keys.

This field is required when kty is ‘RSA’.

use

string<enum>
The intended use of the key. ‘sig’ for signature, ’enc’ for encryption.
Possible values: sig, enc

x

string

The x coordinate for Elliptic Curve keys.

This field is required when kty is ‘EC’.

y

string

The y coordinate for Elliptic Curve keys.

This field is required when kty is ‘EC’.