JWS with keys

For enhanced security, 2C2P implements JWTs with public/private key pairs to secure information sent to and from merchants. Specifically, JSON Web Signature (JWS) methods are used to generate and process JWTs.

The guide below demonstrates the process.

👍

Before you start

  1. Download the 2C2P Public Key from the 2C2P Merchant Portal: Go to Account > Options > 2C2P Public Keys > JWE
  2. Secure a pair of public and private keys. (For a guide to generating keys, refer here)
  3. Merchants must then upload the generated public key to the 2C2P Merchant Portal: Log in and go to Account > Options > Merchant Public Keys. Add the public key and set it as default.

 

Preparing a request

To prepare a request, refer to the steps and flow below.

Step

Description

1 . Signing an encrypted payload

Generate signature using Merchant Private Key.
JWS Algorithm : PS256

 

Process a response

To prepare a request, refer to the steps and flow below.

Step

Description

1 . Verifying a signature

Verify using 2C2P Public Key.
JWS Algorithm : PS256

👍

Provided Sample Code

How to process payload with JWS with keys