JSON Web Tokens (JWT) For Exchange Keys

Required to use issuer & receiver keys (public & private) to generate and process the JWT

JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.

Although JWTs can be encrypted to also provide secrecy between parties, we will focus on signed tokens. Signed tokens can verify the integrity of the claims contained within it, while encrypted tokens hide those claims from other parties.

2c2p has implemented JWT with public/private key pair to enhanced the security between 2c2p end and merchant end. Specified JSON Web Encryption (JWE) and JSON Web Signature (JWS) method to be used to generate and process the JWT. Following are the guide:-

πŸ“˜

Pre Requisite

2c2p public key. (Refer here to get the key)
A pair of public key & private key from merchant end. (Refer here to Key Generation Guide)

πŸ‘

Before you start

Merchant required to upload the generated public key into Merchant Portal.
Login to merchant portal & Go to Account -> Option. Copy & Paste your public key into field Server-to-server API - Public key.

Β 

Preparing a request

Below show the flow on how to preparing a request.

Step

Description

1 . Encrypting a payload

Encrypt using 2c2p Public Key.
JWE Algorithm : RSA_OAEP
JWE Encryption : A256GCM

2 . Signing an encrypted payload

Generate Signature using Merchant Private Key.
JWS Algorithm : PS256

πŸ‘

Provided Sample Code

How to Generate JWT Token with Key

Β 

Process a response

Below show the flow on how to process a response.

Step

Description

1 . Verifying a signature

Verify using 2c2p Public Key.
JWS Algorithm : PS256

2 . Decrypting a payload

Decrypt using Merchant Private Key.
JWE Algorithm : RSA_OAEP
JWE Encryption : A256GCM

πŸ‘

Provided Sample Code

How to Process JWT Token with Key