GetE2EEncryptionKey

GetE2EEncryptionKey 1.0.99

End to end encryption of sensitive data like passwords and OTP is a security mandate in some countries. The /security resource allows you to exchange keys which are used for encryption and decryption. Key exchange methods differ depending on whether you already have a registered key or whether you need Citi to send you a key which can be used for encryption. You will receive eventID in the API response header, which should be used to encrypt the sensitive data. All encrypted data sent to Citi will give you an additional eventID in response header, this new eventID should be used for further encryptions.

Tags: 

production
development
https://emea.sandbox.api.citi.com/gcb

Custom Gateway API Endpoint

Paths

/v1/security/encryption/e2eKey

get /v1/security/encryption/e2eKey
E2E Key exchange

Retrieves a E2E public key modulus and exponent.

This API is used by browser based applications for retrieving the public key used for encryption. It returns the modulus and exponent for setting up a business public key. This is a post login API

To use this operation you must use one of the following sets of security requirements.
Client ID (Query)
client_id
(apiKey located in query)

pv52735

Client ID
X-IBM-Client-Id
(apiKey located in header)
Authorization
Required in header
string

The most recent Authorization token. This will have the format Bearer + {space} + {accessToken}. Example: Bearer KGNsaWVudF9pZDpjbGllbnRfc2VjcmV0KQ==.

uuid
Required in header
string

128 bit random UUID generated uniquely for every request.

Accept
Required in header
string

Content-Type that are acceptable for the response.

client_id
Required in header
string

Client ID generated during application registration.

clientDetails
Optional in header
string

This field is used to capture device,browser and network information. Refer the developer portal for more information.These are the fields which will be passed as part of the header devicePrint,deviceTokenCookie,userIpAddress,userAgent,hardwareId,simId,deviceModel,deviceName,deviceOsName,deviceOsVersion,multitaskingSupportFlag,languageSupport,wifiMacAddress,cellTowerId,locationAreaCode,rsaApplicationKey,wapClientId,mobileCarrierCode,mobileCountryCode,osId,geoLongitude,geoLatitude,geoHorizontalAccuracy,geoAltitude,geoAltitudeAccuracy,geoSpeed,geoTimestamp,geoStatus,basicServiceSetId,signalStrength,wifiChannel,serviceSetId

function
Required in query
string

Function or flow for which the public key used for encryption is required.

200

Successful operation.

E2ESuccessResponse
400
TypeCodeDetails
invalidinvalidRequestMissing or invalid Parameters
errorcannotRetrieveKeyInfocannot retrieve public key.
errore2eDisabledE2E is disabled.
ErrorResponse
401
errorunAuthorizedAuthorization credentials are missing or invalid
ErrorResponse
403
erroraccessNotConfiguredThe request operation is not configured to access this resource
ErrorResponse
404
errorresourceNotFoundEmpty resource/resource not found
ErrorResponse
500
fatalserverUnavailableThe request failed due to an internal error/server unavailability
ErrorResponse
Example Request
Example Response
GET https://emea.sandbox.api.citi.com/gcb/openapi/v1/security/encryption/e2eKey