Manabu
Regular Visitor

About "kid" of JWE Header

Hello,
When issuers request to VTS (i.e. outbound request), issuers must encrypt CEK (Contents Encryption Key) using VISA encryption publickey. (This is JWE Encripted Key then.)
In this case, "kid" of JWE Header must be the identifier of this VISA encryption publickey?
(I have informed only the VISA encryption publickey by a VISA side person in charge. Shoud I ask its KID also?)

4 REPLIES 4
Manabu
Regular Visitor

Re: About "kid" of JWE Header

not outbound but inbound request... sorry.

SLi
Visa Developer Support Specialist
Visa Developer Support Specialist

Re: About "kid" of JWE Header

Hi @Manabu,

 

Key-ID (kid) is a system generated unique identifier (UID), which is associated with your project and identifies the associated key-pairs. This Key-ID must be included as a request header in API calls. Key-ID can be generated and is accessible under Encryption/Decryption section of the Credentials page for applicable projects.

 

Please reference the Message Level Encryption guide here for detail information about kid (Key-ID).


Best,
Stacey

Was your question answered? Don't forget to click on "Accept as Solution" to help other devs find the answer to the same question.
Manabu
Regular Visitor

Re: About "kid" of JWE Header

Hi! Thank you for your replay.
I understood the KID is associated with the project and identifies the associated key-pairs.

I will check the Credentials.

Best regards.

Manabu
Regular Visitor

Re: About "kid" of JWE Header