Qwaap API Documentation

CtrlK

Qwaap Public Keys

This section shares the two public keys used by Qwaap for the two environments (Sandbox and Production). The keys can be copied and stored as files to later be used in transaction processing.

The Qwaap public key serves two critical purposes as briefly described below.

Purpose

Description

RSA Signature Verification

Callbacks from Qwaap carry a header named rsa-signature and with the public key, the signature can be verified as described here to confirm authenticity.

Card details encryption

When the merchant opts for the direct card payment option, the public key is used to encrypt the card details as described in this section

Sandbox Public Key

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAzg8OSczAV7IYVsb5q7Ke
1ipnVkbL0fQdb8tS+0+JsZFhgZwwQopvuAgtA3XQh8Mlq1ul7iIl99qII8WHD96a
HRg1w8JxHkMP5glCFAIrRp/rRn72W3MC2O0utKiKyihEaW6ObB1eQKzuYfXAP1HO
dTnal+SzBjB2LyMFf4M7eE7Yksa9rdjFvIpfUkWSBlG028AxRrUI5fvem07TMK5i
I3GOv7xH/a3siaT2rQ+dZ83G+k7nCL/jNlekjD7QBPhRCExHGp6CKici74nWPZB+
cbCCObnBYfoJI+5AOwRjvimd8lBc/zBEL4Q5ElUG5UhPuiVMmjiZ4oEzbnIIswFx
ujFNuvqd8W3nv86OuTwUTpDszan1EHjoKY4wJ/wKJg38+3Gtfy0jzuaE0F71kvAy
j6yhM05hm+oybQeWkQFr/G1CiefG3uGHgE07lkU3PegdkRUHCDBhhkjgoaguHzna
Q8ReJDnRPlezncsW9VQyN10vuWIwLaYJvUqEBZdsp7/rIH4P81m6lI0vH2DG9ns0
acFA6hK+uIjzwiEY/n1NfdjRHpvYBSA493NcVbKGZ3yVHsvPvVSxkE/jX+P/0zVZ
DGu2LLv3IQilVElvjhT5qNeFBHG+2E9hS7Cqd+KsxNYpuRlow7NCiAflKx7/AeO2
P2DOy3sG/3E+u3OngnED5rUCAwEAAQ==
-----END PUBLIC KEY-----

Production Public Key

-----BEGIN PUBLIC KEY-----
MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAxHtpmlBLq65roQAabI+1
6weNg092BEI/urljp3Kk9iWhXH+zD5tcysg74+n3NnreK6VmFiJGFZ/SzVg/J1ib
bwBuoXPpJoR7xOktCc8cs/Bv/OjPJ/DWf8kc3ZfeAT9jkHgs2rGHI0IdfkhUrz3Y
/FE1UtGZw10VTegI1CygCHneaWvUw84uafjglMoSZEySQ5ryne4qVD506uu5oWeV
qjmw1zeRiuglqbFsorurpHjyiUUQQEg/l3JmHyRhwGYg2thsOTgjN61wTZYYmwKn
RfyzdAsvblhUatbYxUAkvKoaPnloeFabbSmxg5K1qD2KQVSunD+sAMAN7NOlhFRN
CvA+bQGv6z3f0m0tII01eChx9Fgwh6+ob/18VEprjlUDK6fGDlNO6iipcwEbJ3aK
6hSPDlTujL5O9uk0mVpqPYWLBV3QpmDmp4HQWEVazN7MsVQl8XMqYKUDWAAboIOv
ieyYWZMvXDmq2dhC6SAwOrG4RItuJgVDTKj3j6luxZtJfXZr61ylQsv8ir8WLvEp
qB0/Q25ZsmNV7fgkP1q2YHwNErjXyxmQKtyUe/3xuyGXxote4Tt1U6JAh6awwrVP
zA6sO7N019XfrphQjvNoNu/qR1vEIilDAsmsEF9dhnsaPR+fViJbzLOfv6FtYTXP
EffMptPkw8HE1YKMlBQBkOkCAwEAAQ==
-----END PUBLIC KEY-----

We recommend that for each environment you're working with, the key content is copied and stored in your workflow based on how you see fit. In this documentation however, we will assume the content is stored in a file named qwaap.public.key.pem and referenced from there for all described usage.

PreviousSandbox Test Accounts NextBalance Inquiry

Last updated 10 months ago