A. Public & Private Key
- Generate an RSA 2048 private key. The Example below is with OpenSSL.
openssl genrsa -out private.pem 2048 - Generate PKCS#8 from the private key above.
openssl pkcs8 -topk8 -inform PEM -in private.pem -outform PEM -nocrypt > private_pkcs8.pem - Export the RSA public key to a file.
openssl rsa -in private_pkcs8.pem -outform PEM -pubout -out public.pem - Encode the content of public.pem to Base64, then register the encoded value in the client’s B2B Klikoo Profile. Next, insert the encoded public key onto the credential page. This can be done by navigating to the "Pengaturan" menu and selecting the "Konfigurasi API" tab.
Ensure the value of private and public key is in PKCS#8 format by confirming that the value starts with BEGIN PRIVATE KEY and BEGIN PUBLIC KEY
B. Auth Signature
The following information are needed for credentials:
- Client ID: generated by Klikoo. This can be viewed on the Klikoo dashboard by navigating to the "Settings" menu and selecting the "API Configuration" tab.
- Public Key: generated by user, following the step-in point A.
The client will use the generated private key to encrypt the signature. Klikoo will be able to validate signatures using the public key that the client registered.
A signature will be generated from the string combination of client id and timestamp separated by a vertical bar.
stringToSign = clientID + "|" + timestamp
signature = SHA256withRSA(stringToSign, privateKey)
The value of timestamp in the signature should be identical with the timestamp value in Request Header.