Authenticated ‘Ping’ with sensitive data#
Use /authenticate-with-secrets to test whether your encryption/decryption logic for sensitive information correctly implemented.
Route
/authenticate-with-secrets
Headers#
| Key | Value Type | Description |
|---|---|---|
| X-FLYNN-S-REK | Sensitive, Base64 String | RSA Encrypted data ref: request-encryption-key-in-header |
| X-FLYNN-S-DATA | Sensitive, Base64 String | AES Encrypted data ref: sensitive-header-value |
With, addition to the headers described above also set all required headers to make an authenticated API call.
Response#
200:#
Successful 'Ping' - i.e., you are able to make ‘authenticated’ call with the secret data.
Example
{
"data": {
"message": "pong",
"client-message": "X+UmK6iD5Dh6f3Y2he+2aM2AmKVqAVJC0os9j3D97ublPfEKSAuOAzPrBd+/h6OF"
}
}
here ‘client-message’ contains the sensitive message received by the server. Client should be able to decrypt it using the REK which sent in the header in the request.
Errors (4xx and 5xx):#
Common Errors
check documentation for common errors