Get webhook verification key

POST /webhook_verification_key/get

Plaid signs all outgoing webhooks and provides JSON Web Tokens (JWTs) so that you can verify the authenticity of any incoming webhooks to your application. A message signature is included in the Plaid-Verification header.

The /webhook_verification_key/get endpoint provides a JSON Web Key (JWK) that can be used to verify a JWT.

Request Body

Required

WebhookVerificationKeyGetRequest defines the request schema for /webhook_verification_key/get

Parameters

client_id
string
Your Plaid API client_id. The client_id is required and may be provided either in the PLAID-CLIENT-ID header or as part of a request body.
secret
string
Your Plaid API secret. The secret is required and may be provided either in the PLAID-SECRET header or as part of a request body.
key_id
required, string
The key ID ( kid ) from the JWT header.

Response

WebhookVerificationKeyGetResponse defines the response schema for /webhook_verification_key/get

Response Properties

key
required, object
A JSON Web Key (JWK) that can be used in conjunction with JWT libraries to verify Plaid webhooks
alg
required, string
The alg member identifies the cryptographic algorithm family used with the key.
crv
required, string
The crv member identifies the cryptographic curve used with the key.
kid
required, string
The kid (Key ID) member can be used to match a specific key. This can be used, for instance, to choose among a set of keys within the JWK during key rollover.
kty
required, string
The kty (key type) parameter identifies the cryptographic algorithm family used with the key, such as RSA or EC.
use
required, string
The use (public key use) parameter identifies the intended use of the public key.
x
required, string
The x member contains the x coordinate for the elliptic curve point, provided as a base64url-encoded string of the coordinate’s big endian representation.
y
required, string
The y member contains the y coordinate for the elliptic curve point, provided as a base64url-encoded string of the coordinate’s big endian representation.
created_at
required, integer
The timestamp when the key was created, in Unix time.
expired_at
required, integer
The timestamp when the key expired, in Unix time.
request_id
required, string
A unique identifier for the request, which can be used for troubleshooting. This identifier, like all Plaid identifiers, is case sensitive.