Get Encryption Public Key
POST Method
The Get Encryption Public Key API allows you to check the encryption key for a particular WhatsApp Business Number. This API is used or referenced in sensitive API interactions especially in scenarios such as Flows, where Meta hosts or renders UI elements, making integrity and security essential.
Prerequisites
- Before you get started, Create an API Key. To view the API Key and the SID, see View API Key and SID.
A prerequisite for using Kaleyra WhatsApp APIs is to have an active WhatsApp plan on Kaleyra platform. - To set up a WhatsApp account on Kaleyra platform, see Manual Signup
and Embedded Signup. - An active WhatsApp for Business API plan that includes:
- A WhatsApp business number.
- An associated profile with the business number.
- A WhatsApp verified and approved profile.
- A WABA ID onboarded on Kaleyra WhatsApp API V2.
Base URL
https://<api_domain>/v2/<SID>
API Domain and Value
| api_domain | Value |
|---|---|
| IN pod | api.in.kaleyra.io |
| SG Pod | api.kaleyra.io |
| EU Pod | api.eu.kaleyra.io |
| NA pod | api.na.kaleyra.ai |
API request to Get Encryption Public Key
To get the encryption public key for the WhatsApp Flow, use the https://<api_domain>/v2/<sid>/whatsapp/<phone-number>/flows_encryption' \ endpoint with the following request method.
Request Format
The following is the request format to get the encryption public key:
curl --location --request POST 'https://<api_domain>/v2/sid/whatsapp/<phone-number>/flows_encryption' \
--header 'api-key: <api-key>' \
--header 'Content-Type: <Content-Type>' \
Sample Request Format
The following is the sample request format to get the encryption public key:
curl --location --request POST 'https://api.in.kaleyra.io/v2/HXAP16XXXXXX97IN/whatsapp/+91XXXXXXXXXX/flows_encryption' \
--header 'api-key: Axxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx3' \
--header 'Content-Type: application/x-www-form-urlencoded' \
URL Parameters and Headers
Following is the list of parameters and headers to get the encryption public key:
| Parameter | Data Type | Description | Example | Mandatory? |
|---|---|---|---|---|
sid | String | Account SID (Security Identifier). | HXAP16XXXXXX97IN | Yes |
phone-number | String | The business phone number used to send the WhatsApp Flow. | +91XXXXXXXXXX | Yes |
api-key | String | API key generated from Kaleyra platform account. | Axxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx3 | Yes |
Content-Type | String | Indicates the format of the content the API will be processing. | The only allowed value is application/x-www-form-urlencoded | Yes |
Sample Success Response
The following success message appears with 200 Accepted:
{
"code": "WA-200",
"message": "Request Processed Successfully",
"data": [
{
"business_public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQXXXXXXXXXXEFAACgKCAQEAtIpc/A4k/2P1V25kEa8wSJ+YrYN17XXXXXX1w7hTvMDMdZG3/Bvy5XXXXXIl12pD2Hr34gIosHYAgGvXXXXXX8iGpiI3PaitEauteJ5GslJ6YUn6kyzdhz869EWbBTP9XXXXXXYvWQiIgNVScgxpS3MOar3VDSksJdcM+6XkflzNzGsXXXXXXDXauxGBtOQJno2iRnobKek7l+UTkz/WS1Lw1W5qpfnVig46fOUEamdjHlMUULp1M6XXXXXXXXXXHaHTGhe8TzdguiYY735bmi0XXXXXXXXXXoorqNMjsfVyoNFeIugZABeZLJ50H+gkHMYtWKuE7wpF+tCSpT3DXXXXXX4Q\n-----END PUBLIC KEY-----",
"business_public_key_signature_status": "VALID"
}
],
"error": {}
}
Sample Failure Response
The following are the failure responses:
401 Unauthorized
{
"code": "RBC001",
"message": "Incorrect SID or API key.",
"data": [],
"error": {
"error": "Incorrect SID or API key."
}
}
401 Wrong account
{
"code": "WA-401",
"message": "API is not available for given customer.Please contact support for more info",
"data": {},
"error": "API is not available for given customer.Please contact support for more info"
}
400 Incorrect payload
{
"code": "WA-400",
"message": "Refer to correct payload format",
"data": {},
"error": {
"payload": "Incorrect payload format"
}
}
500 Internal Server Error
{
"code": "WA-500",
"message": "Please try again later",
"data": {},
"error": {
"error": "Internal server error"
}
}
Updated 10 days ago