Get Encryption Public Key

POST Method

The Get Encryption Public Key API allows you to check the encryption key for a particular WhatsApp Business Number. This API is used or referenced in sensitive API interactions especially in scenarios such as Flows, where Meta hosts or renders UI elements, making integrity and security essential.

Prerequisites

  1. Before you get started, Create an API Key. To view the API Key and the SID, see View API Key and SID.
    A prerequisite for using Kaleyra WhatsApp APIs is to have an active WhatsApp plan on Kaleyra platform.
  2. To set up a WhatsApp account on Kaleyra platform, see Manual Signup
    and Embedded Signup.
  3. An active WhatsApp for Business API plan that includes:
    • A WhatsApp business number.
    • An associated profile with the business number.
    • A WhatsApp verified and approved profile.
    • A WABA ID onboarded on Kaleyra WhatsApp API V2.

Base URL

https://<api_domain>/v2/<SID>

API Domain and Value

api_domainValue
IN podapi.in.kaleyra.io
SG Podapi.kaleyra.io
EU Podapi.eu.kaleyra.io
NA podapi.na.kaleyra.ai

API request to Get Encryption Public Key

To get the encryption public key for the WhatsApp Flow, use the https://<api_domain>/v2/<sid>/whatsapp/<phone-number>/flows_encryption' \ endpoint with the following request method.

Request Format

The following is the request format to get the encryption public key:

 curl --location --request POST 'https://<api_domain>/v2/sid/whatsapp/<phone-number>/flows_encryption' \
--header 'api-key: <api-key>' \
--header 'Content-Type: <Content-Type>' \

Sample Request Format

The following is the sample request format to get the encryption public key:

curl --location --request POST 'https://api.in.kaleyra.io/v2/HXAP16XXXXXX97IN/whatsapp/+91XXXXXXXXXX/flows_encryption' \
--header 'api-key: Axxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx3' \
--header 'Content-Type: application/x-www-form-urlencoded' \

URL Parameters and Headers

Following is the list of parameters and headers to get the encryption public key:

ParameterData TypeDescriptionExampleMandatory?
sidStringAccount SID (Security Identifier).HXAP16XXXXXX97INYes
phone-numberStringThe business phone number used to send the WhatsApp Flow.+91XXXXXXXXXXYes
api-keyStringAPI key generated from Kaleyra platform account.Axxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx3Yes
Content-TypeStringIndicates the format of the content the API will be processing.The only allowed value is application/x-www-form-urlencodedYes

Sample Success Response

The following success message appears with 200 Accepted:

{
    "code": "WA-200",
    "message": "Request Processed Successfully",
    "data": [
        {
            "business_public_key": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQXXXXXXXXXXEFAACgKCAQEAtIpc/A4k/2P1V25kEa8wSJ+YrYN17XXXXXX1w7hTvMDMdZG3/Bvy5XXXXXIl12pD2Hr34gIosHYAgGvXXXXXX8iGpiI3PaitEauteJ5GslJ6YUn6kyzdhz869EWbBTP9XXXXXXYvWQiIgNVScgxpS3MOar3VDSksJdcM+6XkflzNzGsXXXXXXDXauxGBtOQJno2iRnobKek7l+UTkz/WS1Lw1W5qpfnVig46fOUEamdjHlMUULp1M6XXXXXXXXXXHaHTGhe8TzdguiYY735bmi0XXXXXXXXXXoorqNMjsfVyoNFeIugZABeZLJ50H+gkHMYtWKuE7wpF+tCSpT3DXXXXXX4Q\n-----END PUBLIC KEY-----",
            "business_public_key_signature_status": "VALID"
        }
    ],
    "error": {}
}

Sample Failure Response

The following are the failure responses:

401 Unauthorized
{
    "code": "RBC001",
    "message": "Incorrect SID or API key.",
    "data": [],
    "error": {
        "error": "Incorrect SID or API key."
    }
}
401 Wrong account
{
    "code": "WA-401",
    "message": "API is not available for given customer.Please contact support for more info",
    "data": {},
    "error": "API is not available for given customer.Please contact support for more info"
}
400 Incorrect payload
{
    "code": "WA-400",
    "message": "Refer to correct payload format",
    "data": {},
    "error": {
        "payload": "Incorrect payload format"
    }
}
500 Internal Server Error
{
    "code": "WA-500",
    "message": "Please try again later",
    "data": {},
    "error": {
        "error": "Internal server error"
    }
}