PGP Prerequisites
Some endpoints in Nium's API have prerequisites that your integration needs to comply with before you can use them. These prerequisites are in place for compliance and security purposes.
Specifically, the following APIs require a PGP key (a GPG key using RSA encryption) before you can take advantage of them.
Security
Our APIs use the HTTPS protocol and require a PGP key that your integration needs to include in its requests, and you need to share with Nium.
When you share the PGP key with us, Nium approves and adds your IP address to our allowlist to make sure Nium is the only communicating party when these requests get used.
API action | Description |
---|---|
API request |
|
API response |
|
Generate PGP keys
To generate a public and private PGP key for the above requests, take the following steps. These steps generate the keys using Git Bash on Windows.
See the following table for a complete list of the commands used.
PGP commands
Action | Command |
---|---|
Generate a PGP key | gpg --full-generate-key |
List PGP secret keys | gpg --list-secret-keys |
Export public key | gpg --output clientfile-public.key --armor --export [[email protected]](mailto:[email protected]) |
Export private key | gpg --output clientfile-secret.key --armor --export-secret-key [[email protected]](mailto:[email protected]) |
Step 1: Use the generate PGP key command
Run the gpg---full-generate-key
command.
Step 2: Set the key type
Use 1
to set the type of the generated public and private key to RSA.
Step 3: Set the key length
Set the length of the PGP keys. We recommend setting the length of the keys to 2048
bits.
Step 4: Set expiration time
Set how many days the keys will be valid for. Nium recommends using 0
so the keys don't expire.
Step 5: Enter key owner details
Details requested include:
- Name of the key owner
- Email address of the key owner
- Any additional comments for your future reference
Step 6: Set a passphrase
Set a passphrase for the private PGP key.
Step 7: List the key
List the generated keys using the gpg --list-secret-keys
command.
Export PGP keys
Once you've generated a pair of PGP keys, take the following steps to export the keys.
Step 1: Export your public PGP key
Run the $gpg --output company-pgp-public-key.key --armor --export [email protected]
command to export your public key.
Running the command creates a file in your home directory with the title company-pgp-public-key.key
.
Step 2: Export your private PGP key
Run the $gpg --output company-pgp-private-key.key --armor --export-secret-key [email protected]
command to begin exporting your private key.
When prompted, enter the passphrase you set to export the private key.
Entering your passphrase creates a file in your home directory with the title company-pgp-private-key.key
.
Step 3: Contact Nium to import the PGP key
Reach out to your Nium account manager or Nium support with your PGP keys ready to share.
Our team will configure the keys in our API with your client
resource to encrypt and decrypt the relevant requests and responses.
Updated 5 months ago