Fetch the public key, which you should use to validate incoming webhooks from Transcend. This value can be cached for 1 hour. Please refer to this guide for more information on how to verify webhooks with this public key.

GET

/public-keys/sombra-general-signing-key

Request Authorization

In your request headers, pass authorization: Bearer <<token>>.

If you're self-hosting Sombra, also add the request header x-sombra-authorization: Bearer <<sombraInternalKey>>. You can read more about request authorization here.

Response

200 (OK)

text/plain

A plaintext PEM-formatted public key, with key algorithm P-384 (ECDSA secp384r1)

Response Body Example

Sample response:

"-----BEGIN PUBLIC KEY-----\nMHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEjg6f5et3BPYEiWa8z8niFPZqEafH7WcE\n/fuoPzBG6S/4VCxDhZasu4uQZbNhmfzKkLZPCF5BIJRZqjtfU7/T/ZGNj/89L2aC\nk9nM6sc+KoNSrv/xlVMKFksVFnnhyGAf\n-----END PUBLIC KEY-----"

400 (Bad Request)

application/json

While this request passed authentication, the input is malformed. Please double-check that your code conforms to our API specification.

401 (Unauthorized)

application/json

There was a problem authenticating your request. This may be an issue with the Transcend API key ("authorization" header), or the Sombra API key ("x-sombra-authorization" header used for self-hosted gateways only).

429 (Too Many Requests)

application/json

You are sending requests too quickly and have hit our rate limit. If you hit this, you'll need to throttle your request velocity or try again later.

500 (Internal Server Error)

application/json

A 5xx error means there is either an issue with your self-hosted gateway, or a Transcend server is having issues. You check our system status at status.transcend.io. Please reach out to Transcend support if you're experiencing this error.

502 (Bad Gateway)

application/json

An upstream service on Transcend's side is having issues. You check our system status at status.transcend.io. Please reach out to Transcend support if you're experiencing this error.