Signature
Signature Guide
The signature is a crucial component in ensuring the integrity and authenticity of the data exchanged between your application and Pleenk. By computing a signature, we can verify that the data has not been tampered with and that it originates from a trusted source.
- Signature verification (Webhook)
- Signature computing (Widget & API)
Signature Workflow
%%{init: {
"theme": "base",
"themeVariables": {
"primaryColor": "#2424a3",
"primaryBorderColor": "#2424a3",
"primaryTextColor": "#ffffff",
"lineColor": "#2424a3",
"textColor": "#111111",
"fontSize": "16px",
"edgeLabelBackground": "#eef1ff"
},
"flowchart": {
"nodeSpacing": 90,
"rankSpacing": 90,
"htmlLabels": true,
"curve": "basis"
}
}}%%
sequenceDiagram
participant Marketplace
participant Pleenk
actor User
Marketplace-->>Marketplace: Generate key pair
Marketplace->>Pleenk: Transmit public key
Marketplace-->>Marketplace: Generate widget link (pay, sell, approve) <br> and sign with Marketplace private key
Marketplace->>User: Display widget link
User-->>User: Open widget link
User->>Pleenk: Redirect to Pleenk
Pleenk-->>Pleenk: Authenticate and verify link <br> using Marketplace public key
Pleenk->>Marketplace: Notify Marketplace via webhook<br>sign payload with Pleenk private key
Marketplace-->>Marketplace: Authenticate Pleenk and verify<br>using Pleenk public keyUpdated 13 days ago