A digital signature is a mathematical scheme for verifying the authenticity of digital messages or documents. In the context of licensing, it is obviously paramount for any client/device communicating with the SLASCONE API, to validate the data integrity of the message, i.e., that the message was not altered in transit.
SIGNATURE AND RESPONSE HEADER
The response header contains the property x-slascone-signature. This signature is generated based on the content of the response body.
Once a client receives a SLASCONE API response, it needs to validate it. The validation is based on the header x-slascone-signature. Visit our GitHub code examples for more information.
SLASCONE employs RSA-SHA256 asymmetric encryption. The public key required for the validation can be obtained either as a pem file or an xml string in the Administration area of your environment. Depending on your programming language, it might be more convenient to use the pem file, or the xml string.
SECURING YOUR SECRETS
Make sure to securely manage your secrets as described here.