This guide will be removed on April 29, 2022. Please use our new, easier-to-use Toast technical documentation site. All updated content is on the new site.

Public keys

A Toast public key for partner API authentication is an X.509 Public Key encoded in DER in PEM format.

The following example shows the public key string in the JSON response from the usermgmt/v1/oauth/token_key endpoint. The JSON value named value contains the public key string. The key string in this example is not functional.

Example public key for partner API authentication

{1
   "alg":"SHA256withRSA",2
   "value":"-----BEGIN PUBLIC KEY-----\nnub\nvwIDAhqhkiG9w0BAQEJ9tKko/3jXqdzI/NO4n3
sAt0WZjpyovan2xPIkCv2z\nuaBBVUrOiJ6JeoJ9tKko/3jXqdzI/NO4nsLW5wq5UrPXsvbdXLZzMhu3b3
sNmFJ9tKko/3jX5AEBaf5vXZCOfBVFnWnhLX61/KkI2dxwhS7fkxnjQ8wlfrh4tp3fKjDkI\nMgxTk1teh
fWY0O3mKyKtnYvqvDSRvsZ03URzyEPddVYDYZjpyovan2xPypKRvBlxz\nxhM74p8dOhEp6zAh4pENVNyp
o+xVj/7Ko9Ie3fKjDkI\nMgxTk1tehCcNP1G/8UK\nE6oPta6r3e1Fi77K\nE6oPta66HP5KCur3mf3jQ6
Qc99xVQ8wlfrh4tp56yjRnub\nvwIDAQAB\n-----END PUBLIC KEY-----\n"
}

1

The /oauth/token_key endpoint returns a JSON object that contains multiple values. One of the values provides the public key string.

2

The alg value indicates the encryption algorithm used for the public key.

3

The value value includes the public key string. You can use the string supplied in the value value to validate the authentication tokens in a Toast platform gift card transaction request.