Splitit Side: Downloading Encrypted Credentials

For security reasons, your organization may require you to download your credentials from Splitit in a PGP-encrypted format. In order to accomplish this, you will need to provide Splitit with a public key that it can use to encrypt them. You can then decrypt the downloaded credentials on your system with your matching private key.

Things to know:

It is recommended that you rotate your key(s) periodically, i.e. every three to six months
Splitit uses the most recent (non-expired) PGP public key on your account to encrypt your credentials (make sure to not have duplicates or empty expiration dates)
The credentials are signed using Splitit's private key assigned to you
For any debugging or support, please preserve the response header x-splitit-traceid

Instructions

Authentication

Begin by authenticating to the Splitit ID server, using the instructions here. You'll receive a token in the response.

Provide a Public Key

Add the token from step 1 in your header, then call Rotate Public Key and provide a PGP public key that you have generated on your system. The body to send is as follows:

{
  "OwnerCode": "string", // provided by Splitit support
  "Usage": [
    "ClientCredentials"
  ],
  "Type": "Pgp",
  "PublicKey": "{a PGP public key you generated}",
  "ExpirationUtc": "2024-07-06T15:46:26.409Z" // When you'd like your key to expire (if you don't set this, a default value will be set by Splitit)
}

Your encrypted and signed credentials should now be downloadable

Instructions​

Authentication​

Provide a Public Key​

Instructions

Authentication

Provide a Public Key