Get Public Key
GET
/web/v1/secure-channel/public-key NoneRetrieves the current RSA public key used for establishing secure channel encryption. This is a public endpoint that does not require authentication, as clients need the public key before they can create encrypted sessions.
Required Headers
| Header | Example Value | Description |
|---|---|---|
| Content-Type | application/json | Request content type |
| Accept | application/json | Expected response type |
| X-Client-Hash | Client device fingerprint | |
| Accept-Language | en, zh, zh-Hant, ja, vi | Response language (default: en) |
Request Parameters
No request parameters required.
Success Response
Success 200
{
"version": "1.3.0",
"timestamp": 1709337600000,
"success": true,
"code": "2000",
"message": "SUCCESS",
"data": {
"keyId": "rsa-key-2026-03-21",
"publicKey": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA...",
"algorithm": "RSA-OAEP-2048",
"keySize": 2048,
"createdAt": "2026-03-21T00:00:00Z",
"expiresAt": null
}
}Error Responses
Internal Server Error 500
{
"success": false,
"code": "5000",
"message": "Failed to retrieve public key"
}Notes
- The
publicKeyfield contains a Base64-encoded RSA public key in PKCS#8/X.509 DER format. - The
keyIdmust be included in subsequent session creation requests so the server knows which key pair to use for decryption. - If
expiresAtisnull, the key does not expire. - Usage flow: (1) Get public key, (2) Generate AES session key, (3) Encrypt AES key with RSA public key, (4) Create session with encrypted keys.