Get Public Key

GET/web/v1/secure-channel/public-keyNone

Retrieves the current RSA public key used for establishing secure channel encryption. This is a public endpoint that does not require authentication, as clients need the public key before they can create encrypted sessions.

Authentication

Auth Chain: None — this is a public endpoint. No JWT or Turnstile required.

Request Parameters

No request parameters required.

Success Response

Success200

{
  "version": "1.3.0",
  "timestamp": 1709337600000,
  "success": true,
  "code": "2000",
  "message": "SUCCESS",
  "data": {
    "keyId": "rsa-key-2026-03-21",
    "publicKey": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA...",
    "algorithm": "RSA-OAEP-2048",
    "keySize": 2048,
    "createdAt": "2026-03-21T00:00:00Z",
    "expiresAt": null
  }
}

Error Responses

Internal Server Error500

{
  "success": false,
  "code": "5000",
  "message": "Failed to retrieve public key"
}

Notes

The publicKey field contains a Base64-encoded RSA public key in PKCS#8/X.509 DER format.
The keyId must be included in subsequent session creation requests so the server knows which key pair to use for decryption.
If expiresAt is null, the key does not expire.
Usage flow: (1) Get public key, (2) Generate AES session key, (3) Encrypt AES key with RSA public key, (4) Create session with encrypted keys.

Get Public Key ​

Authentication ​

Request Parameters ​

Success Response ​

Error Responses ​