getPublicKey: eBay Notification API | eBay Developers Program

GET/public_key/{public_key_id}

This method allows users to retrieve a public key using a specified key ID. The public key that is returned in the response payload is used to process and validate eBay notifications.

The public key ID, which is a required request parameter for this method, is retrieved from the Base64-encoded X-EBAY-SIGNATURE header that is included in the eBay notification.

Important! The retrieved public key value should be cached for a temporary — but reasonable — amount of time (e.g., one-hour is recommended.) This key should not be requested for every notification since doing so can result in exceeding API call limits if a large number of notification requests is received.

Note: For more details about how to process eBay push notifications and validate notification message payloads, see the Notification API overview.

Input

Resource URI

GET https://api.ebay.com/commerce/notification/v1/public_key/{public_key_id}

This method is supported in Sandbox environment. To access the endpoint, just replace the api.ebay.com root URI with api.sandbox.ebay.com

URI parameters

Parameter	Type	Description
public_key_id	string	The unique key ID that is used to retrieve the public key. Note: This is retrieved from the X-EBAY-SIGNATURE header that is included with the push notification. Occurrence: Required

HTTP request headers

All requests made to eBay REST operations require you to provide the Authorization HTTP header for authentication authorization.

All other standard RESTful request headers are optional. For more information on standard RESTful request headers, see the HTTP request headers- opens rest request components page table.

OAuth scope

This request requires an access token created with the client credentials grant flow, using one or more scopes from the following list (please check your Application Keys page for a list of OAuth scopes available to your application):

https://api.ebay.com/oauth/api_scope

See OAuth access tokens for more information.

Request payload

This call has no payload.

Request fields

This call has no field definitions.

Output

HTTP response headers

This call has no response headers.

Response payload

Copy complete valid JSON to clipboard

{ /* PublicKey */

"algorithm" : "string",

"digest" : "string",

"key" : "string"

}

Response fields

Output container/field	Type	Description
algorithm	string	The algorithm associated with the public key that is returned, such as Elliptic Curve Digital Signature Algorithm (ECDSA). Occurrence: Always
digest	string	The digest associated with the public key that is returned, such as Secure Hash Algorithm 1 (SHA1). Occurrence: Always
key	string	The public key that is returned for the specified key ID. This value is used to validate the eBay push notification message payload. Occurrence: Always

Output container/field

Type

Description

algorithm

string

The algorithm associated with the public key that is returned, such as Elliptic Curve Digital Signature Algorithm (ECDSA).

Occurrence: Always

digest

string

The digest associated with the public key that is returned, such as Secure Hash Algorithm 1 (SHA1).

Occurrence: Always

key

string

The public key that is returned for the specified key ID.

This value is used to validate the eBay push notification message payload.

Occurrence: Always

HTTP status codes

This call can return one of the following HTTP status codes. For an overview of the status codes, see HTTP status codes in Using eBay RESTful APIs.

Status	Meaning
200	OK
404	Not Found
500	Internal Server Error

Error codes

For more on errors, plus the codes of other common errors, see Handling errors.

Code	Domain	Category	Meaning
195000	API_NOTIFICATION	APPLICATION	There was a problem with an eBay internal system or process. Contact eBay developer support for assistance.
195001	API_NOTIFICATION	REQUEST	The specified key id is invalid.

Warnings

This call has no warnings.

Samples

This call has no samples.