Key exchange process

During the onboarding process, we will create specific api-key and api-secret keys that will allow you to configure your webhooks. We will share those keys with you through a key exchange process.

The steps of this process are as follows:

  1. From Pomelo, we create the api-key and api-secret keys.
  1. You create your public-private key pair:
  1. You send us your public key public.pem.
  2. We encrypt the credentials we generated in step 1 using your public key.
  1. We send you the encrypted credentials.
  2. You decrypt the credentials with your private key private.pem.
  1. You save the api-secret key in a secure location accessible only by your application to use it when validating the signature.

Did you find the content of this document helpful?