- Unified Checkout
- Click to Pay Drop-In UI
On This Page
REST API
Validating the JSON Web Token
When the system has returned the transient JWT, validate the token's authenticity. Retrieve the
public key signature that is part of the transient JWT and compare that signature with
the public key returned from
Cybersource
.Follow these steps to validate the key:
- Retrieve the public key ID (kid) from the transient JWT header.
- Retrieve the public key fromCybersource.
- Validate the public key signature.