This endpoint allows you to retrieve detailed information about a specific signing key using its unique key id. While the private key is not returned for security reasons, you'll be able to see the key's creation date, status, and other associated metadata. This endpoint also returns the workspaceId and publicKey in the response.
Usage: Generating a JWT token
In the response, you will receive the workspaceId and publicKey associated with the signing key. With the publicKey and the privateKey obtained from the "Create a Signing Key" endpoint, you can generate a JSON Web Token (JWT) using the RS256 algorithm. This token can be utilized for accessing private media assets, GIFs, thumbnails, and spritesheets.
Payload:
{
"kid": "359302ee-2446-4afe-9348-8b4656b9ddb1",
"aud": "media:6cee6f85-9334-4a51-9ce3-e0241d94ceef",
"iss": "fastpix.io",
"sub": "",
"iat": 1706703204,
"exp": 1735626783
}
- kid: The key ID of the signing key.
- aud: The audience for which the token is intended.
- iss: The issuer of the token (e.g., "fastpix.io").
- sub: The subject of the token, typically representing the user or entity the token is issued for. In this case, use the workspaceId fetched from the "Get Signing Key by ID" endpoint.
- groups: An array of groups the subject belongs to (e.g., ["user"]).
- iat: The issued-at timestamp, indicating when the token was created.
- exp: The expiration timestamp, indicating when the token will no longer be valid.
Use case scenario
Use case: A developer is unsure about the status of a signing key they created months ago and wants to verify whether it's still in use or has expired.
Detailed example: You’re working on a streaming platform and realize you haven’t checked the status of a signing key that was used for playback access several months ago. By fetching the key details using its ID, you can confirm whether it’s still active, when it was created, and if it’s nearing expiration. This allows you to plan a rotation or deactivation if needed.