Skip to main content
POST
/
api
/
v1
/
kms
/
keys
/
{keyId}
/
verify
cURL
curl --request POST \
  --url https://us.infisical.com/api/v1/kms/keys/{keyId}/verify \
  --header 'Content-Type: application/json' \
  --data '
{
  "data": "<string>",
  "signature": "<string>",
  "isDigest": false
}
'
{
  "signatureValid": true,
  "keyId": "3c90c3cc-0d44-4b50-8888-8dd25736052a"
}

Path Parameters

keyId
string<uuid>
required

The ID of the key to verify the data with.

Body

application/json
data
string
required

The data in string format to be verified (base64 encoded). For data larger than 1MB you must first create a digest of the data and then pass the digest in the data parameter.

signature
string
required

The signature to be verified (base64 encoded).

signingAlgorithm
enum<string>
required
Available options:
RSASSA_PSS_SHA_512,
RSASSA_PSS_SHA_384,
RSASSA_PSS_SHA_256,
RSASSA_PKCS1_V1_5_SHA_512,
RSASSA_PKCS1_V1_5_SHA_384,
RSASSA_PKCS1_V1_5_SHA_256,
ECDSA_SHA_512,
ECDSA_SHA_384,
ECDSA_SHA_256,
ML_DSA_44,
ML_DSA_65,
ML_DSA_87
isDigest
boolean
default:false

Whether the data is already digested or not.

Response

Default Response

signatureValid
boolean
required
keyId
string<uuid>
required
signingAlgorithm
enum<string>
required
Available options:
RSASSA_PSS_SHA_512,
RSASSA_PSS_SHA_384,
RSASSA_PSS_SHA_256,
RSASSA_PKCS1_V1_5_SHA_512,
RSASSA_PKCS1_V1_5_SHA_384,
RSASSA_PKCS1_V1_5_SHA_256,
ECDSA_SHA_512,
ECDSA_SHA_384,
ECDSA_SHA_256,
ML_DSA_44,
ML_DSA_65,
ML_DSA_87