Overview

To interact with the API, you will need an API Key and a Private Key, both of which are used to compile a JWT for authentication.
Please note that all API calls must be authenticated.
Below is a brief overview of the authentication process:
  1. Generate a new key pair for Elliptic Curve Digital Signature Algorithm (ECDSA) with NIST curve P-256
  2. Generate your API Key and API Secret at the Mansa platform
  3. Create JWT tokens for API authentication
  4. Make authenticated API calls

Key Generation

1. Generate a New ES256 Key Pair

For macOS and most Linux distributions, OpenSSL is typically pre-installed. Windows users need to install OpenSSL. We recommend using the version bundled with Git for Windows (https://gitforwindows.org). To create your key pair, open the terminal (Git Bash for Windows users), and enter the following command: 
openssl ecparam -genkey -name prime256v1 -noout -out myPrivateKeyPair.pem
Next, run this command to extract the public key: 
openssl ec -in myPrivateKeyPair.pem -pubout -out myPublicKeyPair.pem
Make sure to keep your private key secure and never share it with anyone, including Mansa.

2. Generate Your API Keys

You can obtain your API Keys through the Mansa platform. As a result, you will receive three strings required for authentication: API Key, API Secret and Issuer. Follow these steps:
  1. Log in to the Mansa Platform
  2. Go to Settings >> Users
  3. Click on “Invite User”
  4. Choose “API User” and fill out the necessary information (you will need the previously generated public key)
NOTE: Ensure that you provide only the actual public key in the “Public Key” field. Do not include any additional text such as the wrapping identifiers (e.g., -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY-----).
  1. Copy the generated keys and the issuer, and store them in a safe place
  2. Click on “Finish”