Keys Page

Webhooks Keys:

  1. ProofSpace calls third-party service:

  • An interaction webhook can be called while the user performs an interaction. It contains information on current interaction and requested credentials from a client, and may return information on the credentials that should be issued.

  • A credential check webhook can be configured to perform validation of credentials outside ProofSpace (such as the check that the hash is present in the blockchain or checking the root authority of the certificate). 

2. Third-party service calls ProofSpace:

  • Credential issue webhook is called by the third-party service to issue credentials via ProofSpace service backend.

For more information, visit

Because webhooks send data to public URLs, incorrect or random data may be sent by anyone. To prevent this case, each request should be signed and verified by the keys that both parties provide to each other.







Webhook keys

Three types of keys can be used on this platform to sign and verify webhook requests: "RSA keypair" (private and public), "SHA secret," and "RSA-public key."

The "SHA secret" key type is used to sign and verify the Bearer Token.

"RSA Public Key" is used only to verify incoming webhook requests from third-party systems. 

The "RSA keypair" is used to sign the outgoing webhook requests with a private key and verify them by the third-party system with a public key from the pair.

ProofSpace agent and third-party system should exchange public keys and SHA secrets (if used) before integration to be able to verify webhook requests. 

Please note that the key type "SHA secret" can be used only in the auth type "Bearer Token".


Add a webhook key

To set up webhook keys, click the "Keys" tab in the main menu, and then click the "Webhook keys" tab on the "Keys" page.

Click the "Add" button. The "Add webhook authentication key" popup window will appear.

Setup webhook key

Fill in the "Name" field with any convenient key identifier.

Choose a key type from the drop-down list.

If "SHA secret" was selected, in the "SHA secret" box, enter the key that you and your partner will use to sign and verify the bearer token.

Check the "Set as default for incoming webhook requests" checkbox if this key will be used as the default key for incoming webhook requests.

If "RSA public key" was selected, in the "Public key" box, enter the public key, provided by the third-party system for subsequent webhook requests' verification.

Check the "Set as default for incoming webhook requests" checkbox if this key will be used as the default key for incoming webhook requests.







The default RSA key pair, consisting of public and private keys, is generated automatically when the service is created. You can find it by navigating to the “Key” tab in the main menu, selecting “Webhook keys”, and then clicking on “Default."




To create a new RSA key pair, click the "Generate" icon under the "Key type" field. Alternatively, you can insert public and private keys generated elsewhere into the corresponding fields."

Click "Submit."


Delete Webhook key

To delete a webhook key, click the "Delete" icon on the corresponding key line.


To add a JSON LD key, navigate to the "JSON LD" tab on the "Key" page and click on it. Then, click the "Add" button. In the popup window that appears, enter a name for the key and click "Generate."