Skip to main content

Documentation Portal

Authenticating Notifications

Global-e sends notifications to merchants or platforms, upon completion of asynchronous operations, detected errors, and other cases.

To secure the notifications issued by Global-e to merchants and ensure that only the addressee receiving can read them, Global-e uses the JWT authorization method. Each API call from Global-e to the merchant URL will also include the authorization token in the header.

Global-e provides the merchants with a public key. Private and public keys are used to encrypt and decrypt the data. The private key is kept on the Global-e side, and the public key is shared with the Platform side to receive the notifications. The same public key is used for all merchants.

Merchants authenticating Global-e calls with JWT (Global-e > Merchant calls)

  1. Global-e provides a public key to the merchant. See below.

  2. The global-e integration engineer enables the MAS JWTAuthEnabled parameter to be TRUE for all endpoints.

  3. The merchant sets authentication by issuing API calls using the authenticating token provided as input and encrypted format.

Global-e Public Keys

Global-e provides two public keys for merchants: One for the test environment and one for production. All merchants use the same public keys.

The following are the public keys:

  • Public key in test environments - used for STAGING, QA, and QA-INT environment

    -----BEGIN PUBLIC KEY-----
    MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAujqbO2V/DFfpdcvDV6vP iRc6UE4wPHGa85OiELnNnmXVQmncE+NJsTugRqDWpxmQU7wrMRP0cQ2SHRWCx7Qq lW1Mcp/t/t6aktb06fCh3K7X9zMpwwjNHOaeim6vTDdhbx+orVU57lK2AE7NHjiD pNfF7ovojCtdHZwDdP0ExOxl5zCPF86s8u7Y1rci7W5iULwkSGmdu/Bz5k5YKgOA hUY+OzWny21Ue9CyTNOgiDfJEbmWM+z5YZOQdII9oDYJ9xd3u46Lfujp8QK3IUxB NgsAoVtOyVL10l5JjEjgK1L1TXXFlFuoeN+NAGNKmmBlCZfinTBGnpluGaSFkk8+ ZwIDAQAB 
    -----END PUBLIC KEY----- 
  • Production Public Key

    -----BEGIN PUBLIC KEY----- 
    MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvC4ttxBBCcR4v3uxR7QQ 3BsUU09GJZPg9SEQrB/DGoEdKcMNY2v1QUE0VKsqMk+YYRd7cS2WrENN8RPlQyye gudZGk39WgeZC2lEP76aT/pMwDpPCdXAhwEyd5p73aM/EZYkdIhdCVMf1YbGHWBh NbIRb0ZVOrN1Wvmitnuzej7ZNbMwuA3OMB4piYq2vPynhrJ9v4AdFjFaKLQp72Ql YSuL+5YxSuqVr1xHo9FODGxAu5rz3h/1imDW61aF1lskIy54HFnvsu1hEFeOYcZP cfDU4cFLCnfQy0YJMsy6bugMJ3e7pddh+2B1JysvGhHvWzL2FkTDVfA5bMpPMSay 1QIDAQAB
    -----END PUBLIC KEY------- 

Note

This authentication is currently supported only for SFCC.