Overview
Calls
- •signup
- •getsalt
- •login
- cors•user/lookup
- cors•<user>/pgp_keys.asc
- •key/add
- •key/fetch
- •session/killall
- •sig/next_seqno
- •sig/post
- •sig/post_auth
- cors•merkle/root
- cors•merkle/block
Other details
sig/post
session required | ||
POST | https://keybase.io/_/api/1.0/sig/post.json
|
|
SAMPLE PARAMS |
sig : "----- BEGIN PGP MESSAGE ----- ..."
remote_username : "maxtaco" # Or "remote_hostname" if a generic web site
type : "web_service_binding.twitter" # "web_service_binding.generic"
|
|
SAMPLE OUTPUT |
{
"status" : {
"code" : 0,
"name" : "OK"
},
"proof_text": "Verifying myself: I am maxtaco on Key...",
"sig_id": "2232c5e872bce853606daae410ea3516999539c79...",
"proof_id": "24be5e265b1ff1be02a70310",
"payload_hash": "c450220f5235fcb646a66dfb4225dd65334...",
"csrf_token": "lgHZIDVhMjYwOTQ3OTM5OGNhODljYzRhNzQ1M..."
}
|
sig/post
Post a signature announcement to the server. Signature types supported: proofs (Twitter, GitHub, Reddit, Hacker News, generic web sites, etc.), key self-signatures, and bitcoin address announcements.
Signature Payload
The payload of the signature contains the usual elements of other Keybase signatures. It's easiest to see the fields by example:
{
"body" : {
"client" : {
"name" : "keybase.io web",
"version" : "0.0.2"
},
"key" : {
"host" : "keybase.io",
"kid" : "01013e38849abc98273491a2...",
"uid" : "8f92574deebe4e7fde4aa9b7...",
"username" : "max",
},
"service" : {
"name" : "twitter",
"username" : "maxtaco"
},
"type" : "web_service_binding",
"version" : 1,
},
"ctime" : 1396309471,
"expire_in" : 157680000,
"seqno" : 4,
"prev" : "4ca4ce5d632a9cbcb7eb67a18a107...",
"tag" : "signature"
}
All signature packets should have a ctime
, expire_in
,
prev
, seqno
, tag
, and body
at the top level.
The first two fields contain the creation time (in UTC) and an expiration in seconds.
The prev
and seqno
point to the previous public signature the user
made; see the sig/next_seqno endpoint for a convenient way to retrieve these from
the server. The tag
field is set for all signatures to be "signature"
.
In the future, there might be other payload tag types.
The body
object contains the meat of what is being signed:
body.client
--- Optional, for the user to keep track of which client generated the signature.body.key
--- Mandatory, a description of the key and user signing the object.body.service
--- Mandatory for Twitter, Github and generic web site verifications. For Twitter and GitHub, the service object is as shown. For web sites, the service object contains two name-value pairs forprotocol
andhostname
.body.type
--- For positive proofs of Web identities, this field is always"web_service_binding"
.body.version
---1
or2
, depending on what version of signature is in use.
This JSON object should be sorted, and then signed with the referenced key, and then PGP-armored. The result
is sent to the server in the sig
param.
The output of the call is a JSON object, containing the proof text that should be posted, the internal IDs of the signature and proof, and the hash of the PGP signature's payload (ignoring header comments and checksum). The other fields are standards.