Batch verify with one or more public keys.

  • Published on Jul 22, 2025
  • 1 minute(s) read
Prev Next
Post
/crypto/v1/keys/batch/verify

The order of batch items in the response matches that of the request. An individual status code is returned for each batch item.

Security
HTTP
Type bearer
API Key: apiKeyAuth
Header parameter nameAuthorization
Body parameters
Array of object
object
key

Uniquely identifies a persisted or transient sobject.

OneOf
SobjectDescriptorVariantKid
object (SobjectDescriptorVariantKid)
kid
string (uuid) Required
SobjectDescriptorVariantName
object (SobjectDescriptorVariantName)
name
string Required
Max length4096
Pattern^[^\n]*[^\s\n][^\n]*$
SobjectDescriptorVariantTransientKey
object (SobjectDescriptorVariantTransientKey)
transient_key
string (byte) Required
SobjectDescriptorVariantInline
object (SobjectDescriptorVariantInline)
inline
object Required
value
string (byte) Required
obj_type
string Required

Type of security object.

Valid values[ "AES", "ARIA", "DES", "DES3", "SEED", "RSA", "DSA", "EC", "KCDSA", "ECKCDSA", "BIP32", "BLS", "OPAQUE", "HMAC", "LEDABETA", "ROUND5BETA", "SECRET", "LMS", "XMSS", "MLDSA", "MLDSABETA", "MLKEM", "MLKEMBETA", "CERTIFICATE", "PBE" ]
hash_alg
string

A hash algorithm.

Valid values[ "BLAKE2B256", "BLAKE2B384", "BLAKE2B512", "BLAKE2S256", "RIPEMD160", "SSL3", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512", "STREEBOG256", "STREEBOG512", "SHA3_224", "SHA3_256", "SHA3_384", "SHA3_512" ]
hash
string (byte)

The hash of the data on which the signature is being verified. Either hash or data should be specified; it is an error to specify both or none. Hash should be base64 encoded.

data
string (byte)

The data on which the signature is being verified. Either hash or data should be specified; it is an error to specify both or none. Data should be base64 encoded.

mode

Signature mechanism

OneOf
object
OneOf
RsaSignaturePaddingVariantPss
object (RsaSignaturePaddingVariantPss)
PSS
object Required
mgf

Specifies the Mask Generating Function (MGF) to use.

OneOf
MgfVariantMgf1
object (MgfVariantMgf1)
mgf1
object Required
hash
string Required

A hash algorithm.

Valid values[ "BLAKE2B256", "BLAKE2B384", "BLAKE2B512", "BLAKE2S256", "RIPEMD160", "SSL3", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512", "STREEBOG256", "STREEBOG512", "SHA3_224", "SHA3_256", "SHA3_384", "SHA3_512" ]
RsaSignaturePaddingVariantPkcs1V15
object (RsaSignaturePaddingVariantPkcs1V15)
PKCS1_V15
object Required
signature
string (byte) Required

The signature to verify

context
string (byte)

The context parameter to be provided to the verify algorithm.

Currently only ML-DSA keys accept a context parameter; this parameter must not be specified for any other key types.

Responses
2XX

Success result

Expand All
Array
OneOf
BatchVerifyResponseItemSuccess
object (BatchVerifyResponseItemSuccess)
status
integer
body
object
kid
string (uuid) | null

The ID of the key used for verification. Returned for non-transient keys.

result
boolean

True if the signature verified and false if it did not.

BatchVerifyResponseItemError
object (BatchVerifyResponseItemError)
status
integer
error
string