Developer Programs
Vendor Integration Program (VIP)
Direct access to Jack Henry's technical integration resources.
Technical Account Manager (TAM)
Get technical integration help from a single point of contact.
Learn
Shared Responsibility
Learn about shared roles and responsibilities of customers and Jack Henry in open banking.
Developer Use Cases
Find a use case that fits your development needs.
Developer Video Gallery
Watch the latest demos, webinars, and more.
Developer Conference
Connect with industry leaders, gain insights from expert speakers, and explore our latest innovations.
Docs
Admin API
Create solutions for an institution's back office support tools.
Authentication Framework
Map customer identities to your existing system IDs.
Consumer API
Access financial data for user accounts, transactions, and more.
Data Broker
Get deeper access to financial institution data.
Enterprise Event System
Respond to events in real-time using this powerful pub/sub-based solution.
jXchange - REST API
Translate business information between Jack Henry and third-party applications using a REST-based API.
jXchange - SOAP API
Translate business information between Jack Henry and third-party applications using a SOAP-based API.
Operational Data Integration (ODI)
Get customized queries for bulk data needs.
Payments
Embed check deposits, ACH, bill pay, cards, and real-time payments.
Plugin Framework
Embed the best of the fintech world directly into your user's dashboard.
SymXchange
Query Symitar core member accounts, post transactions, run PowerOn scripts, and more.
Xperience
Modern UI that provides consistent visual integration across Jack Henry products.

Public Key + Private Key

Admin API > Overview > Authentication > Public Key + Private Key

Part of the authentication process requires managing a Public Key + Private Key pair.

Private key

The Private Key remains solely in your possession and must be kept secret. This is what you will use to create the signed JSON Web Token (JWT) when authenticating with the API.

You’ll know that you are viewing a Private Key if the content begins with:

-----BEGIN PRIVATE KEY-----
[content omitted]
-----END PRIVATE KEY-----

Security considerations

Don't
Do not share the Private Key via unsecured channels (e.g. email or instant messaging).
Don't

It is important to keep the Private Key secret and not leak it through some kind of frontend, client-accessible JavaScript call.

Similarly, do not commit the Private Key to your source code repository.

Public key

The Public Key is configured as part of an External Application in the Users & Groups app within Banno. The back office administrator at your financial institution can do this for you in the Users & Groups section of Banno.

You’ll know that you are viewing a Public Key if the content looks like this:

-----BEGIN PUBLIC KEY-----
[content omitted]
-----END PUBLIC KEY-----

Security considerations

The Public Key is used to verify that API requests which claim to be from your External Application do in fact originate from your application.

Generating a public key + private key pair

You can generate the Public Key + Private Key pair in various ways on different platforms. One option is to use OpenSSL.

Note that the key size should be at least 2048 bits.

Step 1. Create the private key

Command Line
openssl genpkey -algorithm RSA -out private.pem

External Resource:

Step 2. Create the public key in .PEM format

Command Line
openssl rsa -in private.pem -outform PEM -pubout -out public.pem

External Resource:

The Public Key, in .pem format, is a text file and can be viewed with a text editor.

You may need to configure your text editor to open .pem formatted files.

Have a Question?
Have a how-to question? Seeing a weird error? Get help on StackOverflow.
Register for the Digital Toolkit Meetup where we answer technical Q&A from the audience.
Last updated Mon Jul 17 2023