JWSDecodedHeader

A decoded JSON Web Signature (JWS) header.

Declaration

object JWSDecodedHeader

Properties

Name	Type	Description
`alg`	`alg`	The algorithm the App Store uses for signing the JSON Web Signature (JWS).
`x5c`	`x5c`	An array that contains the X.509 certificate chain, which you use to verify the public key that the App Store uses to sign the JWS.

Mentioned in

Responding to real-time retention messaging requests

Discussion

The type RealtimeRequestBody contains a header that’s a JWSDecodedHeader object when decoded. Use the information in the JWSDecodedHeader to validate the JWS signature of the request body. For more information about validating signatures, see the JSON Web Signature (JWS) IETF RFC 7515 specification.

The signature uses the x5c certificate chain, in the following order:

A certificate that contains the public key that corresponds to the key the App Store uses to digitally sign the JWS. Section 4.11.10 Mac App Store Receipt Signing Certificates of the Apple Inc. Certificate Practice Statement Worldwide Developer Relations document defines the custom extensions this certificate uses.
An Apple intermediate certificate that contains an extension with the extension ID for Apple Worldwide Developer Relations (1.2.840.113635.100.6.2.1).
An Apple root certificate.

For more information, or to download Apple’s root certificate, see Apple PKI.

JWSDecodedHeader

Declaration

Properties

Mentioned in

Discussion

See Also

Real-time request header