Skip to end of metadata
Go to start of metadata

This document describes the specification for the security protocol implemented by various MaaS services. The security protocol includes information about request authentication as well as encryption/decryption of request and/or response data.





Advanced Encryption Standard (AES) is the cipher used for encryption and decryption.


Cipher-block chaining (CBC) is a mode of operation whereby each block depends on the previous block.

Initialization Vector

The initialization vector is used by the block cipher to provide randomness to the output ciphertext.

Access Key

A unique key that identifies the client making the request. This key is used to get the additional keys used for request signing and encryption. To obtain this key, see Steps to Obtain Keys.

Signature Key

A unique key used to sign requests, check request authorization and check data integrity. To obtain this key, see Steps to Obtain Keys.

Encryption Key

A key used to encrypt and decrypt data exchanged between the client and the server. To obtain this key, contact your Phunware representative.


This is a specification for padding the input data when using a block cipher so that the input length is divisible by the block size.

Steps to Obtain Keys

To obtain an application's access key or signature key, log into using the appropriate credentials. YOUR ACCOUNT will display: 

If you've been provisioned access to multiple organizations in the MaaS portal, click the grey "Switch" button at the upper left corner of the screen and type in the name of the application's containing organization:

The YOUR APPLICATIONS page will display. Click "Show Keys" beneath the application you'd like to get keys for. 

A panel like the below will display:


  • No labels