Skip to main content


This method allows users to retrieve a public key using a specified key ID. The public key that is returned in the response payload is used to process and validate eBay notifications.

The public key ID, which is a required request parameter for this method, is retrieved from the Base64-encoded X-EBAY-SIGNATURE header that is included in the eBay notification.

Important! The retrieved public key value should be cached for a temporary — but reasonable — amount of time (e.g., one-hour is recommended.) This key should not be requested for every notification since doing so can result in exceeding API call limits if a large number of notification requests is received.

Note: For more details about how to process eBay push notifications and validate notification message payloads, see the Notification API overview.


Resource URI


This method is not supported in Sandbox environment.

URI parameters

public_key_idstringThe unique key ID that is used to retrieve the public key.

Note: This is retrieved from the X-EBAY-SIGNATURE header that is included with the push notification.

Occurrence: Required

HTTP request headers

All requests made to eBay REST operations require you to provide the Authorization HTTP header for authentication authorization.

All other standard RESTful request headers are optional. For more information on standard RESTful request headers, see the HTTP request headers- opens rest request components page table.

OAuth scope

This request requires an access token created with the client credentials grant flow, using one or more scopes from the following list (please check your Application Keys page for a list of OAuth scopes available to your application):

See OAuth access tokens for more information.

Request payload

This call has no payload.

Request fields

This call has no field definitions.


HTTP response headers

This call has no response headers.

Response payload

{ /* PublicKey */
"digest" : "string",
"key" : "string"

Response fields

Output container/fieldTypeDescription

The algorithm associated with the public key that is returned, such as Elliptic Curve Digital Signature Algorithm (ECDSA).

Occurrence: Always


The digest associated with the public key that is returned, such as Secure Hash Algorithm 1 (SHA1).

Occurrence: Always


The public key that is returned for the specified key ID.

This value is used to validate the eBay push notification message payload.

Occurrence: Always

HTTP status codes

This call can return one of the following HTTP status codes. For an overview of the status codes, see HTTP status codes in Using eBay RESTful APIs.

404Not Found
500Internal Server Error

Error codes

For more on errors, plus the codes of other common errors, see Handling errors.

195000API_NOTIFICATIONAPPLICATIONThere was a problem with an eBay internal system or process. Contact eBay developer support for assistance.
195001API_NOTIFICATIONREQUESTThe specified key id is invalid.


This call has no warnings.


New to making API calls? Please see Making a Call.

Note: Identifiers, such as order IDs or user IDs, and personal data in these samples might be anonymized or may no longer be active on eBay. If necessary, substitute current, relevant eBay data in your requests.

Sample 1: Retrieve a Public Key

This sample retrieves a public key using a specified key ID.


The input is public_key_id.



If the call is successful, the public key is returned for the specified key ID.