--- page_source: https://juspay.io/in/docs/upi-plugin-direct-psp/android/resources/generating-the-signature page_title: Generating the JWS Signature --- # Generating the JWS Signature --- The signature for a request payload is generated using the RS256**** JWS algorithm, which involves signing the JSON payload with the private key. ## **1. Generating the RSA Key Pair** To get started, merchant must securely generate a 2048 bit RSA Public Private Key pair on their servers inside a crypto vault and share the Public Key (KeyFormat-PEM) with Juspay during onboarding. Private key must be then securely kept in a crypto vault on the merchant servers which should never flow to the client. The below command generates a private key file **private-key.pem** #### private-key.pem Code Snippet: ```private-key.pem {"success":false,"message":"No Data found for the given path"} ``` The below command generates a public key file **public-key.pem** for the private key file generated via above command #### public-key.pem Code Snippet: ```public-key.pem {"success":false,"message":"No Data found for the given path"} ``` ## **2. Signing the Payload** | Algorithm | Format | |---|---| | RSA-SHA256 | HEX; base 64 encoded | The_signaturePayload_ needs to be signed after converting it to String using the Private key stored on the merchant server. And this signature has to be in **Base 64 encoded format.** Refer : **Code snippet to generate signature** > **Warning** > The JSON payload converted to a string that is to be signed, which makes a signature, should exactly be the same as the string that is to be passed in the signature payload field. On executing this code by replacing the private key, payload, and KID, a response containing the signature, payload, and protected data is generated. These elements make up the json of the process payload. The sample response from the codes is as attached.Refer : Sample Output > **Note** > The response returned by the Javascript code is to be passed in the request while making the process call.The response returned by the Java code contains a token. When split the token on the period ('.') delimiters, the following components are returned. ## Sample Code Snippets: ### Code snippet to generate signature: #### java Code Snippet: ```java {"success":false,"message":"No Data found for the given path"} ``` #### javascript Code Snippet: ```javascript {"success":false,"message":"No Data found for the given path"} ``` ### Sample output: #### java: ```java {"success":false,"message":"No Data found for the given path"} ``` #### javascript: ```javascript {"success":false,"message":"No Data found for the given path"} ```