Why do I use the Public Key when enroling cards?

The /card endpoint is the only one that uses the public key. That is because the web-SDK exposes the key in the JavaScript, and we do not want to expose your private key (which is used in all other API calls).

Allowing the use of the public key keeps all of your data safe, but still allows for PCI compliant and secure addition of cards into your program.

1 Like