Key Directory API
The SDK exchanges public keys through your backend, DropOnAir never stores encryption keys. Your backend must expose two endpoints that the SDK calls automatically. Publish requests include a stable deviceId, and multi-device clients should prefer a deviceKeys response.
Publish my public key
PUT
{keyDirectoryEndpoint}/me Called automatically by the SDK on every connect(). Body:
{ "publicKey": "BASE64_X25519_PUBLIC_KEY", "deviceId": "ios-abc-123" }Fetch recipient keys
GET
{keyDirectoryEndpoint}/{userId}Preferred multi-device response:
{
"deviceKeys": [
{ "deviceId": "ios-abc-123", "publicKey": "BASE64_X25519_PUBLIC_KEY" },
{ "deviceId": "web-def-456", "publicKey": "BASE64_X25519_PUBLIC_KEY" }
]
}Legacy single-device fallback, still accepted by older client paths:
{ "publicKey": "BASE64_X25519_PUBLIC_KEY" }Spring Boot example
@RestController
@RequestMapping("/api/droponair/keys")
public class KeyDirectoryController {
@PutMapping("/me")
public ResponseEntity<Void> publishKey(@AuthenticationPrincipal UserPrincipal user,
@RequestBody Map<String, String> body) {
keyStore.save(user.getId(), body.get("deviceId"), body.get("publicKey"));
return ResponseEntity.ok().build();
}
@GetMapping("/{userId}")
public Map<String, Object> getKeys(@PathVariable String userId) {
var deviceKeys = keyStore.list(userId).stream()
.map(key -> Map.of("deviceId", key.deviceId(), "publicKey", key.publicKey()))
.toList();
return Map.of("deviceKeys", deviceKeys);
}
}