DropOnAir™

Key Directory API

The SDK exchanges public keys through your backend, DropOnAir never stores encryption keys. Your backend must expose two endpoints that the SDK calls automatically.

Publish my public key

PUT{keyDirectoryEndpoint}/me

Called automatically by the SDK on every connect(). Body:

{ "publicKey": "BASE64_X25519_PUBLIC_KEY" }

Fetch recipient's public key

GET{keyDirectoryEndpoint}/{userId}

Called before the first sendMessage() to a new recipient. Expected response:

{ "publicKey": "BASE64_X25519_PUBLIC_KEY" }

Spring Boot example

@RestController
@RequestMapping("/api/droponair/keys")
public class KeyDirectoryController {

  @PutMapping("/me")
  public ResponseEntity<Void> publishKey(@AuthenticationPrincipal UserPrincipal user,
                                               @RequestBody Map<String, String> body) {
    keyStore.save(user.getId(), body.get("publicKey"));
    return ResponseEntity.ok().build();
  }

  @GetMapping("/{userId}")
  public Map<String, String> getKey(@PathVariable String userId) {
    return Map.of("publicKey", keyStore.get(userId));
  }
}