Introduction

Security

We will use hybrid encryption/decryption methods for decrypting requests and encrypting responses and vice versa. For this the two parties have to share the public keys with each other. An API key provided by the nuclei team to the partner team in order to identify the source of the request which mandatorily needs to be added in the header of each request.

IP whitelisting needs to be done at Nuclei’s end, partners need to share their UAT and Production IPs. HTTPS protocol scheme will be used for all APIs in order to secure the communication. The following section will describe the encryption and decryption process in more detail.