Skip to main content

Proof keys

To restrict public access to your data, you must configure a secure request exchange between Filez Docs Platform and the integrator.

The integrator must verify that incoming requests are sent by the Filez Docs Platform service. Filez Docs Platform signs requests with a private key. The corresponding public key is published in the proof-key element of the WOPI discovery XML. The integrator uses the public key to verify the signature. The signature is included with every request in the X-WOPI-Proof and X-WOPI-ProofOld HTTP headers.

For details, see Microsoft’s official documentation: Proof keys.

The Filez Docs Platform service reads the public/private key files from:

  • /opt/srv/zdocs/dist/data/wopi_public_key.pem
  • /opt/srv/zdocs/dist/data/wopi_private_key.pem

By default, no keys are provided. To enable WOPI, an administrator must configure these keys.

Last updated on