The Google Spectrum Access System (SAS) Portal API uses JSON Web Tokens (JWTs) in two ways:
- To aid with Certified Professional Installer (CPI) identity validation.
- To allow non-CPIs to help install Citizens Broadband Radio Service Devices (CBSDs) that require CPI installation.
During CPI identity validation, the CPI must create a JWT from a secret generated by the SAS Portal API. In this case, the CPI uses their private key to create the JWT.
Alternatively, non-CPIs can use the SAS Portal API to create a device configuration from a JWT created by a CPI. In this case, the JWT contains CBSD registration parameters, and the CPI uses their private key to create the JWT.
The JSON Web Signature (JWS) standard is defined in RFC 7515, and the SAS Portal API supports the ES256 and RS256 signature algorithms.
What's next
- To get an overview of the SAS Portal API, see Google SAS Portal API overview.
- For information about each API, see Customers API and Device Manager API.
- For examples of how to use the API, see API code samples.
- For reference documentation, see APIs and reference.