Skip to content
SSHVerify Docs

Quickstart

This quickstart creates a project, creates an API key, creates a session, and sends the generated SSH command to a user.

1. Create a project

Section titled “1. Create a project”

Open the SSHVerify app, sign in, and create a project. Projects separate sessions and API keys, so choose a name that matches the application, environment, or customer you are integrating with.

2. Create an API key

Section titled “2. Create an API key”

Open the project settings and create an API key. Store the key securely; it can manage collection and verification sessions for that project.

You can check that the key works with:

Terminal window
curl https://sshverify.com/api/v1/auth/info/ \
  -H "x-api-key: <api-key>"

3. Create a collection session

Section titled “3. Create a collection session”

Use a collection session when you want to receive the public keys offered by a user’s SSH client.

Terminal window
curl https://sshverify.com/api/v1/ssh/collect/sessions/ \
  -H "content-type: application/json" \
  -H "x-api-key: <api-key>" \
  -d '{
    "external_id": "user_123",
    "multi_key": true,
    "multi_connection": false,
    "must_confirm": false
  }'

The response includes connection_identifier. Share the generated SSH command from the app, or build it with the identifier:

Terminal window
ssh <connection_identifier>@sshverify.com

4. Create a verification session

Section titled “4. Create a verification session”

Use a verification session when you already know which public key should be proved.

Terminal window
curl https://sshverify.com/api/v1/ssh/verify/sessions/ \
  -H "content-type: application/json" \
  -H "x-api-key: <api-key>" \
  -d '{
    "external_id": "user_123",
    "multi_key": true,
    "multi_connection": false,
    "match_all_keys": false,
    "max_attempts": 3,
    "must_confirm": false,
    "keys": [
      {
        "name": "Work laptop",
        "external_id": "device_abc",
        "public_key": "ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAA..."
      }
    ]
  }'

The session becomes verified when the user connects with a matching private key.

5. Inspect results

Section titled “5. Inspect results”

After the user connects, open the session in the app or fetch it from the API:

Terminal window
curl https://sshverify.com/api/v1/ssh/collect/sessions/<session-id>/ \
  -H "x-api-key: <api-key>"

For automation, add a webhook so your system receives new_connection, key, verification, and status events without polling.